BTE 210 Final Newest Version Actual Questions
and Answers 100% Correct (A+)
• information security -✓✓Protecting organization's information resources from
unauthorized access, use, disclosure, disruption, modification, or destruction
• threat -✓✓any danger to which a system may be exposed
• exposure -✓✓the harm, loss or damage that can result if a threat compromises that
resource
• vulnerability -✓✓the possibility that the system will suffer harm by a threat
• unintentional threats to IS -✓✓- human errors
- social engineering
• human errors -✓✓higher level employees + greater access = greater threat
• human error areas -✓✓- human resources
- information systems
- contract labor, consultants, janitors, and guards
• social engineering -✓✓attack where perpetrator uses social skills to trick or manipulate
employees for confidential information
• espionage -✓✓individual attempts to gain illegal access to organizational information
• information extortion -✓✓attacker demands money for
- not stealing info
- giving back info
- not to disclose stolen info
• sabotage -✓✓intruder maliciously alters a web page by inserting or substituting
provocative and frequently offending data
• theft -✓✓smaller equipment are easier to steal
,larger storage means more information lost
• dumpster diving -✓✓going through trash to find discarded info
• identity theft -✓✓pretending to be someone else to access financial info or to frame a
person of a crime
• phishing -✓✓impersonating a trusted organization in an electronic communication
• intellectual property -✓✓property created by individuals or coroporations
• trade secret -✓✓company secret, not public info
• patent -✓✓protect an invention or process for 20 years
• copyright -✓✓protects ownership of the property for the life of the creator
• user action -✓✓- virus
- worm
- phishing attack
- spear phishing attack
• without user action -✓✓- denial of service
- distrubuted DoS attack
• attack by programmers -✓✓- trojan horse
- back door
- logic bomb
• virus -✓✓attack by a host computer
• worm -✓✓can spread by itself
• spear phishing -✓✓phishing attack on a specific target
• denial of service (DoS) -✓✓bombarding and crashing a target computer with bogus
requests
• distributed dos attack -✓✓use to hacked computers to perform dos attack
• trojan horse -✓✓disguised as an innocent program
• back door -✓✓allows unauthorized access to the program or system, bypassing
security measures
, • logic bomb -✓✓dormant until activated at a certain date and time
• alien software -✓✓programs installed on a computer without user's consent or
knowledge
• alien software -✓✓- adware
- spyware
- spamware
- cookies
• adware -✓✓display pop-up advertisements on computer screens
• spyware -✓✓collects personal information about users without their consent
• spamware -✓✓creates a launchpad for sending out spam emails
• cookies -✓✓small files stored on a computer containing information about visited
websites
• scada (supervisor control and data acquisition) -✓✓systems control chemical,
physical, or transport processes
• cyberterrorism -✓✓attack via the internet to use a target's computer systems to cause
physical, real world harm
• risk -✓✓the probability that a threat will impact an information resource
• risk management -✓✓- identify
- control
- minimize
impact of threats
• risk analysis -✓✓- prioritize assets
- compare cost of security breach vs cost of control
• risk mitigation -✓✓- organization take concrete actions against risk
- implement controls and develop recovery plan
• risk acceptance -✓✓- accept the potential risk
and Answers 100% Correct (A+)
• information security -✓✓Protecting organization's information resources from
unauthorized access, use, disclosure, disruption, modification, or destruction
• threat -✓✓any danger to which a system may be exposed
• exposure -✓✓the harm, loss or damage that can result if a threat compromises that
resource
• vulnerability -✓✓the possibility that the system will suffer harm by a threat
• unintentional threats to IS -✓✓- human errors
- social engineering
• human errors -✓✓higher level employees + greater access = greater threat
• human error areas -✓✓- human resources
- information systems
- contract labor, consultants, janitors, and guards
• social engineering -✓✓attack where perpetrator uses social skills to trick or manipulate
employees for confidential information
• espionage -✓✓individual attempts to gain illegal access to organizational information
• information extortion -✓✓attacker demands money for
- not stealing info
- giving back info
- not to disclose stolen info
• sabotage -✓✓intruder maliciously alters a web page by inserting or substituting
provocative and frequently offending data
• theft -✓✓smaller equipment are easier to steal
,larger storage means more information lost
• dumpster diving -✓✓going through trash to find discarded info
• identity theft -✓✓pretending to be someone else to access financial info or to frame a
person of a crime
• phishing -✓✓impersonating a trusted organization in an electronic communication
• intellectual property -✓✓property created by individuals or coroporations
• trade secret -✓✓company secret, not public info
• patent -✓✓protect an invention or process for 20 years
• copyright -✓✓protects ownership of the property for the life of the creator
• user action -✓✓- virus
- worm
- phishing attack
- spear phishing attack
• without user action -✓✓- denial of service
- distrubuted DoS attack
• attack by programmers -✓✓- trojan horse
- back door
- logic bomb
• virus -✓✓attack by a host computer
• worm -✓✓can spread by itself
• spear phishing -✓✓phishing attack on a specific target
• denial of service (DoS) -✓✓bombarding and crashing a target computer with bogus
requests
• distributed dos attack -✓✓use to hacked computers to perform dos attack
• trojan horse -✓✓disguised as an innocent program
• back door -✓✓allows unauthorized access to the program or system, bypassing
security measures
, • logic bomb -✓✓dormant until activated at a certain date and time
• alien software -✓✓programs installed on a computer without user's consent or
knowledge
• alien software -✓✓- adware
- spyware
- spamware
- cookies
• adware -✓✓display pop-up advertisements on computer screens
• spyware -✓✓collects personal information about users without their consent
• spamware -✓✓creates a launchpad for sending out spam emails
• cookies -✓✓small files stored on a computer containing information about visited
websites
• scada (supervisor control and data acquisition) -✓✓systems control chemical,
physical, or transport processes
• cyberterrorism -✓✓attack via the internet to use a target's computer systems to cause
physical, real world harm
• risk -✓✓the probability that a threat will impact an information resource
• risk management -✓✓- identify
- control
- minimize
impact of threats
• risk analysis -✓✓- prioritize assets
- compare cost of security breach vs cost of control
• risk mitigation -✓✓- organization take concrete actions against risk
- implement controls and develop recovery plan
• risk acceptance -✓✓- accept the potential risk
