CIS 377 Midterm Questions FA23 Nittin Raj

docx

School

Community College of Baltimore County *

*We aren’t endorsed by this school

Course

377

Subject

Computer Science

Date

Jan 9, 2024

Type

docx

Pages

Uploaded by ElderRiverKomodoDragon20

CIS 377 – Introduction to Cybersecurity Midterm Answer all questions 1. The first phase of risk management is _________. Risk Identification 2. A device (or a software program on a computer) that can monitor data traveling on a network is known as a _________ sniffer. Socket 3. True/False: Confidentiality ensures that only those with the rights and privileges to access information are able to do so. True 4. A technique used to compromise a system is known as a(n) ___________. Exploit 5. True/False: A worm may be able to deposit copies of itself onto all Web servers that the infected system can reach, so that users who subsequently visit those sites become infected. True 6. True/False: Risk control is the application of controls that reduce the risks to an organization’s information assets to an acceptable level. True 7. True/False: To determine if the risk to an information asset is acceptable or not, you estimate the expected loss the organization will incur if the risk is exploited. True 8. True/False Most computer criminals are not really "criminals". False 9. True/False: To determine if the risk to an information asset is acceptable or not, you estimate the expected loss the organization will incur if the risk is exploited. True 10. True/False: One form of e-mail attack that is also a DoS attack is called a mail bomb, in which an attacker overwhelms the receiver with excessive quantities of e-mail. Classification: Internal Classified as Confidential

True 11. True/False: During the early years of computing, the primary threats to security were physical theft of equipment, espionage against the products of the systems, and sabotage. True 12. True/False Malware is a generic term for software that has a malicious purpose. True 13. True/False The Health Insurance Portability and Accountability Act of 1996 requires government agencies to identify sensitive systems, conduct computer security training, and develop computer security plans. False 14. True/False: To achieve balance—that is, to operate an information system that satisfies the user and the security professional—the security level must allow reasonable access, yet protect against threats. True 15. True/False: Confidentiality ensures that only those with the rights and privileges to access information are able to do so. True ESSAY 16. What is the difference between vulnerability and exposure? Vulnerability is weakness that can lead to harm, while exposure is the weakness being taken advantage off by someone who isn’t authorized. 17. What are the three components of the C.I.A. triad? What are they used for? The three components of the C.I.A triad is Confidentiality, Integrity, and Availability. The triad is used for finding weaknesses and vulnerabilities as well as methods for creating a solution to these problems. 18. What is DRP? What is BCP? DRP, otherwise known as Disaster Recovery Plan, is a document that contains action plans for responding, dealing with, and recovering from disasters to IT operations. BCP, otherwise known as Business Continuity Plan, is a document that details the orginazation’s plan to prevent, respond, and recover from all kinds of threats. 19. List at least three methods to defend against cyberattacks. 1. Check the strength of your password Classification: Internal Classified as Confidential

2. Trust no one 3. Secure your device 20. Caesar cipher with a shift key of 5 Plaintext: INNER HARBOR IN BALTIMORE CITY Ciphertext: NSSJW MFWGTW NS GFQYNRTWJ HNYD Classification: Internal Classified as Confidential

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

Related Documents

Quiz1_Practice_InterestCalc.pdf

CS 305 Module Five Coding Assignment Checksum Verification_Rupert.docx

lab03_section_51.pdf

5-2CertGenerationRupert.docx

CIS 377 Midterm Questions FA23.docx

CIS 377 Final FA 23.docx

HW4 (2).pdf

ihlp-2022-question-paper-solved.pdf

Homework2_Solutions (1).pdf

Homework6_Solution (1).pdf

Homework5_Solution (1).pdf

Homework8_Solution (1).pdf

Recommended textbooks for you

Fundamentals of Information Systems

Computer Science

ISBN:9781337097536

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Principles of Information Systems (MindTap Course...

Computer Science

ISBN:9781305971776

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

MIS

Computer Science

ISBN:9781337681919

Author:BIDGOLI

Publisher:Cengage

Management Of Information Security

Computer Science

ISBN:9781337405713

Author:WHITMAN, Michael.

Publisher:Cengage Learning,

Principles of Information Systems (MindTap Course...

Computer Science

ISBN:9781285867168

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Principles of Information Security (MindTap Cours...

Computer Science

ISBN:9781337102063

Author:Michael E. Whitman, Herbert J. Mattord

Publisher:Cengage Learning

SEE MORE TEXTBOOKS

Recommended textbooks for you

Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
MIS
Computer Science
ISBN:9781337681919
Author:BIDGOLI
Publisher:Cengage
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning