Final exam Intro to Cyber Security 2023 Questions

A company can discontinue or decide not to enter a line of business if the risk level is too high. This is categorized as - risk avoidance A __________ defines how a business gets back on its feet after a major disaster like a fire or hurricane. - DRP A _______ determines the extent of the impact that a particular incident would have on a business operations over time. - BIA A DOS attack is a coordinated attempt to deny service by causing a computer to prove to perform and unproductive task - True A blank examines the network layer address in routes packets based on rounding per called half determination decisions - Router A ________ gets priorities to the functions and organization needs to keep going - BCP A ________ is a software program that performs 1 of 2 functions brute force attack to gain unauthorized access to a system, or cover I of passwords stored in a computer system. - Password Cracker A ________ is a tool used to scan ip host devices for open ports that have been enabled - Port scanner Among common recovery location options, this is one that can take over operations quickly. It has all the equipment and data already staged at the location, though you may need to refresh or update the data. - Hot Site An attempt to exploit a vulnerability of a computer or network component is a definition of - Attack Any organization that is serious about security will view _______ as an ongoing process. - Risk management A protocol analyzer or ________ is a software program that enables the computer to monitor and capture network traffic. - Packet sniffer Assume that, there are a 100 users and organizations who use desktop P c's. The value of each PC is a $1000, which has an exposure factor of 2. Now, if the new ARO is 20, what will be the value of ALE for this organization. - $40,000 Assume that, there are 250 users and organization who use mobile phones. The value each phone is $500. In the past 2 years, the organization has lost an average of 20 phones a year. Which the following is correct: - SLE = 500; ALE = 10,000 Black hat hackers generally poke wholes and systems, but do not attempt to disclose ________ they fine to the ministry tors of those systems - vulnerabilities Connecting your computers or devices to the _______ amediately exposes and to attack - Internet Which term describes an action that can damage or compromise mass at? - Threat Encrypting data on storage devices or hard drives is a main strategy to ensure data integrity - False Bob's using a port scanner to identify open ports on a server in his environment. He is scanning a Web server that uses Hyper Text Transfer Protocol(http). Which port should Bob expect to be open to support this service? - 80 HTTP Is the communications protocol between Web browsers and Web sites with data in clear text. - True Assume that, there are a 100 users in an organization who use desktop P c's. The value of each PC is a $1000, which has an exposure factor of to. If you respect an event to occur, only once every 10 years, what will be the value of ALE for this organization. - $200 In a ________, the attacker sends a large number of packets requesting connections to the victim computer. - SYN flood In an incremental backup process, as the week progresses, the nightly backup takes about the same amount of time - True In popular usage and in the media, the term ________ often describe someone who breaks into a computer system without authorization. - hacker Blank is the amount of time it takes to recover and make a system, application, in data available for use after an outage. - RTO __________ is a practice of hiding data in keeping it away from unauthorized users. - Cryptography ________ is the proportion of value of a particular asset likely to be destroyed by a given risk, expressed as a percentage. - Exposure factor