Test Bank for Business Data Networks and Security 11th Edition by Raymond R. Panko – Complete Answers & Exam Prep | Latest edition.

@Aplusstuvia


Business Data Networks and Security, 11e (Panko)
Appendix: Managing the Security Process

1) The Target attackers probably first broke into Target using the credentials of a(n) ________.
A) low-level Target employee
B) Target IT employee
C) Target security employee
D) employee in a firm outside Target
Answer: D
Difficulty: Basic
Question: 1a
Objective: Discuss failures to stop the target breach.
AACSB: Applying Information Technology

2) Target received warnings during the attack. This happened ________.
A) on the vendor server
B) when the POS download server was compromised
C) when the exfiltration server was compromised
D) none of the above
Answer: C
Difficulty: Deeper
Question: 1e
Objective: Discuss failures to stop the target breach.
AACSB: Applying Information Technology

3) In a kill chain, ________.
A) stopping the attack at a single step stops the attack
B) stopping the attack at multiple steps stops the attack
C) stopping the attack at all steps stops the attack
D) none of the above
Answer: A
@


Difficulty: Basic
Question: 1f
Objective: Discuss failures to stop the target breach.
A


AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge

4) Security is primarily about ________.
pl


A) technology
B) planning
C) management
us


D) none of the above
Answer: C
Difficulty: Deeper
stu


Question: 1hh
Objective: Explain why security is about management more than technology.
AACSB: Applying Information Technology, Application of Knowledge
vi


1
Copyright © 2019 Pearson Education, Inc.
a


@Aplusstuvia @Aplusstuvia @Aplusstuvia

,@Aplusstuvia


5) Firewall operation takes place during the ________ phase.
A) plan
B) protect
C) response
D) none of the above
Answer: B
Difficulty: Basic
Question: 2a
Objective: Explain the Plan-Protect-Respond cycle.
AACSB: Applying Information Technology, Application of Knowledge

6) Which phase of the plan-protect-respond cycle takes the largest amount of work?
A) plan
B) protect
C) respond
D) The phases require about equal amounts of effort.
Answer: B
Difficulty: Deeper
Question: 2b
Objective: Explain the Plan-Protect-Respond cycle.
AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge

7) The goal of security is to eliminate risk.
Answer: FALSE
Difficulty: Basic
Question: 3a
Objective: Describe and apply major security planning principles.
AACSB: Applying Information Technology, Application of Knowledge

8) Balancing threats against protection costs is called ________.
A) economic justification
@


B) risk analysis
C) comprehensive security
D) The Illusion of Cost
A


Answer: B
Difficulty: Basic
Question: 3b
pl


Objective: Describe and apply major security planning principles.
AACSB: Applying Information Technology
us
stu
vi


2
Copyright © 2019 Pearson Education, Inc.
a


@Aplusstuvia @Aplusstuvia @Aplusstuvia

,@Aplusstuvia


9) Attackers only need to find a single weakness to break in. Consequently, companies must
________.
A) have comprehensive security
B) have insurance
C) do risk analysis
D) only give minimum permissions
Answer: A
Difficulty: Basic
Question: 4a
Objective: Describe and apply major security planning principles.
AACSB: Applying Information Technology

10) A building with some unlocked exterior doors most specifically violates the principle of
________.
A) network segmentation
B) protecting single points of takeover
C) comprehensive security
D) risk analysis
Answer: C
Difficulty: Basic
Question: 4b
Objective: Describe and apply major security planning principles.
AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge

11) An attacker must break through two firewalls to get to a host. This most specifically
illustrates the ________ principle.
A) comprehensive security
B) risk assurance
C) weakest link protection
D) defense in depth
Answer: D
@


Difficulty: Basic
Question: 5a
Objective: Describe and apply major security planning principles.
AACSB: Applying Information Technology
A


12) Vulnerabilities are occasionally found in even the best security products. Consequently,
pl


companies must specifically ________.
A) outsource security
B) have defense in depth
us


C) do risk analysis
D) only give minimum permissions
Answer: B
stu


Difficulty: Deeper
Question: 5b
Objective: Describe and apply major security planning principles.
AACSB: Applying Information Technology, Analytical Thinking, Application of Knowledge
vi


3
Copyright © 2019 Pearson Education, Inc.
a


@Aplusstuvia @Aplusstuvia @Aplusstuvia

, @Aplusstuvia



13) There is a single countermeasure in ________.
A) weakest links
B) defense in depth
C) both A and B
D) neither A nor B
Answer: A
Difficulty: Deeper
Question: 5c
Objective: Describe and apply major security planning principles.
AACSB: Applying Information Technology, Application of Knowledge

14) A central firewall management program that specifically pushes changes to firewalls is
________.
A) a weakest link
B) defense in depth
C) a single point of takeover
D) risk analysis thinking
Answer: C
Difficulty: Basic
Question: 6a
Objective: Describe and apply major security planning principles.
AACSB: Applying Information Technology, Application of Knowledge

15) Companies should ________ single points of takeover.
A) eliminate
B) give special attention to
C) minimize
D) authorize
Answer: B
Difficulty: Deeper
@


Question: 6b
Objective: Describe and apply major security planning principles.
AACSB: Applying Information Technology
A


16) Allowing a user access to edit files in a specific directory is an example of ________.
A) authentication
pl


B) authorizations
C) defense in depth
D) network segregation
us


Answer: B
Difficulty: Basic
Question: 7a
stu


Objective: Describe and apply major security planning principles.
AACSB: Applying Information Technology, Application of Knowledge
vi


4
Copyright © 2019 Pearson Education, Inc.
a


@Aplusstuvia @Aplusstuvia @Aplusstuvia