Name: ________________________ Class: ___________________ Date: __________

ID: A

Chapter1
True/False Indicate whether the statement is true or false. ____ ____ ____ ____ ____ 1. The demand for IT professionals who know how to secure networks and computers is at an all-time low. 2. Recent employment trends indicate that employees with security certifications are in high demand. 3. The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security. 4. Weakness in software can be more quickly uncovered and exploited with new software tools and techniques. 5. In a general sense, assurance may be defined as the necessary steps to protect a person or property from harm.

Multiple Choice Identify the choice that best completes the statement or answers the question. ____ 6. An information security ____ position focuses on the administration and management of plans, policies, and people. a. manager c. auditor b. engineer d. inspector 7. A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts. a. 10 to 14 c. 13 to 14 b. 12 to 15 d. 14 to 16 8. The position of ____ is generally an entry-level position for a person who has the necessary technical skills. a. security technician c. CISO b. security administrator d. security manager 9. ____ attacks are responsible for half of all malware delivered by Web advertising. a. Canadian Pharmacy c. Melissa b. Fake antivirus d. Slammer 10. Approximately ____ percent of households in the United States use the Internet for managing their finances. a. 60 c. 80 b. 70 d. 90 11. In a ____ attack, attackers can attackers use hundreds or thousands of computers in an attack against a single computer or network. a. centered c. remote b. local d. distributed 12. The term ____ is frequently used to describe the tasks of securing information that is in a digital format. a. network security c. physical security b. information security d. logical security 13. ____ ensures that only authorized parties can view information. a. Security c. Integrity b. Availability d. Confidentiality

____

____

____

____

____

____

____

Name: ________________________ ____ 26. What is another name for unsolicited e-mail messages? a. spam c. trash b. spawn d. scam Completion Complete each statement.

ID: A

27. _________________________ is focused on protecting the valuable electronic information of organizations and users. 28. Security ____________________ have both technical knowledge and managerial skills and analyze and design security solutions within a specific entity. 29. In a general sense, ____________________ may be defined as the necessary steps to protect a person or property from harm. 30. ____________________ provides tracking of events. 31. An example of a(n) ____________________ that information security must deal with is a software defect in an operating system that allows an unauthorized user to gain access to a computer without the users knowledge or permission. Matching Match the following terms to the appropriate definitions. a. asset f. risk b. cyberterrorism g. threat c. procedures h. threat agent d. exploit i. vulnerability e. computer spy ____ ____ ____ ____ ____ ____ ____ ____ ____ 32. 33. 34. 35. 36. 37. 38. 39. 40. the likelihood that a threat agent will exploit a vulnerability intended to cause panic, provoke violence, or result in a financial catastrophe a person or thing that has the power to carry out a threat a person who has been hired to break into a computer and steal information something that has value to take advantage of a vulnerability an event or action that might defeat security measures in place and result in a loss a weakness that allows a threat agent to bypass security plans and policies established by an organization to ensure that people correctly use the products

Short Answer 41. List and describe two of the four generally recognized security positions. 42. Why is the speed of attacks making the challenge of keeping computers secure more difficult? 43. Discuss why delays in patching are making information security more difficult. 44. List and describe three of the characteristics of information that must be protected by information security?