IEC 818
Quiz #3
Q1. In the largest criminal attack to date, (noted in the SANS warning about the Eastern European hackers) hackers were able exploit Windows NT vulnerabilities because
A. system operators have not patched their systems
B. regular security is not strong enough
C. they used social engineering to obtain the password from secretaries
D. they used MAC computers
Q2. IT Security. An axiom to follow.
A. Threat is directly related to the risk
B. Procedures have to always be followed according to the installation manuals
C. Good security procedures are facilitated by good products
D. Security is a process, not a product
Q3. Risk Management is a methodology for
A. assessing the potential of future events that can cause adverse effects
B. implementing cost-efficient strategies that can deal with these risks
C. A. & B.
D. assessing the potential of previous events that can cause adverse effects
Q4.
Controls over the human factor are called
social controls
and managing these controls is called
A. social engineering
B.
culture management
C. social security
D. human control security management
Q5. Social engineering, when it refers to IT security, means,
A. having security people from several multi-cultural backgrounds and societies
B. engineering the society reasons why criminals behave, and determining the risk
C. using social contacts
D. studying different societies in IT security
E. the set of techniques used to subvert systems by exploiting human nature