Which one of the following is not a type of social engineering attack?
Dumpster diving
Shoulder surfing
Trojan horse
Persuasion
Passwords are a part of which of the following processes?
Authentication
Searching
Authorization
Linking
Which of the following is a vulnerability?
Having a security system at work
Leaving a window open in a parked car
Hiring a security guard to work the night shift
Using a long password for the firewall
Which of the following is a threat?
Anything that can be used as a weapon
The likelihood of a robber getting caught
The likelihood that you will get attacked
Anything that can cause damage to assets
The three factors that are considered when analyzing the impact of a security breach are vulnerabilities, threats, and risk. An agent with the potential to cause a security breach is which of the following?
Vulnerability
Threat
Risk
Exploit
A weakness or flaw in the security of an asset that could be exploited is which of the following?
Vulnerability
Threat
Risk
Access
A(n) _________ system has a narrow attack surface that exposes as few attack vectors as possible.
operating
hardened
networked
proxy
Which of the following directs an administrator to assign a user account only the permissions and rights necessary to perform his or her assignment?
Principle of balanced authority
Principle of most privilege
Principle of least privilege
Principle of average authority
Which of the following organizations is a nonprofit foundation with the mission to improve software security by developing or sponsoring open-source software and training and education conferences worldwide?
IEEE
OWASP
Wi-Fi Alliance
OUI
Which three of the following are represented in the CIA Triad?