Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CTAINASL_Week 2
| Question | Answer |
|---|---|
| Employee and ex-employee threats are limited only to current workers who still have active employment contracts with the organization. | False. Employee and ex-employee threats include both current employees and former employees who may cause harm through data breaches, unauthorized access, fraud, sabotage, intellectual property theft, or disclosure of sensitive information. |
| A major reason employee threats are dangerous is that employees and ex-employees may already know the organization’s systems, processes, vulnerabilities, and weak points. | True. |
| If an employee accidentally exposes sensitive data because of carelessness or lack of awareness, this is still considered an insider threat. | True. |
| A malicious insider is mainly defined as an employee whose credentials were stolen by an outside attacker. | False. A malicious insider is an individual who intentionally abuses authorized access privileges for personal gain, while a compromised insider is someone whose credentials or access rights have been taken over by an external threat actor. |
| Data theft refers only to the physical stealing of computers, hard drives, and printed records. | False. Data theft means the unauthorized acquisition or disclosure of sensitive or confidential information, whether digital or physical. |
| Personally Identifiable Information may be used for identity theft, fraud, phishing attacks, or sale on the dark web if stolen. | True. |
| Financial information is less critical than other forms of sensitive data because it usually affects only individual customers and not organizations. | False. Theft of financial information can cause unauthorized transactions, fraudulent activities, account compromise, and financial losses for both individuals and organizations. |
| The theft of intellectual property can damage an organization even if no customer personal data is exposed. | True. |
| Stolen health information can be used for medical identity theft, insurance fraud, blackmail, or illegal sale. | True. |
| Confidential business data includes sales data, customer databases, marketing strategies, pricing information, supplier lists, strategic plans, and merger or acquisition details. | True. |
| Unauthorized access can involve digital systems, networks, cloud services, online accounts, IoT devices, or restricted physical spaces. | True. |
| Guessing or stealing a user’s login credentials to enter an organization’s computer system is an example of unauthorized access. | True. |
| Physical unauthorized access is harmless if the intruder does not touch any computers or digital systems. | False. Physical unauthorized access can lead to theft of assets, tampering with equipment, compromise of security systems, or harm to people in the area. |
| Network intrusion may allow an attacker to eavesdrop on traffic, intercept sensitive data, launch further attacks, or disable network services. | True. |
| Unauthorized access to cloud services may compromise data privacy, allow data deletion, manipulate application settings, or disrupt service availability. | True. |
| Unauthorized access to online banking accounts can lead to fraudulent transactions, theft of funds, access to personal information, and identity theft. | True. |
| Unauthorized access to IoT devices is not a serious organizational concern because IoT devices are usually isolated from other systems. | False. Compromised IoT devices can be used to spy, manipulate settings, control connected devices, or launch further attacks. |
| Sabotage is an intentional act meant to damage, disrupt, or harm organizational systems, operations, or resources. | True. |
| Manipulating or deleting critical data can cause inaccurate reporting, financial loss, operational disruption, poor decision making, and legal or regulatory consequences. | True. |
| Destroying physical equipment is not classified as sabotage if the organization has backups of its data. | False. Destroying servers, computers, network devices, or other essential assets is sabotage because it can still cause downtime, productivity loss, service disruption, and costly repairs or replacements. |
| A distributed denial-of-service attack can be considered sabotage because it can make networks or systems unavailable and disrupt services. | True. |
| Installing malware, viruses, or ransomware inside an organization can lead to data breaches, disruption of operations, financial losses, reputational damage, and further compromise. | True. |
| Tampering with operational processes can affect product quality, efficiency, waste levels, customer satisfaction, safety, and regulatory compliance. | True. |
| Insider espionage may involve leaking trade secrets, intellectual property, or sensitive information to competitors or external parties. | True. |
| Social engineering relies mainly on manipulating people into revealing information, performing actions, or granting unauthorized access. | True. |
| Phishing requires the attacker to physically follow an authorized person into a restricted area. | False. Phishing uses fraudulent emails or messages pretending to be from a trusted source to trick victims into clicking malicious links, opening infected attachments, or revealing sensitive information. |
| Pretexting involves creating a false scenario or identity to manipulate someone into giving sensitive information or access. | True. |
| Tailgating exploits human courtesy or weak access control by following closely behind an authorized person to enter a restricted area. | True. |
| Baiting may use infected USB drives or other physical devices placed in public or targeted areas to trick people into using them. | True. |
| Impersonation involves pretending to be someone else, such as a supervisor or higher-ranking colleague, to manipulate others into revealing information or performing actions. | True. |
| Shoulder surfing is a social engineering technique where a person directly observes someone entering passwords, PINs, or sensitive information. | True. |
| Financial gain, revenge or retaliation, misuse of privileges, and espionage are possible motivations behind employee threats. | True. |
| Unusual network traffic, repeated unauthorized access attempts, sudden lifestyle changes, and unexplained data loss may indicate suspicious employee behavior. | True. |
| Role-based access control reduces employee threat risk by restricting access to sensitive data according to job roles. | True. |
| Monitoring and logging are unnecessary if an organization already provides security awareness training. | False. Security awareness training educates employees, but monitoring and logging are still needed to track employee activities, detect suspicious behavior, and support investigations. |
| An incident response plan should establish procedures for responding to security incidents promptly. | True. |
| Ex-employee threat mitigation should include timely account deactivation, data recovery measures, and exit interviews. | True. |
| Timely account deactivation is important because former employees may still pose risks if their access privileges remain active after departure. | True. |
| Exit interviews can support security improvement by gathering feedback and insights from departing employees. | True. |
| A strong security culture depends only on one-time employee orientation and does not require regular assessments or updates. | False. A strong security culture requires regular security assessments, audits, incident response planning and testing, continuous monitoring, and updating of security measures. |
| The Edward Snowden case demonstrates how privileged access can be misused to disclose classified or sensitive information. | True. |
| In the case study incident, unauthorized access and data theft resulted in reputational damage, loss of customer trust, legal consequences, financial losses, and remediation costs. | True. |
| The lesson from the first case study is that employees should receive unrestricted access to sensitive information as long as they are trusted. | False. The lesson is to regularly review access controls, ensure employees access only information necessary for their roles, monitor suspicious activity, and enforce strict exit procedures. |
| Employee monitoring should be implemented with privacy considerations while still protecting sensitive data and critical systems. | True. |
| Strict exit procedures should revoke departing employees’ access and prevent them from accessing company systems or data after leaving. | True. |
| In the ex-employee intellectual property theft case, the former employee used knowledge of company systems and processes to access confidential research and development files. | True. |
| The ex-employee intellectual property theft case shows that threats end automatically once an employee resigns. | False. The case shows that former employees may still exploit knowledge of systems and processes, so organizations need offboarding, access revocation, monitoring, and intellectual property protection. |
| Employee offboarding should include surrendering access credentials, returning company-owned devices, and reminding employees of confidentiality and intellectual property obligations. | True. |
| Access controls, encryption, and data loss prevention mechanisms can help protect intellectual property from unauthorized access or theft. | True. |
| Proactive monitoring and an incident response plan are important because they help detect unusual activities and respond to potential threats or breaches. | True. |
Created by:
MamurMD