Читать книгу Linux Security Fundamentals - David Higby Clinton - Страница 26

You can find the answers in the Appendix.

1 What best describes doxxing?Falsely and illegally directing law enforcement authorities toward a nonexistent crimePublicizing a target’s personal contact and location information without authorizationPersistent and unwanted monitoring and harassing of a targetA coordinated social media attack against an individual involving large numbers of attackers

2 What best describes cybermobbing?Publicizing a target’s personal contact and location information without authorizationFalsely and illegally directing law enforcement authorities toward a nonexistent crimeA coordinated social media attack against an individual involving large numbers of attackersPersistent and unwanted monitoring and harassing of a target

3 As an employer, which of the following are most likely to present legal liabilities for you and your organization? (Choose two.)Threatening comments posted by your employees on your organization’s websiteThreatening comments posted by your employees on their own social media accountsCriminal activity (like cyberstalking) launched by an employee using public resourcesCriminal activity (like cyberstalking) launched using your organization’s website resources (like a technical support forum)

4 Which of the following types of data should generally be considered personal and private? (Choose two.)The browser history on a user’s personal computerOld social media postsA consumer’s purchasing history with an online storeOfficial records of criminal trial proceedings

5 What elements are likely to be included in your “browser history”? (Choose two.)Transcripts of recent text message conversationsPasswords you’ve used for online application authenticationInformation about your computer and software profileInformation about the state of a past website session

6 Why should you be conscious and concerned about any of your personal data that the owners of online services and applications might control? (Choose two.)Because you could be prevented from accessing such information on your ownBecause it might be stolen by third parties and mined for information that might prove damaging to youBecause it might be sold to third parties or used by the services themselves in ways that infringe on your rightsBecause your information might change and updating remote databases can be time-consuming and inconvenient

7 What best describes the General Data Protection Regulation (GDPR)?It mandates the destruction of financial and health data as soon as an organization is no longer required to retain it.It mandates the retention of financial and civil records related to European Union government activities.It mandates the protection, privacy, and safety of healthcare-related data in the United States.It mandates the protection, privacy, and safety of personal data moving through EU territories.

8 Which of these is an industry (rather than government-mandated) regulatory framework?HIPAAPCI-DSSGDPRSarbanes-Oxley (SOX)

9 Why is it important to read an organization’s privacy policy if you intend to interact with their service? (Choose two.)To better understand the security and privacy safeguards built into the applicationTo be better able to predict the chances the organization might misuse or unnecessarily expose your dataTo better understand the true potential costs of using the service in questionTo understand how the organization might use your data

10 What best describes spoofing?Using an internet address (URL) that closely resembles a well-known, legitimate siteMisrepresenting the origin address within an email messageAttempting to trick individuals into revealing private informationSending unsolicited and often dishonest email messages

11 What best describes phishing?Using an internet address (URL) that closely resembles a well-known, legitimate siteSending unsolicited and often dishonest email messagesAttempting to trick individuals into revealing private informationMisrepresenting the origin address within an email message

12 What should you consider when assessing the value of the online information you encounter? (Choose two.)The reputation of the sourceWhether the information can be verified by third-party sourcesThe number of outbound links associated with the sourceThe presence of proper website encryption