11.5: Assessment
True/False
Indicate whether the statement is true or false.
____ 1. Passive defense takes into consideration threat intelligence information that can covertly respond to threat information.
____ 2. Privacy-by-design provides standards for securely collecting and maintaining privacy information, beginning at the point of project initiation.
Multiple Choice
Identify the choice that best completes the statement or answers the question.
____ 3. Attacks continue to evolve. Which of the following is not one that was discussed in the presentation?
| a. APTs | c. Increased social engineering attacks |
| b. Increased attack surfaces associated with the Internet of Things | d. All are evolving threats |
____ 4. Which of the following is not a problem associated with the Internet of Things?
| a. Sensors might be placed in public locations where they are prone to tampering. | c. Protocols have been used for decades and so tend to be unreliable. |
| b. Small nature of the sensors makes them difficult to update, or patch, when a problem is found. | d. Security is not usually built into the devices, as they are considered disposable. |
Completion
Complete the sentence.
5. An attack in which the attacker has gained access and maintains access for long periods of time before detection is called a/an ________________________.
Short Answer
6. The lecture discussed data integrity attacks on power grid or water systems. Identify other critical services that may be vulnerable to a data integrity attack and discuss, generically, how the attack might occur.
7. Discuss at least one of the ethical or privacy issues associated with critical infrastructure protection.
For the answers to these questions, email your name, the name of your college or other institution, and your position there to info@cyberwatchwest.org . CyberWatch West will email you a copy of the answer key.