Chapter 12

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which of the following statements is true of the financial losses due to computer security threats?

The financial losses faced by companies due to human error are enormous.

Which of the following refers to viruses that masquerade as useful programs?

Trojan horses

occurs when computer criminals invade a computer system and replace legitimate programs with their own unauthorized ones.

Usurpation

Which of the following statements is true of symmetric encryption?

With symmetric encryption, the same key is used for both encoding and decoding.

The procedure of entrusting a party with a copy of an encryption key that can be used in case the actual key is lost or destroyed is called

key escrow

A(n) ________ is a sophisticated, possibly long-running, computer hack that is perpetrated by large, well-funded organizations like governments.

Advanced Persistent Threat (APT)

are small files that browsers store on users' computers when they visit Web sites.

Cookies

Which of the following occurs when millions of bogus service requests flood a Web server and prevent it from servicing legitimate requests?

DOS attack

Which of the following statements is true about position sensitivity?

Documenting position sensitivity enables security personnel to prioritize their activities.

take computers with wireless connections through an area and search for unprotected wireless networks.

Drive-by sniffers

is the process of transforming clear text into coded, unintelligible text for secure storage or communication.

Encryption

The most secure communications over the Internet use a protocol called

HTTPS

Typically, a help-desk information system has answers to questions that only a true user would know. Which of the following statements is true of this information?

It helps authenticate a user.

includes viruses, worms, Trojan horses, spyware, and adware.

Malware

determine whether to pass each part of a message by examining its source address, destination addresses, and other such data.

Packet-filtering firewalls

With HTTPS, data are encrypted using a protocol called the

Secure Socket Layer (SSL)

is a technique for intercepting computer communications.

Sniffing

With HTTPS, data are encrypted using the Secure Socket Layer (SSL) protocol, which is also known as

Transport Layer Security (TLS)

Adware and spyware are similar to each other in that they both

are installed without a user's permission

A password ________ a user.

authenticates

Which of the following is an example of a data safeguard against security threats?

backup and recovery

Which of the following uses an individual's personal physical characteristics such as fingerprints, facial features, and retinal scans for verification purposes?

biometric authentication

During which of the following computer crimes does a password cracker try every possible combination of characters?

brute force attack

Backup and physical security are ________ against computer security threats.

data safeguards

Which of the following is a synonym for phishing?

email spoofing

Organizations should protect sensitive data by storing it in ________ form.

encrypted

Breaking into computers, servers, or networks to steal proprietary and confidential data is referred to as

hacking

Which of the following is a technical safeguard against security threats?

identification and authorization

A user name ________ a user.

identifies

In terms of password management, when an account is created, users should

immediately change the password they are given to a password of their own

A(n) ________ includes how employees should react to security problems, whom they should contact, the reports they should make, and steps they can take to reduce further loss.

incident-response plan

A(n) ________ is a computer program that senses when another computer is attempting to scan a disk or access a computer.

intrusion detection system

A(n) ________ sits outside an organizational network and is the first device that Internet traffic encounters.

perimeter firewall

Users of smart cards are required to enter a ________ to be authenticated.

personal identification number

A ________ pretends to be a legitimate company and sends emails requesting confidential data.

phisher

Mark receives an email from his bank asking him to update and verify his credit card details. He replies to the mail with all the requested details. Mark later learns that the mail was not actually sent by his bank and that the information he had shared has been misused. Mark is a victim of

phishing

Which of the following is a data safeguard against security threats?

physical security

A person calls the Stark residence and pretends to represent a credit card company. He asks Mrs. Stark to confirm her credit card number. This is an example of

pretexting

Which of the following is a human safeguard against security threats?

procedure design

The enforcement of security procedures and policies consists of three interdependent factors:

responsibility, accountability, and compliance

A(n) ________ is a measure that individuals or organizations take to block a threat from obtaining an asset.

safeguard

Activity log analyses constitute an important ________ function.

security monitoring

Which of the following is considered a personal security safeguard?

send no valuable data via email or IM

A ________ has a microchip that is loaded with identifying data.

smart card

Which of the following types of security loss is WikiLeaks an example of?

unauthorized data disclosure


Conjuntos de estudio relacionados

Prep U Chapter 34: Assessment and Management of Patients with Inflammatory Rheumatic Disorders

View Set

AP II_21007 Lect_ Chapter 17 Endocrine Sytem _ Tophat

View Set

RUC 1The Evolution of Nursing chap. 1

View Set

Micro Immunity-Specific, Non-specific, & Disorders

View Set

Lección 1 Estructura 1.1- ¿Singular o plural?

View Set