CH4 MIS 301 Exam 1 (2,3,4,5)
Hackers would use a botnet to perform a _________. DDoS a logic bomb a Trojan horse virus
DDoS
malware
Malicious software such as viruses and worms.
Careless Internet surfing is _________ and is an _________ mistake. a human error; intentional a human error; unintentional social engineering; intentional social engineering; unintentional
a human error; unintentional
You lose the company's USB with your sales spreadsheets on it. This is _________ and is an _________ mistake. a human error; intentional a human error; unintentional social engineering; intentional social engineering; unintentional
a human error; unintentional
Intellectual property
is the property created by individuals or corporations that is protected under trade secret, patent, and copyright laws.
authentication
A process that determines the identity of the person requiring access.
_________ is a deliberate act that involves defacing an organization's website, potentially damaging the organization's image and causing its customers to lose faith. Espionage Sabotage SCADA attacks Software attacks
Sabotage
_________ is an unintentional threat. Espionage Identity theft Social engineering Software attacks
Social engineering
_________ is pestware that users your computer as a launch pad for unsolicited e-mail, usually advertising for products and services. Adware Marketware Spamware Spyware
Spamware
Information extortion
occurs when an attacker either threatens to steal, or actually steals, information from a company
Espionage or trespass
occurs when an unauthorized individual attempts to gain illegal access to organizational information.
A(n) _________ to an information resource is any danger to which a system may be exposed. exposure risk threat vulnerability
threat
A(n) _________ network is any network within your organization; a(n) _________ network is any network external to your organization. trusted; trusted trusted; untrusted untrusted; trusted untrusted; untrusted
trusted; untrusted
Auditing _________ the computer means auditors check inputs, outputs, and processing. around into through with
through
A _________ is an intellectual work that is not based on public information. copyright patent trade secret trademark
trade secret
An information resource's _________ is the possibility that the system will be harmed by a threat. exposure risk threat vulnerability
vulnerability
If you have to speak into your phone to unlock it, this is an example of something the user _________. does has is knows
does
If humans are careless with laptops, this is an _________ error which could cause theft of equipment or information (an _________ error) . intentional; intentional intentional; unintentional unintentional; intentional unintentional; unintentional
unintentional; intentional
The _________ of an information resource is the harm, loss, or damage that can result if a threat compromises that resource. exposure risk threat vulnerability
exposure
A(n) _________ is a system that prevents a specific type of information from moving between untrusted networks and private networks. anti-malware system DMZ ERP firewall
firewall
A _________ site is a fully configured computer facility with all of the company's services, communication links, and physical plant operations. cold hot medium warm
hot
Typing in your password to access a system is an example of something the user _________. does has is knows
knows
Suppose your university automatically logs you off of a university computer after 15 minutes of disuse. This is an example of a(n) _________ control. access communication physical useful
physical
You purchased a copy of Microsoft Office and give a copy to a friend so he/she doesn't have to buy it too. This is _________ and is _________. piracy; legal piracy; illegal social engineering; legal social engineering; illegal
piracy; illegal
Intellectual property is NOT protected under _________ laws. copyright patent privacy trade secret
privacy
In public-key encryption, the _________ key is used for locking and the _________ key is used for unlocking. private; private private; public public; private public; public
public; private
access controls .
Controls that restrict unauthorized individuals from using information resources and are concerned with user identification
identity theft
Crime in which someone uses the personal information of others to create a false identity and then uses it fraudulently.
_________ is an access control. A company gate Encryption A firewall RFID
A firewall
alien software
Clandestine software that is installed on your computer through duplicitous methods.
A(n) _________ is located between two firewalls. anti-malware system DMZ ERP spamware detector
DMZ
_________ is the process of converting an original message into a form that cannot be read by anyone except the intended receiver. Authorization Blacklisting Encryption Firewalling
Encryption
_________ occurs when an unauthorized individual attempts to gain illegal access to organizational information. Alien software Espionage Identity theft Information extortion
Espionage
social engineering
Getting around security systems by tricking computer users inside a company into revealing sensitive information or gaining unauthorized access privileges.
Which of the following does NOT contribute to the increasing vulnerability of organizational information resources? Increasing skills necessary to be a computer hacker International organized crime taking over cybercrime Lack of management support Smaller, faster, cheaper computers and storage devices Today's interconnected, interdependent, wirelessly networked business environment
Increasing skills necessary to be a computer hacker
If a hacker takes control of equipment such as power grids or nuclear power plants, this is an example of a(n) _________ attack. alien software espionage SCADA virus
SCADA
You don't lock your computer when you go to the restroom. This is _________ and is an _________ mistake. a human error; intentional a human error; unintentional social engineering; intentional social engineering; unintentional
a human error; unintentional
You never wipe the dust off your computer. This is _________ and is an _________ mistake. a human error; intentional a human error; unintentional social engineering; intentional social engineering; unintentional
a human error; unintentional
You open an e-mail from your friend that looks a little odd, but you figure your friend would never send you anything bad. This is _________ and is an _________ mistake. a human error; intentional a human error; unintentional social engineering; intentional social engineering; unintentional
a human error; unintentional
Sabotage and vandalism
are deliberate acts that involve defacing an organization's website, potentially damaging the organization's image and causing its customers to lose faith
Piracy costs businesses _________ of dollars per year. hundreds millions billions trillions
billions
Authorization
determines which actions, rights, or privileges the person has, based on his or her verified identity
A _________ site is the least expensive option. cold hot medium warm
cold
A _________ site provides only rudimentary services and facilities. cold hot medium warm
cold
A _________ is a statutory grant that provides the creators or owners of intellectual property with ownership of the property for a designated period. copyright patent trade secret trademark
copyright
Auditing _________ the computer means using a combination of client data, auditor software, and client and auditor hardware. around into through with
with
five key factors are contributing to the increasing vulnerability of organizational information resources, making it much more difficult to secure them:
1.Today's interconnected, interdependent, wirelessly networked business environment 2.Smaller, faster, cheaper computers and storage devices 3.Decreasing skills necessary to be a computer hacker 4.International organized crime taking over cybercrime 5.Lack of management support
_________ is a physical control. A company gate Encryption A firewall VPN
A company gate
distributed denial of service (DDoS) attack
A denial of service attack that sends a flood of data packets from many compromised computers simultaneously.
risk mitigation
A process whereby an organization takes concrete actions against risks, such as implementing controls and developing a disaster recovery plan.
________ controls restrict unauthorized individuals from using information resources. Access Communications Physical Useful
Access
_________ controls restrict unauthorized individuals from using information resources. Access Communications Physical Useful
Access
Which of the following does NOT contribute to the increasing vulnerability of organizational information resources? Additional management support Decreasing skills necessary to be a computer hacker International organized crime taking over cybercrime Smaller, faster, cheaper computers and storage devices Today's interconnected, interdependent, wirelessly networked business environment
Additional management support
_________ refers to malicious acts in which attackers use a target's computer systems to cause physical, real-world harm or severe disruption, often to carry out a political agenda. A SCADA attack Cyberterrorism Espionage Identity theft
Cyberterrorism