CSIS1010- Chp. 5 Quiz

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

According to Symantec, the number of data breaches in 2016 increased by ________ compared to 2015. A. 100% B. 20% C. 150% D. 15%

B. 20%

Which of the following statements is not true? A. The primary use of VPNs is to establish secure communications among business partners. B. A VPN uses a dedicated secure line. C. A VPN provides both confidentiality and integrity. D. A VPN uses both authentication and encryption.

B. A VPN uses a dedicated secure line.

To allow lower-level employees access to the corporate network while preventing them from accessing private human resources documents, you would use: A. An authorization policy. B. An authorization management system. C. Security tokens. D. Access controls.

B. An authorization management system

All of the following are examples of social/mobile peer-to-peer payment systems except: A. Square Cash. B. Bill Me Later. C. Venmo. D. Google Wallet.

B. Bill Me Later

Which of the following is not an example of a PUP? A. Browser parasite B. Drive-by download C. Adware D. Spyware

B. Drive-by download

A ________ is hardware or software that acts as a filter to prevent unwanted packets from entering a network. A. PPTP B. Firewall C. Virtual private network D. Proxy server

B. Firewall

The overall rate of online credit card fraud is ________ of all online card transactions. A. Around 10% B. Less than 1% C. Around 15% D. Around 5%

B. Less than 1%

Asymmetric key cryptography is also known as: A. PGP. B. Public key cryptography. C. Secret key cryptography. D. PKI.

B. Public key cryptography

Conficker is an example of a: A. Botnet. B. Worm. C. Trojan horse. D. Virus.

B. Worm

All of the following statements about Apple Pay are true except which of the following? A. Apple Pay is based on Touch ID biometric fingerprint scanning. B. Apple Pay can be used for mobile payments at the point of sale at a physical store. C. Apple Pay is subject to regulations issued by the Bureau of Consumer Financial Protection applicable to GPR transactions. D. Apple Pay relies on NFC chip technology.

C. Apple Pay is subject to regulations issued by the Bureau of Consumer Financial Protection applicable to GPR transactions.

According to Ponemon Institute's 2017 survey, which of the following was not among the causes of the most costly cybercrimes? A. Malicious code B. Denial of service .C. Botnets D. Malicious insiders

C. Botnets

________ is the ability to identify the person or entity with whom you are dealing on the Internet. A. Availability B. Nonrepudiation C. Integrity D. Authenticity

D. Authenticity

Face ID is an example of which of the following? A. Encryption B. IDS C. Firewall D. Biometrics

D. Biometrics

TRUE OR FALSE Digital cash is legal tender that is instantly convertible into other forms of value without the intermediation of any third parties.

False

TRUE OR FALSE Phishing attacks rely on browser parasites.

False

TRUE OF FALSE Apple Pay uses near field communication (NFC) chips.

True

TRUE OR FALSE PayPal is the most popular alternative payment method in the United States

True

TRUE OR FALSE Spoofing is the attempt to hide a hacker's true identity by using someone else's e-mail or IP address.

True

TRUE OR FALSE The easiest and least expensive way to prevent threats to system integrity is to install anti-virus software.

True

TRUE OR FALSE There is a finite number of Bitcoins that can be created.

True

Which of the following is not an example of an access control? A. Proxy servers B. Login passwords C. Digital signatures D. Firewalls

C. Digital signatures

Which of the following is an example of an integrity violation of e-commerce security? A. A website is not actually operated by the entity the customer believes it to be. B. A customer denies that he is the person who placed the order. C. A merchant uses customer information in a manner not intended by the customer. D. An unauthorized person intercepts an online communication and changes its contents.

D. An unauthorized person intercepts an online communication and changes its contents.

Which of the following statements is not true? A. A retina scan is an example of a biometric device. B. Biometric devices reduce the opportunity for spoofing. C. Biometric data stored on an iPhone is encrypted. D. Apple's Touch ID stores a digital replica of a user's actual fingerprint in Apple's iCloud.

D. Apple's Touch ID stores a digital replica of a user's actual fingerprint in Apple's iCloud.

An intrusion detection system can perform all of the following functions except: A. Checking network traffic to see if it matches certain patterns or preconfigured rules. B. Examining network traffic. C. Setting off an alarm when suspicious activity is detected. D. Blocking suspicious activity.

D. Blocking suspicious activity

Which of the following is not a key factor for establishing e-commerce security? A. Organizational policies B. Technology C. Laws and industry standards D. Data integrity

D. Data Integrity

Bitcoins are an example of: A. Virtual currency. B. A stored value payment system. C. An EBPP system. D. Digital cash

D. Digital cash

All of the following are methods of securing channels of communication except: A. VPN. B. SSL/TLS. C. Digital certificates. D. FTP.

D. FTP

According to Symantec, almost half of the e-mail addresses involved in business e-mail compromise (BEC) phishing that it analyzed had an IP address originating in: A. China. B. North Korea. C. Russia. D. Nigeria.

D. Nigeria

Which of the following is the most common protocol for securing a digital channel of communication? A. HTTP B. DES C. VPN D. SSL/TLS

D. SSL/TLS

Which of the following is not an example of malicious code? A. Scareware B. Bot C. Trojan horse D. Sniffer

D. Sniffer

What is the most frequent cause of stolen credit cards and card information today? A. Sniffing programs B. Phishing attacks C. Lost cards D. The hacking and looting of corporate servers storing credit card information

D. The hacking and looting of corporate servers storing credit card information

TRUE OR FALSE A drive-by download is malware that comes with a downloaded file that a user intentionally or unintentionally requests.

True

TRUE OR FALSE Changeup is an example of a software vulnerability.

True

TRUE OR FALSE Typically, the more security measures added to an e-commerce site, the slower and more difficult it becomes to use.

True

TRUE OR FALSE WannaCry is an example of ransomware.

True

________ is the ability to ensure that messages and data are only available to those authorized to view them. A. Confidentiality B. Integrity C. Availability D. Privacy

A. Confidentiality

Software that is used to obtain private user information such as a user's keystrokes or copies of e-mail is referred to as: A. Spyware. B. A backdoor. C. Browser parasite. D. Adware.

A. Spyware

Which of the following statements is not true? A. The Cybersecurity Information Sharing Act was strongly supported by most large technology companies and privacy advocates. B. The USA Patriot Act broadly expanded law enforcement's investigative and surveillance powers. C. A majority of states require companies that maintain personal data on their residents to publicly disclose when a security breach affecting those residents has occurred. D. The Federal Trade Commission has asserted that it has authority over corporations' data security practices.

A. The Cybersecurity Information Sharing Act was strongly supported by most large technology companies and privacy advocates.

All of the following are limitations of the existing online credit card payment system except: A. Poor security. B. Cost to consumers. C. Cost to merchant. D. Social equity.

B. Cost to consumers

PCI-DSS is a standard established by which of the following? A. The retail industry B. The credit card industry C. The federal government D. The banking industry

B. The credit card industry

Accessing data without authorization on Dropbox is an example of a: A. Social network security issue. B. Sniffing issue. C. Mobile platform security issue. D. Cloud security issue.

C. Cloud security issue

Angler is an example of which of the following? A. Phishing B. Worm C. Hacktivism D. Exploit kit

D. Exploit kit

Which of the following statements about data breaches in 2016 is not true? A. According to Symantec, the total number of data breaches in 2016 increased significantly from the number in 2015. B. According to Symantec, the number of major breaches in 2016 increased from the number in 2015. C. According to Symantec, the total number of identities exposed by data breaches in 2016 increased to 1.1 billion. D. According to the Identity Theft Resource Center, data breaches involving the business sector represented over 45% of all breaches.

A. According to Symantec, the total number of data breaches in 2016 increased significantly from the number in 2015.

Malware that comes with a downloaded file that a user requests is called a: A. Drive-by download. B. PUP. C. Trojan horse. D. Backdoor.

A. Drive-by download

Which of the following is the leading cause of data breaches? A. Hackers B. Accidental disclosures C. DDoS attacks D. Theft of a computer

A. Hackers

Which dimension(s) of security is spoofing a threat to? A. Integrity and authenticity B. Integrity C. Availability and integrity D. Availability

A. Integrity and authenticity

________ is the ability to ensure that e-commerce participants do not deny their online actions. A. Nonrepudiation B. Authenticity C. Availability D. Integrity

A. Nonrepudiation

All of the following are used for authentication except: A. Packet filters. B. Certificates of authority. C. Digital signatures. D. Biometric devices.

A. Packet filters

Automatically redirecting a web link to a different address is an example of which of the following? A. Pharming B. Social engineering C. DDoS attack D. Sniffing

A. Pharming

Next generation firewalls provide all of the following except: A. The ability to automatically update applications with security patches. B. An application-centric approach to firewall control. C. The ability to identify users regardless of the device or IP address. D. The ability to identify applications regardless of the port, protocol, or security evasion tools used.

A. The ability to automatically update applications with security patches.

To allow lower-level employees access to the corporate network while preventing them from accessing private human resources documents, you would use: A. Security tokens. B. An authorization management system. C. An authorization policy. D. Access controls.

B. An authorization management system

The attack on Dyn Inc., in October 2016 is an example of which of the following? A. SQL injection attack B. DDoS attack C. Browser parasite D. MitM attack

B. DDoS attack

Today, online bill payment accounts for ________ of all bill payments, while paper checks account for ________. A. About 25%; about 10% B. More than 55%; less than 20% C. 100%; 0% D. Less than 10%; less than 25%

B. More than 55%; less than 20%

Which of the following is a set of short-range wireless technologies used to share information among devices within about two inches of each other? A. DES B. NFC C. Text messaging D. IM

B. NFC

All of the following statements about PKI are true except: A. PKI is not effective against insiders who have a legitimate access to corporate systems including customer information. B. PKI guarantees that the verifying computer of the merchant is secure. C. The term PKI refers to the certification authorities and digital certificate procedures that are accepted by all parties. D. The acronym PKI stands for public key infrastructure.

B. PKI guarantees that the verifying computer of the merchant is secure.

Which of the following was designed to cripple Iranian nuclear centrifuges? A. Flame B. Stuxnet C. Storm D. Snake

B. Stuxnet

All the following statements about symmetric key cryptography are true except: A. The Data Encryption Standard is a symmetric key encryption system. B. Symmetric key cryptography is computationally slower. C. In symmetric key cryptography, both the sender and the receiver use the same key to encrypt and decrypt a message. D. Symmetric key cryptography is a key element in digital envelopes.

B. Symmetric key cryptography is computationally slower

Linden Dollars, created for use in Second Life, are an example of: A. Peer-to-peer payment systems. B. Virtual currency. C. Digital cash. D. EBPP.

B. Virtual currency

Which of the following is an example of an online privacy violation? A. Your e-mail being read by a hacker B. Your online purchasing history being sold to other merchants without your consent C. Your e-mail being altered by a hacker D. Your computer being used as part of a botnet

B. Your online purchasing history being sold to other merchants without your consent.


Kaugnay na mga set ng pag-aaral

Central Idea & Supporting Details

View Set

Macroeconomics Study Guide (Ch 14-16)

View Set

Chapter 8: Regional Economic Integration

View Set

Ch. 2 - Paris et la vie urbaine (FRE 332)

View Set

MASTERING CORRECTION OF ACCOUNTING ERRORS TESTBANK FLASH CARD (only)

View Set

Chapter 21: The Evidence for Evolution

View Set