MBA 211 Chapters 8-12 Final Review

_______controls formalize standards, rules, procedures, and control disciplines to ensure that the organization's general and application controls are properly executed and enforced. A. Administrative B. Data security C. Implementation D. Input E. Software

A. Administrative

________identify the access points in a Wi-Fi network. A. SSIDs B. UTMs C. URLs D. NICs E. Mac addresses

A. SSIDs

A statement ranking information risks and identifying security goals would be included in which of the following? A. Security policy B. Business continuity plan C. Risk assessment D. Business impact analysis E. AUP

A. Security policy

Application proxy filtering examines the application content of packets. A. True B. False

A. True

In public key encryption, the keys are mathematically related so that data encrypted with one key can be decrypted using only the other key. A. True B. False

A. True

Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years. A. True B. False

A. True

Evil twins are: A. bogus wireless network access points that look legitimate to users. B. computers that fraudulently access a website or network using the IP address and identification of an authorized computer. C. email messages that mimic the email messages of a legitimate business. D. fraudulent websites that mimic a legitimate business's website. E. Trojan horses that appear to the user to be a legitimate commercial software application.

A. bogus wireless network access points that look legitimate to users.

When a hacker discovers a security hole in software that is unknown to the software vendor, it is an example of: A. zero-day vulnerability B. phishing C. snooping D. social engineering E. sniffing

A. zero-day vulnerability

Which of the following defines acceptable uses of a firm's information resources and computing equipment? A. An information systems audit policy B. An AUP C. A MSSP D. A CA policy E. A UTM system

B. An AUP

Most IoT devices support sophisticated security approaches. A. True B. False

B. False

Packet filtering catches most types of network attacks. A. True B. False

B. False

CryptoLocker is an example of which of the following? A. Worm B. Sniffer C. Ransomware D. Evil twin E. SQL injection attack

C. Ransomware

Which of the following refers to eavesdroppers driving by buildings or parking outside and trying to intercept wireless network traffic? A. Cybervandalism B. Sniffing C. War driving D. Snooping E. Drive-by tapping

C. War driving

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data. A. unified threat management B. stateful inspection C. deep packet inspection D. high availability computing E. application proxy filtering

C. deep packet inspection

When hackers gain access to a database containing your personal private information, this is an example of: A. phishing B. pharming C. identity theft D. social engineering E. spoofing

C. identity theft

Which of the following refers to all of the methods, policies, and organizational procedures that ensure the safety of the organization's assets, the accuracy and reliability of its accounting records, and operational adherence to management standards? A. SSID standards B. Legacy systems C. Vulnerabilities D. Controls E. Security policy

D. Controls

Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems. A. PKI B. DPI C. NSP D. UTM D. MSSP

D. UTM

Which of the following statements about Internet security is not true? A. Instant messaging can provide hackers access to an otherwise secure network. B. The use of P2P networks can expose a corporate computer to outsiders. C. A corporate network without access to the Internet is more secure than one that provides access. D. Smartphones have the same security weaknesses as other Internet devices. E. Wi-Fi networks are not vulnerable to security breaches.

E. Wi-Fi networks are not vulnerable to security breaches.

A Trojan horse: A. is a type of sniffer used to infiltrate corporate networks. B. installs spyware on users' computers. C. is a virus installed as a drive-by download. D. is malware named for a breed of fast-moving Near-Eastern horses. E. is software that appears to be benign but does something other than expected.

E. is software that appears to be benign but does something other than expected.

WPA2 is a more effective way to secure a wireless network than WEP because it: A. includes an AUP. B. is part of most vendors UTM products. C. operates on a VPN. D. uses symmetric encryption methods. E. uses much longer encryption keys.

E. uses much longer encryption keys.