MBA 211 Chapters 8-12 Final Review
_______controls formalize standards, rules, procedures, and control disciplines to ensure that the organization's general and application controls are properly executed and enforced. A. Administrative B. Data security C. Implementation D. Input E. Software
A. Administrative
________identify the access points in a Wi-Fi network. A. SSIDs B. UTMs C. URLs D. NICs E. Mac addresses
A. SSIDs
A statement ranking information risks and identifying security goals would be included in which of the following? A. Security policy B. Business continuity plan C. Risk assessment D. Business impact analysis E. AUP
A. Security policy
Application proxy filtering examines the application content of packets. A. True B. False
A. True
In public key encryption, the keys are mathematically related so that data encrypted with one key can be decrypted using only the other key. A. True B. False
A. True
Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years. A. True B. False
A. True
Evil twins are: A. bogus wireless network access points that look legitimate to users. B. computers that fraudulently access a website or network using the IP address and identification of an authorized computer. C. email messages that mimic the email messages of a legitimate business. D. fraudulent websites that mimic a legitimate business's website. E. Trojan horses that appear to the user to be a legitimate commercial software application.
A. bogus wireless network access points that look legitimate to users.
When a hacker discovers a security hole in software that is unknown to the software vendor, it is an example of: A. zero-day vulnerability B. phishing C. snooping D. social engineering E. sniffing
A. zero-day vulnerability
Which of the following defines acceptable uses of a firm's information resources and computing equipment? A. An information systems audit policy B. An AUP C. A MSSP D. A CA policy E. A UTM system
B. An AUP
Most IoT devices support sophisticated security approaches. A. True B. False
B. False
Packet filtering catches most types of network attacks. A. True B. False
B. False
CryptoLocker is an example of which of the following? A. Worm B. Sniffer C. Ransomware D. Evil twin E. SQL injection attack
C. Ransomware
Which of the following refers to eavesdroppers driving by buildings or parking outside and trying to intercept wireless network traffic? A. Cybervandalism B. Sniffing C. War driving D. Snooping E. Drive-by tapping
C. War driving
In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data. A. unified threat management B. stateful inspection C. deep packet inspection D. high availability computing E. application proxy filtering
C. deep packet inspection
When hackers gain access to a database containing your personal private information, this is an example of: A. phishing B. pharming C. identity theft D. social engineering E. spoofing
C. identity theft
Which of the following refers to all of the methods, policies, and organizational procedures that ensure the safety of the organization's assets, the accuracy and reliability of its accounting records, and operational adherence to management standards? A. SSID standards B. Legacy systems C. Vulnerabilities D. Controls E. Security policy
D. Controls
Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems. A. PKI B. DPI C. NSP D. UTM D. MSSP
D. UTM
Which of the following statements about Internet security is not true? A. Instant messaging can provide hackers access to an otherwise secure network. B. The use of P2P networks can expose a corporate computer to outsiders. C. A corporate network without access to the Internet is more secure than one that provides access. D. Smartphones have the same security weaknesses as other Internet devices. E. Wi-Fi networks are not vulnerable to security breaches.
E. Wi-Fi networks are not vulnerable to security breaches.
A Trojan horse: A. is a type of sniffer used to infiltrate corporate networks. B. installs spyware on users' computers. C. is a virus installed as a drive-by download. D. is malware named for a breed of fast-moving Near-Eastern horses. E. is software that appears to be benign but does something other than expected.
E. is software that appears to be benign but does something other than expected.
WPA2 is a more effective way to secure a wireless network than WEP because it: A. includes an AUP. B. is part of most vendors UTM products. C. operates on a VPN. D. uses symmetric encryption methods. E. uses much longer encryption keys.
E. uses much longer encryption keys.