MIS Chapter 4
_________ is a physical control.
A company gate
Which of the following is NOT an advantage of VPN?
Cost
A(n) _________ to an information resource is any danger to which a system may be exposed.
Threat
Biometrics is an example of something the user _________.
is
Typing in your password to access a system is an example of something the user _________.
knows
Auditing _________ the computer means auditors check inputs, outputs, and processing.
through
A _________ site typically does not include the actual application the company needs to get the business back up and running immediately.
warm
Auditing _________ the computer means using a combination of client data, auditor software, and client and auditor hardware.
with
_________ is an attack by a programmer developing a system.
A Trojan horse
_________ controls restrict unauthorized individuals from using information resources.
Access
Which of the following does NOT contribute to the increasing vulnerability of organizational information resources?
Additional Management Support
_________ causes pop-up advertisements to appear on your screen.
Adware
Piracy costs businesses _________ of dollars per year.
Billions
Spam costs US companies _________ of dollars per year.
Billions
_________ controls secure the movement of data across networks.
Communications
A(n) _________ is located between two firewalls.
DMZ
_________ is a remote attack requiring no user action.
DoS
_________ is an access control.
Encryption
_________ is the process of converting an original message into a form that cannot be read by anyone except the intended receiver.
Encryption
_________ occurs when an unauthorized individual attempts to gain illegal access to organizational information.
Espionage
The _________ of an information resource is the harm, loss, or damage that can result if a threat compromises that resource.
Exposure
A(n) _________ is a system that prevents a specific type of information from moving between untrusted networks and private networks.
Firewall
_________ is a communications control.
Firewall
Which of the following does NOT contribute to the increasing vulnerability of organizational information resources?
Increasing Skills necessary to be a hacker
_________ occur(s) when an attacker either threatens to steal, or actually steals, information from a company and then demands payment for not carrying out a particular act.
Information Extortion
A _________ is an official document that grants the holder exclusive rights on an invention or a process for a specified period of time.
Patent
_________ controls prevent unauthorized individuals from gaining access to a company's facilities.
Physical
You purchased a copy of Microsoft Office and give a copy to a friend so he/she doesn't have to buy it too. This is _________ and is _________.
Piracy; illegal
Intellectual property is NOT protected under _________ laws.
Privacy
If a hacker takes control of equipment such as power grids or nuclear power plants, this is an example of a(n) _________ attack.
SCADA
_________ is a deliberate act that involves defacing an organization's website, potentially damaging the organization's image and causing its customers to lose faith.
Sabotage
_________ is an attack in which the perpetrator uses social skills to trick or manipulate legitimate employees into providing confidential company information such as passwords.
Social Engineering
_________ is an unintentional threat.
Social Engineering
_________ is pestware that users your computer as a launch pad for unsolicited e-mail, usually advertising for products and services.
Spamware
Keystroke loggers and screen scrapers are examples of _________.
Spyware
_________ collects personal information about users without their consent.
Spyware
A URL that begins with https uses _________.
TLS
_________ is a private network that uses a public network to connect users.
VPN
_________ is a remote attack requiring user action.
Virus
An information resource's _________ is the possibility that the system will be harmed by a threat.
Vulnerability
Careless Internet surfing is _________ and is an _________ mistake.
a human error, unintentional
Carelessness using unmanaged devices is _________ and is an _________ mistake.
a human error, unintentional
You don't lock your computer when you go to the restroom. This is _________ and is an _________ mistake.
a human error, unintentional
You get a new smartphone and throw your old one away without erasing all your data. This is _________ and is an _________ mistake.
a human error, unintentional
You lose the company's USB with your sales spreadsheets on it. This is _________ and is an _________ mistake.
a human error, unintentional
You never wipe the dust off your computer. This is _________ and is an _________ mistake.
a human error, unintentional
You open an e-mail from your friend that looks a little odd, but you figure your friend would never send you anything bad. This is _________ and is an _________ mistake.
a human error, unintentional
A(n) _________ is a software package that attempts to identify and eliminate viruses and worms.
anti-malware system
Auditing _________ the computer means verifying processing by checking for known outputs using specific inputs.
around
A _________ site provides only rudimentary services and facilities.
cold
A _________ is a statutory grant that provides the creators or owners of intellectual property with ownership of the property for a designated period.
copyright
If you have to speak into your phone to unlock it, this is an example of something the user _________.
does
Your student ID is an example of something the user _________.
has
A _________ site is a fully configured computer facility with all of the company's services, communication links, and physical plant operations.
hot
A _________ site is the most expensive option.
hot
Suppose you have a primary location in New York City where you main corporate servers are located. Just in case something happens in New York City, you have backup servers that are updated every minute in Chicago. This is an example of a _________ site.
hot
Suppose your university automatically logs you off of a university computer after 15 minutes of disuse. This is an example of a(n) _________ control.
physical
In public-key encryption, the _________ key is used for locking and the _________ key is used for unlocking.
public; private
You are a nice person, so you hold the door open for the person running in behind you. Since you needed to use your ID badge to open the door, the person running in behind you is __________; this is _________.
tailgating, an unintentional threat to your organization
A _________ is an intellectual work that is not based on public information.
trade secret
A(n) _________ network is any network within your organization; a(n) _________ network is any network external to your organization.
trusted; untrusted
If humans are careless with laptops, this is an _________ error which could cause theft of equipment or information (an _________ error) .
unintentional, intentional