ch 5 ISYS
Organizations should understand the principles of the _____, which has to be incorporated in to the organization's security policies a. Sarbanes-Oxley Act of 2002 b. Copyright Act of 1976 c. Gramm-Leach-Bliley Act of 1999 d. Communications Decency Act of 1996
A Sarbanes-Oxley Act of 2002
Computer viruses are a type of _______. a. malware b. adware c. hardware d. spyware
A malware
Dumpster diving and shoulder surfing are two commonly used _____ techniques. a. social engineering b. ethical hacking c. biometric security d. Trojan programming
A social engineering
To break into computers and networks, hackers use _____, which are tools used to monitor network traffic and intercept information. a. sniffers b. kernels c. backdoors d. cookies
A sniffers
Which of the following is a guideline to increase the effectiveness of passwords? a. Passwords should be lesser than eight characters. b. Passwords should not be written down. c. Passwords should not be changed frequently. d. Passwords should follow a pattern.
B Passwords should not be written down
Which of the following statements is true of spyware? a. Spyware uses information about users for harmless purposes only. b. Spyware can interfere with users' control of their computers by redirecting Web browsers. c. Spyware is used to boost the speed of Internet connection. d. Spyware gathers information about users with their consent while they browse the Web.
B Spyware can interfere with users' control of their computers by redirecting Web browsers.
A(n) _____ is an intentional computer and network threat that enables the designer or programmer to bypass system security and sneak back into the system later to access programs or files. a. logic bomb b. backdoor c. spam d. worm
B backdoor
Which of the following steps should be considered when developing a comprehensive security plan? a. Refraining from exiting programs and systems promptly b. Checking environmental factors, such as temperature and humidity levels c. Enabling computer access to all employees in an organization d. Setting up a security committee with representatives solely from upper management
B checking environmental factors, such as temperature and humidity levels
Which of the following nonbiometric security measures is useful in organizations that have many employees who work off-site and who need to connect to the network from remote locations? a. Intrusion detection system b. Firewall c. Callback modem d. Proximity-release door opener
C callback modem
A(n) _____ is a software application that hides its presence on the computer, which makes it nearly undetectable by common anti-malware software. a. kernel b. cookie c. rootkit d. applet
C rootkit
In a comprehensive security system, _____ security protects e-mail and Web servers against unauthorized access. a. level 2 b. level 3 c. level 4 d. level 1
D Level 1
Which of the following statements is true of packet-filtering firewalls? a. They usually record every action taking place at the firewall. b. They are always easy to install. c. They inform senders if the packets are dropped. d. They examine packets one by one.
D They examine packets one by one.
In the context of the CIA trangle, availability refers to: a. the accuracy of information resources within an organization. b. an identification of authorized users and granting them access privileges c. the concealment of information to anyone who is not authorized to access it d. a quick recovery in the event of a system failure or disaster
D a quick recovery in the event of a system failure or disaster
Spoofing is a computer crime, which occurs when: a. a legitimate program monitors network performance. b. keystroke loggers monitor and record keystrokes. c. users' Web browsers are redirected to another page. d. an illegitimate program poses as a legitimate one.
D an illegitimate program poses as a legitimate one.
A drawback of biometric security measures is that they: a. are not unique b. can be passed on to others c. can be stolen d. incur high costs
D incur high costs