Chapter 8 - Questions

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n) ________ attack. -phishing -DoS -ransomware -DDoS

-DDoS

The distributed nature of cloud computing makes it somewhat easier to track unauthorized access. -True -False

-False

A foreign country attempting to access government networks in order to disable a national power grid would be an example of: -denial-of-service attacks. -war driving. -cyberwarfare. -injection attack.

-cyberwarfare.

Phishing is a form of: -sniffing -spoofing -war driving -ransomware

-spoofing

Redirecting a web link to a different address is a form of: -spoofing. -sniffing. -war driving. -snooping.

-spoofing.

A practice in which eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic is referred to as: -driveby downloading. -war driving. -sniffing. -cybervandalism.

-war driving.

________ use scanning software to look for known problems such as bad passwords, the removal of important files, security attacks in progress, and system administration errors. -Intrusion detection systems -Packet filtering technologies -Application proxy filtering technologies -Firewalls

-Intrusion detection systems

According to IT security experts, mobile devices pose greater security risks than larger computers. -True -False

-True

Malicious software programs referred to as malware include a variety of threats such as computer viruses, worms, and Trojan horses. -True -False

-True

All of the following are currently being used as traits that can be profiled by biometric authentication except: -voice. -retinal images. -fingerprints. -body odor.

-body odor.

A firewall allows the organization to: -authenticate users. -check the content of all incoming and outgoing email messages. -check the accuracy of all transactions between its network and the Internet. -enforce a security policy on data exchanged between its network and the Internet.

-enforce a security policy on data exchanged between its network and the Internet.

An authentication token: -compares a person's unique characteristics against a stored profile of these characteristics to determine any differences between these characteristics and the stored profile. -is a device that displays passcodes. -is an electronic marker attached to a digital authorization file. -is a device the size of a credit card that contains access permission data.

-is a device that displays passcodes.

The HIPAA Act of 1996: -outlines medical security and privacy rules. -imposes responsibility on companies and management to safeguard the accuracy of financial information. -requires that companies retain electronic records for at least 10 years. -requires financial institutions to ensure the security of customer data.

-outlines medical security and privacy rules

Pharming involves: -pretending to be a legitimate business's representative in order to garner information about a security system. -redirecting users to a fraudulent website even when the user has typed in the correct address in the web browser. -using emails to ask users for confidential information. -malware that displays annoying pop-up messages.

-redirecting users to a fraudulent website even when the user has typed in the correct address in the web browser

Tricking employees into revealing their passwords by pretending to be a legitimate member of a company is called: -social engineering. -click fraud. -sniffing. -phishing.

-social engineering.