Ch. 8 MIS

Which of the following refers to eavesdroppers driving by buildings or parking outside and trying to intercept wireless network traffic? A) War driving B) Sniffing C) Cybervandalism D) Drive-by tapping E) Snooping

War driving

Evil twins are: A) Trojan horses that appears to the user to be a legitimate commercial software application. B) email messages that mimic the email messages of a legitimate business. C) fraudulent websites that mimic a legitimate business's website. D) computers that fraudulently access a website or network using the IP address and identification of an authorized computer. E) bogus wireless network access points that look legitimate to users.

bogus wireless network access points that look legitimate to users

Which of the following is a type of ambient data? A) Computer log containing recent system errors B) A file deleted from a hard disk C) A file that contains an application's user settings D) A set of raw data from an environmental sensor E) Data that has been recorded over

A file deleted from a hard disk

Which of the following is a virus that uses flaws in Windows software to take over a computer remotely? A) Sasser B) Zeus C) Cryptolocker D) ILOVEYOU E) Conficker

Conficker

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n) ________ attack. A) DDoS B) DoS C) SQL injection D) phishing E) botnet

DDoS

________ identify the access points in a Wi-Fi network. A) NICs B) Mac addresses C) URLs D) UTMs E) SSIDs

SSIDs

An employee clicks on a link in an email from what looks like a fellow employee and is taken to a fraudulent web site which asks for personal information is an example of: A) click fraud. B) DDOS attack. C) spear phishing. D) pharming. E) identity theft.

Spear phishing

Which of the following is the single greatest cause of network security breaches? A) Viruses B) User lack of knowledge C) Trojan horses D) Cyberwarfare E) Bugs

user lack of knowledge

Blockchain refers to a technology that: A) uses a distributed ledger system of transactions. B) uses a centralized data store in the cloud. C) relies on the Internet to provide secure transactions. D) uses existing banking systems to transfer funds. E) relies on peer-to-peer networks.

uses a distributed ledger system of transactions

When a hacker discovers a security hole in software that is unknown to the software vendor it is an example of: A) sniffing. B) social engineering. C) phishing. D) zero-day vulnerability E) snooping

zero-day vulnerability

According to the 2017 Identity Fraud Study by Javelin Strategy & Research, how much did consumers lose to identity fraud in 2016? A) $1.6 million B) $16 million C) $160 million D) $1.6 billion E) $16 billion

$16 billion

According to Ponemon Institute's 2016 Annual Cost of Cyber Crime Study, the average annualized cost of cybercrime for benchmarked companies in six different countries was approximately: A) $900,000. B) $9 million. C) $90 million. D) $9 billion. E) $90 billion.

$9 million

________ is spyware that logs and transmits everything a user types. A) Spyware B) A Trojan horse C) A keylogger D) A worm E) A sniffer

A keylogger

Which of the following techniques stops data packets originating outside the organization, inspects them, and passes the packets to the other side of an organizations firewall? A) NAT B) Packet filtering C) Deep packet inspection D) Stateful inspection E) Application proxy filtering

Application proxy filtering

Which of the following is not an example of a computer used as a target of crime? A) Knowingly accessing a protected computer to commit fraud B) Accessing a computer system without authority C) Illegally accessing stored electronic communication D) Threatening to cause damage to a protected computer E) Breaching the confidentiality of protected computerized data

Illegally accessing stored electronic communication

Which of the following statements about botnets is not true? A) Eighty percent of the world's malware is delivered by botnets. B) Botnets are often used to perpetrate DDoS attacks. C) Ninety percent of the world's spam is delivered by botnets. D) Botnets are often used for click fraud. E) It is not possible to make a smartphone part of a botnet.

It is not possible to make a smartphone part of a botnet

Which of the following specifically makes malware distribution and hacker attacks to disable websites a federal crime? A) Computer Fraud and Abuse Act B) Economic Espionage Act C) Electronic Communications Privacy Act D) Data Security and Breach Notification Act E) National Information Infrastructure Protection Act

National Information Infrastructure Protection Act

As described in the chapter case, which of the following did hackers use to gain access to the DNC network? A) Trojan horse B) Phishing emails C) SQL injection attack D) Computer worm E) Pharming attack

Phishing emails

________ is malware that hijacks a user's computer and demands payment in return for giving back access. A) A Trojan horse B) Ransomware C) Spyware D) A virus E) An evil twin

Ransomware

Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems. A) DPI B) MSSP C) NSP D) PKI E) UTM

UTM

Which of the following is an example of a keylogger? A) Zeus B) Conficker C) Sasser D) ILOVEYOU E) Cryptolocker

Zeus

A salesperson clicks repeatedly on the online ads of a competitor in order to drive the competitor's advertising costs up. This is an example of: A) phishing. B) pharming. C) spoofing. D) evil twins. E) click fraud.

click fraud

Computer forensics tasks include all of the following except: A) presenting collected evidence in a court of law. B) securely storing recovered electronic data. C) collecting physical evidence on the computer. D) finding significant information in a large volume of electronic data. E) recovering data from computers while preserving evidential integrity.

collecting physical evidence on the computer

The intentional defacement or destruction of a website is called: A) spoofing. B) cybervandalism. C) cyberwarfare. D) phishing. pharming

cybervandalism

A foreign country attempting to access government networks in order to disable a national power grid is an example of: A) phishing. B) denial-of-service attacks. C) cyberwarfare. D) cyberterrorism. E) evil twins.

cyberwarfare

When hackers gain access to a database containing your personal private information, this is an example of: A) phishing. B) spoofing. C) social engineering. D) identity theft. pharming

identity theft

The Sarbanes-Oxley Act: A) requires financial institutions to ensure the security of customer data. B) specifies best practices in information systems security and control. C) imposes responsibility on companies and management to safeguard the accuracy of financial information. D) outlines medical security and privacy rules. E) identifies computer abuse as a crime and defines abusive activities.

imposes responsibility on companies and management to safeguard the accuracy of financial information

A Trojan horse: A) is software that appears to be benign but does something other than expected. B) is a virus that replicates quickly. C) is malware named for a breed of fast-moving Near-Eastern horses. D) installs spyware on users' computers. E) is a type of sniffer used to infiltrate corporate networks.

is software that appears to be benign but does something other than expected

The HIPAA Act of 1996: A) requires financial institutions to ensure the security of customer data. B) specifies best practices in information systems security and control. C) imposes responsibility on companies and management to safeguard the accuracy of financial information. D) outlines medical security and privacy rules. E) identifies computer abuse as a crime and defines abusive activities.

outline medical security and privacy rules

Pharming involves: A) redirecting users to a fraudulent website even when the user has typed in the correct address in the web browser. B) pretending to be a legitimate business's representative in order to garner information about a security system. C) setting up fake website to ask users for confidential information. D) using emails for threats or harassment. setting up fake Wi-Fi access points that look as if they are legitimate public networks

redirecting users to a fraudulent website even when the user has typed in the correct address in the web browser

The Gramm-Leach-Bliley Act: A) requires financial institutions to ensure the security of customer data. B) specifies best practices in information systems security and control. C) imposes responsibility on companies and management to safeguard the accuracy of financial information. D) outlines medical security and privacy rules. E) identifies computer abuse as a crime and defines abusive activities.

requires financial institutions to ensure the security of customer data

All of the following have contributed to an increase in software flaws except: A) the growing complexity of software programs. B) the growing size of software programs. C) demands for timely delivery to markets. D) the inability to fully test programs. E) the increase in malicious intruders seeking system access.

the increase in malicious intruders seeking system access

An authentication system in which a user must provide two types of identification, such as a bank card and PIN, is called: A) smart card authentication. B) biometric authentication. C) two-factor authentication. D) symmetric key authorization. E) token authentication.

two-factor authentication