Info Tech Chap 9
Active content on web pages may take the form of Java, Flash, or ___ controls.
ActiveX
Which device could be infected with malware?
All of these
Which of the following could make you a victim of identity theft?
All of these
Which of the following is a heuristic detection method?
All of these
_____ is the process of proving that users are who they say, and confirming that they are authorized to access accounts.
Authentication
Which law was designed to protect schoolchildren and library patrons from being exposed to pornographic sites and other types of restricted materials?
Children's Internet Protection Act (CIPA)
___ refers to using a computer to commit a crime.
Cybercrime
A computer's webcam cannot be used for facial recognition; you must have a separate camera.
False
A hardware-based firewall is configured and managed by an individual user.
False
A hardware-based firewall protects an individual computer.
False
A worm attaches itself to a specific executable file.
False
An email virus can infect the text of an email message, but not its attachment.
False
Freedom of speech means that individuals are protected from the consequences of their speech.
False
If you post online bragging about committing a crime, your post cannot be used as evidence against you.
False
Measuring the dimensions of a person's feet is the most popular way of authenticating users biometrically.
False
Personal data such as birth, death, and marriage records have only recently been available to the public recently.
False
Spoofing is a method of infecting a user's email application so it sends out spam.
False
TRUSTe is a company that offers third-party privacy protection software for a fee.
False
The internet is governed by the United Nations.
False
True or False: A backup differential is a special computer system that's designed specifically for performing and storing backups.
False
True or False: A worm adds itself to another program and waits for the user to execute an attachment or open a file with a macro.
False
True or False: A worm is a malicious code string that attaches itself to an executable file so that the file becomes "infected."
False
True or False: Asymmetric encryption is also called secret key encryption.
False
True or False: Penetration testing entails carrying out malicious cyber activity targeting government organizations.
False
True or False: Plagiarism is using others' words and ideas and attributing the original creator(s) as the source.
False
True or False: The gap between people who have smartphones and those who have older mobile devices is called the digital divide.
False
Viruses can hide in picture files.
False
When one company buy another, the purchasing company must legally honor the online privacy policies of the purchased company.
False
A disaster recovery plan typically does not answer which of these questions?
How will users' identities be confirmed?
Which of the following is a secure form of Hypertext Transfer Protocol (HTTP) that provides encryption for data sent through a web-based connection?
Hypertext Transfer Protocol Secure (HTTPS)
Which of the following technologies ensures the protection and confidentiality of personal data and messages being transmitted over the internet?
Hypertext Transfer Protocol Secure (HTTPS)
_____ property includes just about anything that can be created by the human mind.
Intellectual
Which of the following statements does not describe a disaster recovery plan?
It should not include how to recover lost data.
Which of the following statements describes a strong password?
It's easy to remember but hard to guess
Which month is National Cybersecurity Awareness Month?
October
___ is using the words and ideas of others without attributing the original creator(s) as the source.
Plagiarism
What piece of data is probably the most important to protect from identity thieves?
Social Security number
Which of the following statements does not describe virus signatures?
They are enabled by default in web browsers and scan web pages for suspicious signs.
The successor to the encryption protocol Secure Sockets Layer (SSL) is ___ .
Transport Layer Security (TLS)
To prevent introducing malware into your system with a _____, it's a good idea to download programs from the original creator's website or a site the creator recommends.
Trojan horse
Which type of virus hides inside a seemingly useful program?
Trojan horse virus
A double extension on an attachment, such as .txt.vbs, may indicate an executable malware script trying to disguise itself.
True
A file with a .vbs extension is executable, and could contain a virus.
True
A firewall can block network traffic from certain applications and permit it from other applications.
True
A worm spreads by sending copies of itself through a network.
True
An internet service provider can revoke your account if your online speech violates its terms of service.
True
Biometric authentication can be useful for allowing or denying permission to enter a secure room.
True
Biometric authentication refers to authenticating the identity of a person by using some physical body characteristic.
True
Each country has its own laws about free speech, and free speech laws may be very different between countries.
True
Keeping antimalware utilities up-to-date is important in protecting against worms.
True
Many antivirus utilities include an email scanning component.
True
Most antivirus software detects and removes worms.
True
Retina and iris scanning are two ways a person's eyes can be used for identification.
True
Some network firewalls can be set up to prevent users from visiting certain websites.
True
True or False: A backup appliance is a special computer system that's designed specifically for performing and storing backups.
True
True or False: A virus is a malicious code string that attaches itself to an executable file so that the file becomes "infected."
True
True or False: Penetration testing entails trying to hack into a system so its vulnerabilities can be identified and fixed.
True
True or False: Plagiarism is using others' words and ideas without attributing the original creator(s) as the source.
True
True or False: The gap between people who have access to computers and the internet and those who do not has been called the digital divide.
True
True or False: The term risk refers to the likelihood of a security breach of systems or data that obtains, damages, or destroys assets.
True
True or False: The term vulnerability refers to the likelihood of a security breach of systems or data that obtains, damages, or destroys assets.
True
True or False: Unlike a virus, a worm actively attempts to move and copy itself.
True
True or False: With symmetric encryption, both the customer and the business use the same encryption key.
True
Turning off third-party cookies in your browser may help minimize the amount of data an online ad agency can collect about you.
True
Windows comes with a free firewall utility for protecting individual computers.
True
You can find out if someone has a criminal history by running an online background check on that person.
True
Which of the following types of malware hides within a legitimate program or data file?
a Trojan horse
The themes displayed in the graphic above were derived from
a comparison of codes of ethics adopted by major organizations.
Which of the following is not one of the elements of an effective acceptable use policy (AUP)?
a list of specific websites that may not be visited
What is a smart card?
a plastic card that contains a computer chip with stored information
Which of the following kinds of hackers uses or teaches hacking skills to be helpful and promote good security practices?
a white-hat hacker
Which term refers to a set of principles that govern the responsible and competent use of computers?
acceptable use policy
Third-party cookies are created by which of the following?
an ad on a site
What is an online predator?
an individual who uses the internet to talk young people into meeting, exchanging photos, and so forth
Which is the most important software to install on a new computer?
antimalware software
Suppose that a hacker gains access to a hospital's patient records and exposes confidential medical information. The negative effects on the hospital's reputation and patient relationships that result are examples of damage to which of the following?
assets
Suppose that a hacker gains access to a retailer's sales data and steals customers' credit card numbers. The loss of customers and negative effect on the retailer's reputation that result are examples of damage to which of the following?
assets
A review of monitoring data and system logins to look for unauthorized access and suspicious behavior.
audit
Personal identification numbers (PINs), user IDs and passwords, and biometrics are common forms of ___ .
authentication
What is the process of proving that users are who they say they are, and confirming that they are authorized to access accounts?
authentication
Personal identification numbers, user IDs and passwords, smart cards, and biometrics are all common forms of
authentication.
Public key encryption uses two encryption keys: a public encryption key, which all the _____ know, and a secret encryption key, which only the _____ know.
authorized users; sender and receiver
Many companies control employee access to secure areas using a _____, such as a voice, a fingerprint, hand geometry, facial geometry, a retinal pattern, an iris pattern, or a handwritten signature.
biometric identifier
A voice, a fingerprint, hand geometry, facial geometry, a retinal pattern, an iris pattern, and a handwritten signature are all forms of
biometric identifiers.
A _____ attempts to gain access to a system for malicious purposes without the owner's consent.
black-hat hacker
Most _____ focus on gaining entry over the internet to a secure computer system by finding a working user ID and password combination.
black-hat hackers
Which of the following is not an example of cybercrime?
burglarizing a house and stealing TVs, computers, and other electronics
Unreadable, encrypted text is called ___ .
ciphertext
Text that's been encrypted and is therefore unreadable is called
ciphertext.
This table presents a(n) _____ and obligations for professional practice for software engineering.
code of ethics
The fair use provision does not allow which of the following uses of a copyrighted work?
commercial
A(n) _____ contains information about an individual's lifestyle and buying habits—information that marketers can use to effectively target buyers and sell their goods on the internet.
consumer profile
Information about the lifestyle and buying habits of an individual.
consumer profile
About half of all high school students have reported being victims of _____, according to the National Crime Prevention Council.
cyberbullying
Sending harassing email and text messages, along with posting embarrassing photos, are examples of
cyberbullying
Texting or sending harassing email messages and posting embarrassing photos is called ___ .
cyberbullying
Creating a computer virus that destroys a company's data is an example of
cybercrime
Large-scale _____ have been a major contributor to the high number of identity theft incidents.
data breaches
A process of eliminating repeated data in backup storage.
deduplication
The problem of redundancy can be avoided in backing up data by using _____ software, which examines the files and doesn't back up identical copies of certain folders and files multiple times.
deduplication
As shown in this illustration, malware infects multiple PCs at one time, telling them all to repeatedly request the same information and thereby bogging down the server. This type of computer crime is known as a _____ attack.
denial of service (DoS)
Which of the following is a type of computer crime in which one or more hackers shuts down a system by flooding it with information requests?
denial of service (DoS) attack
As shown in this illustration, during a _____ attack, multiple client PC requests are made simultaneously, thus overwhelming the server and leaving it unable to respond.
denial of service (Dos)
Encrypting movie DVDs to prevent users from copying the movie files is an example of which of the following technologies?
digital rights management (DRM)
Many music, video, and software distributors have focused on developing and implementing copy protection technologies called
digital rights management (DRM).
A password is considered strong if it's
easy to remember but hard to guess.
Companies use data _____ to scramble information so it's unreadable before it's transmitted.
encryption
To prevent people from spying on sensitive transactions, companies use data _____ to scramble information so it's unreadable before it's transmitted.
encryption
Most _____ beliefs are learned during childhood and are derived from family, society, and religious tradition.
ethical
The principles a person uses to determine right and wrong and to guide his or her choices and actions are called
ethics.
A biometric security device.
fingerprint scanner
A _____ cookie is created by the actual website a user visits.
first-party
Which of the following kinds of cookies is created by the actual site you are visiting?
first-party cookie
A cookie created by the website the user is visiting is called a ___ .
first‑party cookie
Which of the following statements describes spoofing?
fooling another computer by pretending to send packets from a legitimate Internet Protocol (IP) address
Identity _____ occurs when someone uses your personal information to launch some type of illegal activity.
fraud
Because of the proliferation of the internet, many _____ live in foreign nations and are therefore difficult for the US government to catch.
hackers
People who attempt to gain access to a computer system are known as
hackers.
A ___ determines a person's identity by measuring the dimensions of her hand.
hand geometry system
The trouble with any antivirus software is that it can detect only viruses that
have known signatures.
Suppose that a hacker breaks into someone's computer and copies his or her social security number, address, and credit card information. This crime is an example of
identify theft.
Suppose that a hacker breaks into an e-commerce website and steals customers' personal information, such as credit card numbers. This crime is an example of
identity theft
When should you act if you think you are a victim of identity theft?
immediately
Just about anything that can be created by the human mind is considered _____ property.
intellectual
Which type of malware enables a hacker to collect personal information a user enters?
keystroke logger
An executable virus stored within a Word data file.
macro virus
Ownership of an idea or invention.
patent
An email from a business such as a bank that requires a customer to update his or her account information by completing an online form might be a(n) _____ email.
phishing
This graphic provides an example of a _____ email; it attempts to get the recipient to disclose private information by completing an online form.
phishing
Which of the following is an attempt to acquire another person's sensitive information, such as a credit card number, by simulating a trusted website?
phishing
A virus can use ___ behavior to change its appearance in order to avoid detection.
polymorphic
A type of virus that changes its behavior to avoid detection.
polymorphic virus
To help ease consumers' concerns over the confidentiality of the information they provide, many commercial websites adopt _____ policies.
privacy
A _____ is a statement promising that a website will protect the confidentiality of any information a customer reveals.
privacy policy
Public key encryption uses two encryption keys: a _____ encryption key, which all authorized users know, and a _____ encryption key, which only the sender and the receiver know.
public; secret
A _____ program can seize control of a computer until the user agrees to the attacker's demands.
ransomware
Even if the threat or demand made by a _____ program is a bluff, there's always a first wave of victims who fall prey to it.
ransomware
CryptoLocker is a type of
ransomware.
Which biometric system uses the unique pattern of blood vessels on the back of the eyeball to identify an individual?
retinal recognition system
It may be appropriate for different assets to have different _____ levels and different types of security protection.
risk tolerance
When an unsuspecting user connects to a _____ hotspot, a hacker can use the connection to install malware on the user's device or steal his or her private information.
rogue
Which online security risk tricks the user to connect to a look-alike public wireless network, making his data vulnerable?
rogue hotspot
A _____ card is a plastic card, similar to a credit card, that contains a computer chip with stored information.
smart
Fooling another computer by pretending to send packets from a legitimate Internet Protocol (IP) address is called
spoofing
The process of fooling another computer into granting access by changing the address on packets so that they seem to come from a legitimate source.
spoofing
An all-access user ID and password left behind by its original programmer.
system backdoor
A(n) _____ cookie is created by an ad on a website, where the ad is owned and managed by a different company.
third-party
A(n) _____ is someone or something that can compromise or harm the assets of a business or individual.
threat
Someone or something that can compromise or harm the assets of a business or individual is called a(n)
threat
Which of the following is not one of the conditions of fair use?
using material that was published at least ten years ago
A _____ is a gap or weakness in a security program that allows a threat to find a way into the system.
vulnerability
Which term refers to a computer security weakness that allows a threat to find a way into a system?
vulnerability
A gap or weakness in a security program that allows a threat to find a way into the system is called a
vulnerability.
A _____ uses or teaches hacking skills in order to be helpful and promote good security practices.
white-hat hacker
Malware that moves between networked computers rather than between specific files.
worm
