MIS Chapter 8

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

the increase in the number of computer hackers in the world.

All of the following have contributed to an increase in software flaws EXCEPT:

Risk assessment

An analysis of an information system that rates the likelihood of a security incident occurring and its cost would be included in which of the following?

uses a distributed ledger system of transactions

Blockchain refers to a technology that:

Ransomware

CryptoLocker is an example of which of the following?

SSL, TLS, and S-HTTP

Currently, the protocols used for secure information transfer over the Internet are:

False

T/F: Packet filtering catches most types of network attacks.

False

T/F: Smartphones typically feature state-of-the-art encryption and security features, making them highly secure tools for businesses.

cybervandalism

The intentional defacement or destruction of a website is called:

a firewall

Two-factor authentication utilizes a(n):

Conficker

Which of the following is a virus that uses flaws in Windows software to take over a computer remotely?

$1,250

Your company, an online discount pet supply store, has calculated that a loss of Internet connectivity for 3 hours results in a potential loss of $2,000 to $3,000 and that there is a 50% chance of this occurring each year. What is the annual expected loss from this exposure?

SSIDs

________ identify the access points in a Wi-Fi network

The Sarbanes-Oxley Act

imposes responsibility on companies and management to safeguard the accuracy of financial information

enforce a security policy on data exchanged between its network and the Internet.

A firewall allows the organization to:

cyberwarfare

A foreign country attempting to access government networks in order to disable a national power grid is an example of:

click fraud

A salesperson clicks repeatedly on the online ads of a competitor in order to drive the competitor's advertising costs up. This is an example of:

Security policy

A statement ranking information risks and identifying security goals would be included in which of the following?

body odor

All of the following are currently being used as traits that can be profiled by biometric authentication EXCEPT:

sniffing

All of the following are specific security challenges that threaten corporate servers in a client/server environment EXCEPT:

radiation

All of the following are specific security challenges that threaten corporate systems in a client/server environment EXCEPT:

phishing

All of the following are specific security challenges that threaten the communications lines in a client/server environment EXCEPT:

application controls

All of the following are types of information systems general controls EXCEPT:

two-factor authentication

An authentication system in which a user must provide two types of identification, such as a bank card and PIN, is called:

spear phishing

An employee clicks on a link in an email from what looks like a fellow employee and is taken to a fraudulent web site which asks for personal information is an example of:

Phishing emails

As described in the chapter case, which of the following did hackers use to gain access to the Democratic National Committee (DNC) network?

Implementation controls

Audit the systems development process at various points to ensure that the process is properly controlled and managed.

collecting physical evidence on the computer

Computer forensics tasks include all of the following EXCEPT:

redundant hardware, software, and power supplies

Fault tolerant information systems offer 100 percent availability because they use:

deep packet inspection

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

Symmetric key encryption

In which method of encryption is a single encryption key sent to the receiver so both sender and receiver share the same key?

payload

Most computer viruses deliver a:

False

T/F: A computer virus replicates more quickly than a computer worm.

True

T/F: A computer worm is a program that can copy itself to other computers on the network

True

T/F: A computer worm is a program that can copy itself to other computers on the network.

True

T/F: A firewall is a combination of hardware and software that controls the flow of incoming and outgoing network traffic.

True

T/F: An acceptable use policy defines acceptable uses of the firm's information resources and computing equipment

True

T/F: Application proxy filtering examines the application content of packets.

True

T/F: Authentication refers to verifying that people are who they claim to be.

True

T/F: Biometric authentication uses systems that read and interpret individual human traits.

True

T/F: DoS attacks flood a network server with thousands of requests for service.

True

T/F: In cloud computing, accountability and responsibility for protection of sensitive data resides with the company owning the data

True

T/F: In public key encryption, the keys are mathematically related so that data encrypted with one key can be decrypted using only the other key.

False

T/F: Malicious software programs referred to as spyware include a variety of threats such as computer viruses, worms, and Trojan horses

False

T/F: Most IoT devices support sophisticated security approaches.

False

T/F: Organizations can use existing network security software to secure mobile devices.

True

T/F: Phishing is a form of spoofing.

True

T/F: SSL is a protocol used to establish a secure connection between two computers.

False

T/F: Smartphones do not have the same security flaws as other Internet-connected devices.

True

T/F: Sniffers enable hackers to steal proprietary information from anywhere on a network, including email messages, company files, and confidential reports.

True

T/F: Symmetric encryption uses one key.

True

T/F: The term cracker is used to identify a hacker with criminal or malicious intent.

False

T/F: Wireless networks are more difficult for hackers to gain access to because radio frequency bands are difficult to scan

True

T/F: Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.

DDoS

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n) ________ attack.

uses much longer encryption keys

WPA2 is a more effective way to secure a wireless network than WEP because it:

zero-day vulnerability

When a hacker discovers a security hole in software that is unknown to the software vendor, it is an example of:

identity theft

When hackers gain access to a database containing your personal private information, this is an example of:

An AUP

Which of the following defines acceptable uses of a firm's information resources and computing equipment?

Disaster recovery planning

Which of the following focuses primarily on the technical issues of keeping systems up and running?

Illegally accessing stored electronic communication

Which of the following is NOT an example of a computer used as a target of crime?

A file deleted from a hard disk

Which of the following is a type of ambient data?

User lack of knowledge

Which of the following is the single greatest cause of network security breaches?

Controls

Which of the following refers to all of the methods, policies, and organizational procedures that ensure the safety of the organization's assets, the accuracy and reliability of its accounting records, and operational adherence to management standards?

War driving

Which of the following refers to eavesdroppers driving by buildings or parking outside and trying to intercept wireless network traffic?

Security

Which of the following refers to policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems?

National Information Infrastructure Protection Act

Which of the following specifically makes malware distribution and hacker attacks to disable websites a federal crime?

Wi-Fi networks are not vulnerable to security breaches.

Which of the following statements about Internet security is NOT true?

It is not possible to make a smartphone part of a botnet.

Which of the following statements about botnets is NOT true?

Authentication cannot be established by the use of a password.

Which of the following statements about passwords is NOT true?

Application proxy filtering

Which of the following techniques stops data packets originating outside the organization, inspects them, and passes the packets to the other side of an organization's firewall?

Ransomware

________ is malware that hijacks a user's computer and demands payment in return for giving back access.

A keylogger

________ is spyware that logs and transmits everything a user types.

Intrusion detection systems

________ use scanning software to look for known problems such as bad passwords, the removal of important files, security attacks in progress, and system administration errors.

Evil Twins

bogus wireless network access points that look legitimate to users.

The HIPAA Act of 1996

outlines medical security and privacy rules.

Pharming

redirecting users to a fraudulent website even when the user has typed in the correct address in the web browser.

The Gramm-Leach-Bliley Act

requires financial institutions to ensure the security of customer data.

A Trojan horse

software that appears to be benign but does something other than expected.

A digital certificate system

uses third party CAs to validate a user's identity.

A digital certificate system

uses tokens to validate a user's identity


संबंधित स्टडी सेट्स

McCance Huether Pathophysiology Test 1

View Set

CH 7 - Positive Organizational Behavior and Psychological Capital

View Set

Earth and atmosphere lecture test two

View Set

Chapter 5 Excel Fill in the Blank

View Set

Entrepreneurship Small Business Exam 1 (Ch.2)

View Set