CIS Exam 2

Which of the following are tips for dealing with Fake News?

Check the sources, Install a browser plug-in to expose fake news and authenticated news, Be critical of unrealistic photos, Check and re-check the URL

What is a separate facility that does not have any computer equipment but is a place where employees can move after a disaster?

Cold site

What is the assurance that messages and information remain available only to those authorized to view them?

Confidentiality

Business ____________ planning details how a company recovers and restores critical business operations and systems after a disaster or extended disruption.

Continuity

__________ is the legal protection afforded an expression of an idea, such as a song, book, or video game.

Copyright

What is software that is manufactured to look like the real thing and sold as such?

Counterfeit Software

What is a detailed process for recovering information or a system in the event of a catastrophic disaster?

Disaster recovery plan

________ are the principles and standards that guide our behavior toward other people.

Ethics

What is a separate and fully equipped facility where the company can move immediately after a disaster and resume business?

Hot site

Which of the following statements about cybersecurity are true?

-If there is a vulnerability it will be exploited. No Exceptions -Humans trust even when they shouldn't. -Everything is vulnerable in some way. -Innovation creates new opportunity for exploitation.

_______ is the right to be left alone when you want to be, to have control over your personal possessions, and not to be observed without your consent.

Privacy

Information _________ is an ethical issue that focuses on who owns information about individuals and how information can be sold and exchanged.

Property

What uses two keys: a public key that everyone can have and a private key for only the recipient?

Public key encryption

Information ________ is the category of computer security that addresses the protection of data from unauthorized disclosure and confirmation of data source authenticity.

Secrecy

Information __________ is the category of computer security that addresses the protection of data from unauthorized disclosure and confirmation of data source authenticity.

Secrecy

What is the tool that consists of lines of code (in contrast to a graphical design) for answering questions against a database?

Structured query language

Authentication

A method for confirming the identity of a computer user

____________ is a method for confirming users' identities.

Authentication

___________ is the process of providing a user with permission including access levels and abilities such as file access, hours of access, and amount of allocated storage space.

Authorization

Which of the following are part of the CIA Triad?

Availability, Confidentiality, Integrity

What is an exact copy of a system's information?

Backup

List the three primary elements of an information MIS infrastructure.

Backup and recovery plan Business continuity plan Disaster recovery plan

Which of the following describes the difference between backup and recovery?

Backup is an exact copy of a system's information, whereas recovery is the ability to get a system up and running in the event of a system crash or failure.

What is the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting?

Biometrics

Which of the following types of damage are caused by cybercrime attack on an organization?

-Reputation -Compromise Health of Patients and Customers -Compromise Physical safety of Employees -Cost to recover

Digital Ledger

A bookkeeping list of assets (money, property, ideas...), identified ownership, and transactions that record the transfer of ownership among participants.

Astroturfing

A deceptive tactic of simulating grassroots support for a product, cause, etc., undertaken by people or organizations with an interest in shaping public opinion

Disaster Recovery Plan

A detailed process for recovering information or a system in the event of a catastrophic disaster

Hash

A function that converts an input (a record, message or file) into a unique encrypted output of a fixed length.

One-way encryption

A hash function that generates a digital fingerprint of a message is an example of this

Proof-of-Work

A requirement to define an expensive computer calculation that needs to be performed in order to create a new group of blocks on a distributed blockchain.

Authorization

Accomplished using abilities such as file access, hours of access and amount of allocated storage space

Authentication

Accomplished using passwords, biometrics, and tokens

Asymetric key encryption

Allows people to exchange secret messages without ever having met to exchange a key

What is the primary difference between an entity and an attribute?

An entity (also known as a table) stores information about people, places, or events, whereas an attribute is a column or specific field of the data elements associated with an entity.

Deepfake

An image or recording that has been convincingly altered and manipulated to misrepresent someone as doing or saying something that was not actually done or said

What are the data elements associated with an entity?

Attributes

Select the three terms for the data elements associated with an entity.

Attributes Columns Fields

What is the smallest or basic unit of data?

Data element

Select a term that is a synonym for data element, the smallest or basic unit of data in a database.

Data field

What is a measure of the quality of data?

Data integrity

What is the duplication of data, or the storage of the same data in multiple places?

Data redundancy

To _________ information is to decode it and is the opposite of encrypt.

Decrypt

Business Continuity Plan

Details how a company recovers and restores critical business operations and systems after a disaster or extended disruption

________ rights management is a technological solution that allows publishers to control their digital media to discourage, limit, or prevent illegal copying and distribution.

Digital

Select the statement that accurately defines the relationship between entities and attributes in a relational database.

Each attribute of an entity occupies a separate column of a table.

__________ scrambles information into an alternative form that requires a key or password to decrypt.

Encryption

Asymetric key encryption

Encryption that uses a pair of keys, one called a public key and the other a private key

___________ occurs when the primary machine recovers and resumes operations, taking over from the secondary server.

Failback

What occurs when a redundant storage server offers an exact replica of the real-time data, and if the primary server crashes, the users are automatically directed to the secondary server or backup server?

Failover

What is the ability for a system to respond to unexpected failures or system crashes as the backup system immediately and automatically takes over with no loss of service?

Fault tolerance

Which of the following help contribute to filter bubbles for users on the Internet

Search history, Location, Past click behavior, Type of computer

Select the three accurate statements reflecting the business advantages of a relational database

Increased data integrity Reduced data redundancy Increased data security

____________ ethics govern the ethical and moral issues arising from the development and use of information technologies, as well as the creation, collection, duplication, distribution, and processing of information itself.

Information

What is the act of conforming, acquiescing, or yielding information?

Information Compliance

What is a method or system of government for information management or control?

Information Governance

What examines the organizational resource of information and regulates its definitions, uses, value, and distribution ensuring it has the types of data/information required to function and grow effectively?

Information Management

What is the category of computer security that addresses the protection of data from unauthorized disclosure and confirmation of data source authenticity?

Information secrecy

What is intangible creative work that is embodied in physical form and includes copyrights, trademarks, and patents?

Intellectual Property

Which of the following are characteristics of Integrity?

Involves maintaining data accuracy Involves maintaining data consistency Is safeguarded by Checksums (hash values) Applies to data during its entire life within an information system

_________ provides details about data.

Metadata

Fake News

Misleading information about events or situations designed to promote a narrative

Select the four key areas of technology recovery strategies.

Networking Software Hardware Data center

What is a string of alphanumeric characters used to authenticate a user and provide access to a system?

Password

What is an exclusive right to make, use, and sell an invention and is granted by a government to the inventor?

Patent

What reroutes requests for legitimate websites to false websites?

Pharming

__________ is a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent emails that look as though they came from legitimate businesses.

Phishing

_________ software is the unauthorized use, duplication, distribution, or sale of copyrighted software.

Pirated Software

What is the ability to get a system up and running in the event of a system crash or failure that includes restoring the information backup?

Recovery

Multifactor authentication

Requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (biometric verification). Requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (biometric verification).

Two-factor authentication

Requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token).

Select three categories of authentication and authorization.

Something that is part of the user, such as a fingerprint or voice signature. Something the user knows, such as a user ID and password. Something the user has, such as a smart card or token.

What occurs when the ability of a company to operate is impaired because of a hardware, software, or data outage?

Technology failure

Immutability

The ability for a set of data to remain permanent, indelible, and unalterable.

Which of the following are examples of metadata?

The date a photograph was taken. The duration of a phone call. The hash of a financial transaction.

Authorization

The process of providing a user with permission to manipulate and use information within a system

Authorization

The process of providing a user with permission to see information within a system

Single-factor authentication

The traditional security process, which requires a username and password.

_________ are small electronic devices that change user passwords automatically.

Tokens

Symetric key encryption

Using the same key to encrypt and decrypt a message

What is a separate facility with computer equipment that requires installation and configuration?

Warm site

Select the statement below that accurately reflects a database.

While a database has only one physical view, it can easily support multiple logical views that provides for flexibility.

Intrusion __________ software features full-time monitoring tools that search for patterns in network traffic to identify intruders.

detection

By issuing concert tickets on the blockchain, fans can verify transfer of ownership from one digital wallet to another, rather than worrying whether the PDF (or paper) ticket they received was sold to 10 other people. This is an example of how blockchain solves the ____________ problem.

double-spend

What is a broad administrative area that deals with identifying individuals in a system (such as a country, a network, or an enterprise) and controlling their access to resources within that system by associating user rights and restrictions with the established identity?

identity management

One primary goal of a database is to eliminate data redundancy by recording each piece of data in _______ place(s) in the database.

only one

Which of the following are examples of integrity constraints?

prevent ordering zero pounds of raw materials from a supplier prevent a negative markup percentage prevent the creation of an order for a nonexistant customer ensure formatting includes decimal positions

A(n) __________ query language asks users to write lines of code to answer questions against a database.

structured