CIS314 Chapter 8 Questions
A salesperson clicks repeatedly on the online ads of a competitor in order to drive the competitor's advertising costs up. This is an example of: pharming. click fraud. spoofing. evil twins. phishing.
Click Fraud
Which of the following is the most common type of electronic evidence? VOIP data Voice-mail Instant messages E-mail Spreadsheets
The Apple iOS platform is the mobile platform most frequently targeted by hackers. True False
False
Wireless networks are more difficult for hackers to gain access too because radio frequency bands are difficult to scan. True False
False
The dispersed nature of cloud computing makes it difficult to track unauthorized access. True False
True
Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years. True False
True
The intentional defacement or destruction of a website is called: phishing. spoofing. cyberwarfare. pharming. cybervandalism.
Cybervandalism
________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access, change, or destruction while they are in use or in storage. Input Implementation Data security Software Administrative
Data Security
A computer virus replicates more quickly than a computer worm. True False
False
DoS attacks are used to destroy information and access restricted areas of a company's information system. True False
False
Most IoT devices support sophisticated security approaches. True False
False
Packet filtering catches most types of network attacks. True False
False
A Trojan horse: is software that appears to be benign but does something other than expected. is a virus that replicates quickly. is a type of sniffer used to infiltrate corporate networks. installs spyware on users' computers. is malware named for a breed of fast-moving Near-Eastern horses.
Is software that appears to be benign but does something other than expected
The HIPAA Act of 1996: outlines medical security and privacy rules. requires financial institutions to ensure the security of customer data. identifies computer abuse as a crime and defines abusive activities. specifies best practices in information systems security and control. imposes responsibility on companies and management to safeguard the accuracy of financial information.
Outlines medical security and privacy rules
Which of the following refers to policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems? Algorithms Benchmarking Identity management Controls Security
Security
Authentication refers to verifying that a person is who he or she claims to be. True False
True
NAT conceals the IP addresses of the organization's internal host computers to deter sniffer programs. True False
True
Public key encryption uses two keys. True False
True
An authentication system in which a user must provide two types of identification, such as a bank card and PIN, is called: biometric authentication. token authentication. smart card authentication. symmetric key authorization. two-factor authentication.
Two factor Authentification
Computer forensics tasks include all of the following except: securely storing recovered electronic data. presenting collected evidence in a court of law. finding significant information in a large volume of electronic data. collecting physical evidence on the computer. recovering data from computers while preserving evidential integrity.
Collecting physical evidence on the computer
Pharming involves: redirecting users to a fraudulent website even when the user has typed in the correct address in the web browser. pretending to be a legitimate business's representative in order to garner information about a security system. setting up fake Wi-Fi access points that look as if they are legitimate public networks. setting up fake website to ask users for confidential information. using e-mails for threats or harassment.
Redirecting users to a fraudulent...
The Gramm-Leach-Bliley Act: requires financial institutions to ensure the security of customer data. identifies computer abuse as a crime and defines abusive activities. imposes responsibility on companies and management to safeguard the accuracy of financial information. outlines medical security and privacy rules. specifies best practices in information systems security and control.
Requires financial institutions to ensure the security of customer data
An analysis of an information system that rates the likelihood of a security incident occurring and its cost would be included in which of the following? Security policy AUP Business impact analysis Business continuity plan Risk assessment
Risk Assessment
