ethics in technology chapter 1
The _____ ensures that people only have access to the information they need to do their jobs. A.Principle of least privilege. B.Access control. C.Principle of availability D.Principle of confidentiality.
A.Principle of least privilege.
An Intrusion Detection System (IDS) can be used to detect cases of unauthorized access or attempted access to confidential data. Which type of cyber attack is detected by an IDS? A.Phishing B.Brute force C.Man-in-the-Middle D.VPN
B.Brute force
On the staff of Kumquat Computing, Inc. - Jared's main task is to protect the confidentiality of a customer database which is kept on a LAN in the lobby and waiting rooms. Tyrone's main task is to protect the confidentiality of client files which are stored in the cloud. Which is true of Jared's and Tyrone's main tasks? A.Both Jared and Tyrone are doing information security and cybersecurity. B.Jared is doing information security. Tyrone is doing both information security and cybersecurity. C.Jared is doing information security only. Tyrone is doing cybersecurity only. D.Both Jared and Tyrone are doing information security. Neither of them is doing cybersecurity.
B.Jared is doing information security. Tyrone is doing both information security and cybersecurity.
What was the name of the cryptographic rotor machine used by the Germans in World War II? A.The Diffie-Hellman machine B.The Enigma machine C.The da Vinci encoder D.The Substitution cipher
B.The Enigma machine
What would be an example of a violation of the principle of confidentiality? A.Financial records being altered. B.Stealing records from a company. C. An employee accessing a payroll database to find out how much others are paid. D.A file server going down.
C. An employee accessing a payroll database to find out how much others are paid.
_____ refers to the process of making sure only those who are entitled to information can access it? A.Confidentiality. B. Integrity. C.Information security. D.Principle of least privilege.
C.Information security.
What is an example of the principle of availability? A.Keeping file cabinets under lock and key. B.Making documents confidential. C.Keeping backups of important files. D.Shredding sensitive documents after they're not needed.
C.Keeping backups of important files.
What is the 'key exchange' problem in modern information security? A.There are too many encryption keys to keep track of. B.The encryption key is to complicated to calculate. C.Two parties need to privately share the secret encryption key before communicating. D.Encryption keys are too long.
C.Two parties need to privately share the secret encryption key before communicating.
You have just intercepted the following message from Caesar: L ORYH FOHRSDWUD. Can you guess what shift was used to encode the message? A.15 B.1 C.7 D.3
D.3
What is a one-way function in cryptography? A.A mathematical combination of keys that is difficult to create, but easy to undo. B.A mathematical combination of keys that is difficult to create, and difficult to undo. C.A mathematical combination of keys that is easy to create, and easy to undo. D.A mathematical combination of keys that is easy to create, but difficult to undo.
D.A mathematical combination of keys that is easy to create, but difficult to undo.
What is NOT an example of physical security? A.Requiring employee IDs to enter the premises. B. Keeping files under lock and key. C.Shredding documents. D.Encrypting email messages.
D.Encrypting email messages.
Encrypt the following message using a Caesar cipher with a shift of 7: ET TU BRUTE A.YN NO VLONY B. KZ ZA HXAZK C.XM MN UKNMX D.LA AB IYBAL
D.LA AB IYBAL
Annabelle, the CEO of Kumquat Computing, Inc., emails her vice president, Roland, to discuss an upcoming merger. Evelyn intercepts the email and changes the content of the message, altering the proposed terms of the merger, before Roland sees it. Which of these is true? a.This describes a Phishing attack. Roland will probably NOT realize the email was tampered with b.This describes a Phishing attack. Roland will probably realize that the email was tampered with. c.This describes a Man-in-the-Middle attack. Roland will probably NOT realize that the email was tampered with. d.This describes a Man-in-the-Middle attack. Roland will probably realize that that the email was tampered with.
c.This describes a Man-in-the-Middle attack. Roland will probably NOT realize that the email was tampered with.
Ransomware is a malicious program that can encrypt intercepted data. The attacker controlling the software can demand a ransom before allowing the data to be decrypted, rendering it useless until the price is paid. Which of the following is TRUE about ransomware? a.Using a VPN to exchange information prevents it from being encrypted, making ransomware attacks impossible. b.Defining a password security policy will prevent system infection with ransomware. c.Up-to-date antivirus software will effectively prevent all possible ransomware attacks. d.Ransomware is a type of malware.
d.Ransomware is a type of malware.