MIS Chapter 8 Practice Exam
enforce a security policy on data exchanged between its network and the internet
A firewall allows the organization to:
cyberwarfare
A foreign country attempting to access government networks in order to disable a national power grid would be an example of
spyware
A keylogger is a type of:
war driving
A practice in which eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic is referred to as:
click fraud
A salesperson clicks repeatedly on the online ads of a competitor's in order to drive the competitor's advertising costs up. This is an example of
body odor
All of the following are currently being used as traits that can be profiled by biometric authentication except:
application controls
All of the following are types of information systems general controls except
is a device that displays passcodes
An authentication token:
setting up a fake medical Web site that asks users for confidential information.
An example of phishing is
worm
An independent computer program that copies itself from one computer to another over a network is called a
risk assessment
Analysis of an information system that rates the likelihood of a security incident occurring and its cost is included in a(n)
can be classified as input controls, processing controls, and output controls
Application controls
UTM
Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems.
collecting physical evidence on the computer.
Computer forensics tasks include all of the following except:
SSL, TLS, and S-HTTP
Currently, the protocols used for secure information transfer over the Internet are
bogus wireless network access points that look legitimate to users
Evil twins are:
deep packet inspection
In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data
symmetric key encryption
In which method of encryption is a single encryption key sent to the receiver so both sender and receiver share the same key?
payload
Most computer viruses deliver a:
redirecting users to a fraudulent website even when the user has typed in the correct address in the web browser
Pharming involves
spoofing
Phishing is a form of:
spoofing
Redirecting a Web link to a different address is a form of
requires financial institutions to ensure the security of customer data.
The Gramm-Leach-Bliley Act
outlines medical security and privacy rules
The HIPAA Act of 1996:
imposes responsibility on companies and management to safeguard the accuracy of financial information
The Sarbanes-Oxley Act:
The most common type of electronic evidence is:
social engineering
Tricking employees to reveal their passwords by pretending to be a legitimate member of a company is called
DDoS
Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n) __________ attack
An AUP
Which of the following defines acceptable uses of a firm's information resources and computing equipment?
Disaster recovery planning
Which of the following focuses primarily on the technical issues of keeping systems up and running?
a file deleted from a hard disk
Which of the following is a type of ambient data?
illegally accessing stored electronic communication
Which of the following is not an example of a computer used as a target of crime?
breaching the confidentiality of protected computerized data
Which of the following is not an example of a computer used as an instrument of crime?
"Controls"
Which of the following refers to all of the methods, policies, and organizational procedures that ensure the safety of the organization's assets, the accuracy and reliability of its accounting records, and operational adherence to management standards?
National Information Infrastructure Protection Act
Which of the following specifically makes malware distribution and hacker attacks to disable websites a federal crime?
WPA2
Which of the following specifications replaced WEP with a stronger security standard that features changing encryption keys?
It is not possible to make a smartphone part of a botnet.
Which of the following statements about botnets is not true?
VoIP is more secure than the switched voice network
Which of the following statements about internet security is not true?
Authentication cannot be established by the use of a password
Which of the following statements about passwords is not true?
Data security
________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access, change, or destruction while they are in use or in storage.
"Security"
________ refers to policies, procedures, and technical measures used to prevent unauthorized access, alternation, theft, or physical damage to information systems.
Identity theft
____________ is a crime in which an imposter obtains key pieces of personal information to impersonate someone else
SSIDs
_____________ identify the access points in a Wi-Fi network
