MANG3778 - Management Information Systems - Quiz 5
A business backs up all its data on backup tapes for _________
affordable, archival purposes where the data retrieval is not a common occurrence
_______________ refers to the identification of the user by the IT system.
authentification
A student using Moodle can only view grades and not change them. This is an example of system ___________________.
authorization
A clinic's medical records are securely stored. The system is down and users are unable to access the data. This is a problem with system _______________.
availability
A programming routine built into a system to bypass system security and enter the system is called a/an ___________________.
backdoor
Many high-end smartphones use a fingerprint scanner to authenticate users. This is an example of
biometric
Individuals with information technology skills who break into systems for malicious purposes such as extortion are termed ____________.
black hat hackers
Attacks on a information system often focus on poorly written code in the system. One common error is a _______ overflow, which occurs when a program mishandles excess data entered by the user and writes it in prohibited areas of computer memory.
buffer
Encryption is used to ensure IT system ______________
confidentiality
The case of the San Francisco network and Terry Childs shows the risk IT systems face from _____________.
disgruntled current employees
A business purchases a firewall to protect its network. The business can install it and it automatically protects the network.
false
A firewall is designed to protect the IT systems of the business in the event of a disaster, such as a fire.
false
Good user training helps protect a business from program backdoor exploits.
false
In the Target hacking case of Dec 2013, attackers acquired the data from a stolen laptop.
false
In the dispute (February 2016) between Apple and the FBI, the FBI wants Apple to hand over the password of the cell phone owner, accused of a terror attack.
false
Spyware programs are typically benign and merely present ads for many other sites.
false
The current (2016 Spring) version of Moodle uses two-factor authentication
false
The difference between a virus and a Trojan attack is that a virus is hidden within another program while the Trojan attack is open and direct.
false
The hackers who broke into Target's IT systems in Dec 2013 used very sophisticated hacking techniques.
false
A/An ______________ acts as a filter between a private network and external networks such as the internet.
firewall
______________ refers to the accuracy of information resources within an organization.
integrity
A /An _____________ looks for suspicious patterns of system access and use.
intrusion detection system
A ______________ is an attack in which the malicious code waits for a particular event or time before unleashing its malicious action.
logic bomb
One common location for a firewall is between an internal network (LAN) and an external network such as the
net
A business IT system is attacked and hackers enter the system. It is suspected that data may have been stolen and changed by the hackers. The system is shut down and needs to be completely restored. When the business faces such problems _______________.
outside specialists need to be brought in on short notice, and it is expensive to fix the problem.
A business grants privileges on email, accounts, and the website to an employee. The employee is terminated. A ______ process is designed to quickly and efficiently terminate these privileges.
revocation
A security problem is discovered in the code used in a company. The software vendor issues a _________________ to fix the problem.
security patches
A DBA goes on a two week vacation. The DBA posts this information on her Facebook account prior to departure and provides daily updates of the vacation. This opens up the business to a _________________.
social engineering attack
A business website experiences a Denial of Service attack. This does not introduce spyware into our website.
true
A long password is more secure than a short password.
true
A poorly written firewall rule can stop all traffic coming into the business network.
true
Good security training for users helps control/limit social engineering attacks.
true
Many social engineering attacks use password guessing approaches since users often create passwords based on terms with a personal connection such as a birth date.
true
Personal information about employees and customers is a critical information asset of the business.
true
There are many more script kiddies than white hat hackers.
true
When a firewall drops a packet it means that the packet has been blocked from entering/leaving the network
true
A UPS (____________ power supply) provides backup power for computer and networking hardware.
uninterruptible
_______ are used for penetration testing by a business.
white hat hackers
A ____________ travels from computer to computer in a network and consumes resources but does not usually erase data.
worm
A hacker group announces they have discovered a security flaw in a program. Malware writers create code to exploit this hole immediately. This creates a ______ vulnerability.
zeroday