MINF 3650 Ch.8 Warm up
Which of the following mandates that financial services firms ensure security and confidentiality of customer data? A. Gramm-Leach-Bliley Act B. Patriot Act C. FICO Act D. Sarbanes-Oxley Act E. HIPAA Act
A. Gramm-Leach-Bliley Act
Which wireless security concern involves eavesdroppers parking outside buildings to intercept wireless network traffic? A. War driving B. Battle driving C. Trojan horse D. Phishing E. Drive listening
A. War driving
Which of the following is used by a computer that reads and interprets fingerprints to grant access? A. A token B. Password protection C. Credit authentication D. Biometric authentication E. A smart card
D. Biometric authentication
Which of the following is used by firms to determine the priority of data so that important data is sent more quickly than less important data? A. Public key infrastructure B. Managed security service providers C. Cloud coordination D. Deep packet inspections E. Traffic allocation managers
D. Deep packet inspections
If your financial institution shares your financial records without your permission, this is considered a ________________ violation. A. FERPA B. Fair Information Practice C. HIPAA D. Gramm-Leach-Bliley Act E. Sarbanes-Oxley
D. Gramm-Leach-Bliley Act
Which of the following outlines medical security and privacy rules and procedures for simplifying the administration of health care billing and automating the transfer of health care data? A. Patriot Act B. Sarbanes-Oxley Act C. Gramm-Leach-Bliley Act D. HIPAA Act E. FICO Act
D. HIPAA Act
A(n) ______________ specifically addresses plans for power outages, floods, fire, and other calamities. A. attack plan B. identity management C. acceptable use policy D. disaster recovery plan E. risk assessment
D. disaster recovery plan
One authentication technology that is about the size of a credit card and contains a chip containing access permission is called ___________________. A. a smart card B. a token C. a password D. credit authentication E. biometric authentication
A. a smart card
Question Help A(n) _________________ policy would indicate if you are able to use your work computer to access social media websites. A. acceptable use B. disaster recovery plan C. security D. risk assessment E. identity management
A. acceptable use
In addition to developing a policy for restoring computer and communication services, some companies go a step further with _____, which focuses on how to get the business operations up and running again after a disaster. A. business continuity planning B. disaster recovery planning C. a mirror server D. an information system audit E. a hot site
A. business continuity planning
In the 2016 U.S. presidential campaign, systems in Hillary Clinton's campaign were attacked by hackers who used ___________ to obtain passwords. A. phishing B. a sniffing campaign C. viruses D. software patches E. fake servers
A. phishing
Security in an information systems context refers to ___________________________, which are used to prevent unauthorized access or theft. A. processing, access, and confidentially B. policies, procedures, and technical measures C. policies and procedures only D. policies only E. hardware, software, and technical measures
B. policies, procedures, and technical measures
According to information provided in this video, any business with an online presence is at risk of all of the following EXCEPT _____. A. unauthorized data disclosure B. poor customer service C. a denial-of-service attack D. exposure to hacker activity E. the loss of customer data
B. poor customer service
In this video, Agent Macey explains how a _____ pretends to be a legitimate company and sends emails requesting users to update their confidential information such as passwords or account numbers. A. sniffer B. spoofer C. keylogger D. worm E. hacker
B. spoofer
Public key encryption uses __________________. A. one public and two private keys B. one key C two public keys D. one public and one private key E. three private keys
D. one public and one private key
What is Secure Hypertext Transfer Protocol? A. The transfer of data over secure private lines B. The use of VPN to transfer data between two devices C. A protocol for encrypting individual messages transferred over the Internet D. A protocol for wired data transfer E. A protocol for wireless data transfer
C. A protocol for encrypting individual messages transferred over the Internet
Which of the following involves botnets deliberately moving through online ads and leads to higher marketing costs? A. Spoofing B. Ad fad C. Click fraud D. War driving E. Trojan horses
C. Click fraud
If your doctor shares your medical records without your permission, this is considered a ________________ violation. A. Gramm-Leach-Bliley B. FERPA C. HIPAA D. Sarbanes-Oxley E. S-HTTP
C. HIPAA
________ check for data entering a system for accuracy and completeness, such as when a clerk confirms a telephone number for a new customer. A. Processing controls B. General controls C. Input controls D. Manual controls E. Application controls
C. Input controls
Which of the following best describes pharming? A. Hiding program code defects in software B. Flooding a network or web server with thousands of false communication requests C. Redirecting users to a phony web page, even when the correct URL is typed in D. Recruiting customers online E. Hacking into an online pharmacy
C. Redirecting users to a phony web page, even when the correct URL is typed in
__________________ was created as a result of financial scandals such as Enron and WorldCom. A. Gramm-Leach-Bliley Act B. FIP C. Sarbanes-Oxley D. HIPAA E. FERPA
C. Sarbanes-Oxley
Using a combination of hardware and software, _______ are able to control incoming and outgoing data on a network. A. malware systems B. VPNs C. firewalls D. netbots E. data control sensors
C. firewalls
Application controls can be classified as _____ controls, _______controls, and ________ controls. A. gateway; password; biometric B. password; processing; output C. input; processing; output D. password; biometric; digital E. IP address; router; password
C. input; processing; output
According to Agent Macey, the Secret Service has responded to network intrusions at businesses throughout the United States that have been impacted by _____ through their point-of-sale systems. A. spam B. data recovery failures C. malware D. spoofers E. unauthorized wireless traffic
C. malware
Based on the information provided in this video, which of the following usually happens in a denial-of-service attack? A. A hacker deceives a customer by pretending to be a company representative. B. A hacker uses unauthorized programs to break into a computer system and steal data. C. A hacker implements a computer worm to exploit an operating system vulnerability. D.A hacker floods a Web server with so many requests that it becomes unavailable to intended users. E. A hacker monitors and intercepts wireless traffic.
D.A hacker floods a Web server with so many requests that it becomes unavailable to intended users.
Which of the following involves collecting and maintaining data in such a way that the information can be used as evidence in a court of law? A. Business intelligence B. Business analytics C. Data warehousing D. Computer analysis E. Computer forensics
E. Computer forensics
Because so many Web pages use databases, _____ is a major malware threat since poorly coded Web application software is vulnerable. A. spoofing B. spyware C. war driving D. a Trojan horse E. an SQL injection attack
E. an SQL injection attack
According to Agent Macey, the single largest threat to the Internet is _____. A. spoofing B. phishing C. malware implemented through fraudulent pop-up ads D. sniffing E. denial-of-service attacks
E. denial-of-service attacks
A(n) _________________ policy identifies and ranks information risks and goals. A. identity management B. business continuity plan C. acceptable use D. risk assessment E. security
E. security
Video Questions
Video Questions
