mis chapter 7
How does conducting an inventory of where its critical data is stored most help a business to minimize the damage from natural disasters? More than one answer may be correct.
It helps to ensure geographic data redundancy. It helps with retrieving data immediately after a disaster.
When should an organization answer the question "Is this the highest priority security risk?"
before determining security strategy
Which of the following statements best illustrates why a rootkit is described as creating a back door
Like an intruder coming through a back door, a rootkit allows an unknown user into an operating system
Which of the following is an example of an event that may occur during the protect stage of the plan-protect-respond cycle? More than one answer may be correct.
Provide employees with information regarding the specific types of security threats their organization faces. Make sure resources are protected through routine maintenance. Limit remote access to sensitive data.
Why is it important to preserve the integrity of data, information, and systems?
These assets lose their usefulness and value if their consistency, accuracy, or dependability is compromised.
A university's network was severely compromised by a systemwide attack that made accessing records impossible. All files were encrypted and the tech team didn't have the key. Administrators received what was essentially a ransom note: the network would be restored after they paid a million dollars to an unknown actor. Which factors most strongly influenced university administrators' decision whether or not to comply? More than one answer may be correct.
Whether the university's tech support team could decrypt the files themselves. Whether law enforcement could be identified and force the bad actor to decrypt the files.
Which of the following is an example of a tool that could be used to ensure data integrity? More than one answer may be correct.
backing up data to separate servers or to the cloud checksums are used to detect errors that are introduced during transmission or storage
spywares basic function is to
capture the users account data, keystrokes, passwords and more
A ________ deliberately modifies the normal operations of a computer or network through the use of malicious code
cyber attack
how does a firewall work
it determines what internet traffic can enter and elave a network or computer
What are keystroke loggers? More than one answer may be correct.
key loggers can be hardware devices and software applications they can record passwords and confidential information organizations often install to monitor user behavior
What methods are used to launch a ransomware attack? More than one answer may be correct.
phishing, trojan horse
Malware that encrypts a computer's data, forcing the victim to purchase a decryption code, is called
ransomware. payware. software piracy.. cryptoware.
A corporation that was recently the victim of hacking that was caused by a high-level employee falling for a phishing scheme institutes a required, annual, self-paced training module that alerts employees to the most common recent phishing attacks. The institution of this new training requirement represents which phase of the plan-protect-respond cycle?
respond
Sharing infected files and opening an infected email attachment are ways digital device users
spread computer viruses
Why do organizations need to determine their highest priority security risk? More than one answer may be correct.
they may not have the resources to protect all of their data the level of protection may be determined by the priority level
What is the purpose of social engineering in conjunction with ransomware?
tricks victims into allowing access to data
Which type of cybersecurity breach can cause the most damage to an organization's systems, data, and information?
viruses
In which situation should the origin of information be authenticated to protect data integrity?
when electronic votes are submitted during an election
ransomware is typically introduced into a network by a ________ and to an individual computer by a Trojan horse
worm
