MIS Chapter 8 Quiz
A computer virus replicates more quickly than a computer worm.
False
An acceptable use policy defines the acceptable level of access to information assets for different users.
False
Which of the following refers to policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems?
Security
Viruses can be spread through e-mail.
True
Which of the following statements about wireless security is not true?
Bluetooth is the only wireless technology that is not susceptible to hacking by eavesdroppers.
Which of the following focuses primarily on the technical issues of keeping systems up and running?
Disaster recovery planning
DoS attacks are used to destroy information and access restricted areas of a company's information system.
False
Malicious software programs referred to as spyware include a variety of threats such as computer viruses, worms, and Trojan horses.
False
________ is malware that hijacks a user's computer and demands payment in return for giving back access.
Ransomware
Authentication refers to verifying that a person is who he or she claims to be.
True
Which of the following statements about Internet security is not true?
VoIP is more secure than the switched voice network
A foreign country attempting to access government networks in order to disable a national power grid is an example of:
cyberwarfare
________ is malware that logs and transmits everything a user types.
A keylogger
Biometric authentication is the use of personal, biographic details such as the high school you attended and the first street you lived on to provide identification.
False
________ is a crime in which an imposter obtains key pieces of personal information to impersonate someone else.
Identity theft
________ identify the access points in a Wi-Fi network.
SSIDs
NAT conceals the IP addresses of the organization's internal host computers to deter sniffer programs.
True
One form of spoofing involves forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender.
True
Smartphones have the same security flaws as other Internet-connected devices.
True
Sniffers enable hackers to steal proprietary information from anywhere on a network, including e-mail messages, company files, and confidential reports.
True
Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems.
UTM
Which of the following is the single greatest cause of network security breaches?
User lack of knowledge
Which of the following is an example of a keylogger?
Zeus
All of the following are types of information systems general controls except:
application controls.
All of the following are currently being used as traits that can be profiled by biometric authentication except:
body odor.
A salesperson clicks repeatedly on the online ads of a competitor in order to drive the competitor's advertising costs up. This is an example of:
click fraud.
Computer forensics tasks include all of the following except:
collecting physical evidence on the computer.
A firewall allows the organization to:
enforce a security policy on data exchanged between its network and the Internet.
An authentication token is a(n):
gadget that displays passcodes
The Sarbanes-Oxley Act:
imposes responsibility on companies and management to safeguard the accuracy of financial information.
A Trojan horse:
is software that appears to be benign but does something other than expected.
The HIPAA Act of 1996:
outlines medical security and privacy rules.
Pharming involves:
redirecting users to a fraudulent website even when the user has typed in the correct address in the web browser.
All of the following are specific security challenges that threaten corporate servers in a client/server environment except:
sniffing
Tricking employees into revealing their passwords by pretending to be a legitimate member of a company is called:
social engineering.
All of the following have contributed to an increase in software flaws except:
the increase in malicious intruders seeking system access.
An authentication system in which a user must provide two types of identification, such as a bank card and PIN, is called:
two-factor authentication.
A digital certificate system:
uses third-party CAs to validate a user's identity.