Question 1

A salesperson clicks repeatedly on the online ads of a competitor in order to drive the competitor's advertising costs up.This is an example of:

Accepted Answer

A) phishing. 
B) pharming. 
C) spoofing. 
D) evil twins. 
E) click fraud. 
A) phishing. 
B) pharming. 
C) spoofing. 
D) evil twins. 
E) click fraud. E

Question 2

Which of the following defines acceptable uses of a firm's information resources and computing equipment?

Accepted Answer

A) An information systems audit policy 
B) A CA policy 
C) A MSSP 
D) A UTM system 
E) An AUP 
A) An information systems audit policy 
B) A CA policy 
C) A MSSP 
D) A UTM system 
E) An AUP E

Question 3

Which of the following refers to all of the methods,policies,and organizational procedures that ensure the safety of the organization's assets,the accuracy and reliability of its accounting records,and operational adherence to management standards?

Accepted Answer

A) Legacy systems 
B) SSID standards 
C) Vulnerabilities 
D) Security policy 
E) Controls 
A) Legacy systems 
B) SSID standards 
C) Vulnerabilities 
D) Security policy 
E) Controls E

Question 4

Which of the following statements about Internet security is not true?

Accepted Answer

A) The use of P2P networks can expose a corporate computer to outsiders. 
B) A corporate network without access to the Internet is more secure than one that provides access. 
C) VoIP is more secure than the switched voice network. 
D) Instant messaging can provide hackers access to an otherwise secure network. 
E) Smartphones have the same security weaknesses as other Internet devices. 
A) The use of P2P networks can expose a corporate computer to outsiders. 
B) A corporate network without access to the Internet is more secure than one that provides access. 
C) VoIP is more secure than the switched voice network. 
D) Instant messaging can provide hackers access to an otherwise secure network. 
E) Smartphones have the same security weaknesses as other Internet devices.

Question 5

NAT conceals the IP addresses of the organization's internal host computers to deter sniffer programs.

Accepted Answer

A) True 
 B)False

Question 6

You have just been hired as a security consultant by MegaMalls Inc. ,a chain of retail malls,to make sure that the security of their information systems is up to par.Outline the steps you will take to achieve this.

Accepted Answer

To ensure that the security of MegaMalls

Question 7

All of the following are currently being used as traits that can be profiled by biometric authentication except:

Accepted Answer

A) fingerprints. 
B) facial characteristics. 
C) body odor. 
D) retinal images. 
E) voice. 
A) fingerprints. 
B) facial characteristics. 
C) body odor. 
D) retinal images. 
E) voice.

Question 8

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n)________ attack.

Accepted Answer

A) DDoS 
B) DoS 
C) SQL injection 
D) phishing 
E) botnet 
A) DDoS 
B) DoS 
C) SQL injection 
D) phishing 
E) botnet

Question 9

Explain how an SQL injection attack works and what types of systems are vulnerable to this type of attack.

Accepted Answer

SQL injection attacks take advantage of

Question 10

Three major concerns of system builders and users are disaster,security,and human error.Of the three,which do you think is most difficult to deal with? Why?

Accepted Answer

Student answers will vary.Example answer

Question 11

In controlling network traffic to minimize slow-downs,a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

Accepted Answer

A) high availability computing 
B) deep packet inspection 
C) application proxy filtering 
D) stateful inspection 
E) unified threat management 
A) high availability computing 
B) deep packet inspection 
C) application proxy filtering 
D) stateful inspection 
E) unified threat management

Question 12

An authentication system in which a user must provide two types of identification,such as a bank card and PIN,is called:

Accepted Answer

A) smart card authentication. 
B) biometric authentication. 
C) two-factor authentication. 
D) symmetric key authorization. 
E) token authentication. 
A) smart card authentication. 
B) biometric authentication. 
C) two-factor authentication. 
D) symmetric key authorization. 
E) token authentication.

Question 13

Which of the following specifications replaced WEP with a stronger security standard that features changing encryption keys?

Accepted Answer

A) TLS 
B) AUP 
C) VPN 
D) WPA2 
E) UTM 
A) TLS 
B) AUP 
C) VPN 
D) WPA2 
E) UTM

Question 14

Malicious software programs referred to as spyware include a variety of threats such as computer viruses,worms,and Trojan horses.

Accepted Answer

A) True 
 B)False

Question 15

Your company,an online discount pet supply store,has calculated that a loss of Internet connectivity for 3 hours results in a potential loss of $2,000 to $3,000 and that there is a 50% chance of this occurring each year.What is the annual expected loss from this exposure?

Accepted Answer

A) $500 
B) $1,000 
C) $1,250 
D) $1,500 
E) $2,500 
A) $500 
B) $1,000 
C) $1,250 
D) $1,500 
E) $2,500

Question 16

All of the following are specific security challenges that threaten corporate systems in a client/server environment except:

Accepted Answer

A) theft of data. 
B) copying of data. 
C) alteration of data. 
D) radiation. 
E) hardware failure. 
A) theft of data. 
B) copying of data. 
C) alteration of data. 
D) radiation. 
E) hardware failure.

Question 17

According to Ponemon Institute's 2015 Annual Cost of Cyber Crime Study,the average annualized cost of cybercrime for companies in the United States was approximately:

Accepted Answer

A) $1.5 million. 
B) $15 million. 
C) $150 million. 
D) $1.5 billion. 
E) $15 billion. 
A) $1.5 million. 
B) $15 million. 
C) $150 million. 
D) $1.5 billion. 
E) $15 billion.

Question 18

A digital certificate system:

Accepted Answer

A) uses third-party CAs to validate a user's identity. 
B) uses digital signatures to validate a user's identity. 
C) uses tokens to validate a user's identity. 
D) is used primarily by individuals for personal correspondence. 
E) protects a user's identity by substituting a certificate in place of identifiable traits. 
A) uses third-party CAs to validate a user's identity. 
B) uses digital signatures to validate a user's identity. 
C) uses tokens to validate a user's identity. 
D) is used primarily by individuals for personal correspondence. 
E) protects a user's identity by substituting a certificate in place of identifiable traits.

Question 19

A computer virus replicates more quickly than a computer worm.

Accepted Answer

A) True 
 B)False

Question 20

The Apple iOS platform is the mobile platform most frequently targeted by hackers.

Accepted Answer

A) True 
 B)False

A salesperson clicks repeatedly on the online ads of a competitor in order to drive the competitor's advertising costs up.This is an example of:

Which of the following defines acceptable uses of a firm's information resources and computing equipment?

Which of the following refers to all of the methods,policies,and organizational procedures that ensure the safety of the organization's assets,the accuracy and reliability of its accounting records,and operational adherence to management standards?

Which of the following statements about Internet security is not true?

NAT conceals the IP addresses of the organization's internal host computers to deter sniffer programs.

You have just been hired as a security consultant by MegaMalls Inc. ,a chain of retail malls,to make sure that the security of their information systems is up to par.Outline the steps you will take to achieve this.

All of the following are currently being used as traits that can be profiled by biometric authentication except:

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n)________ attack.

Explain how an SQL injection attack works and what types of systems are vulnerable to this type of attack.

Three major concerns of system builders and users are disaster,security,and human error.Of the three,which do you think is most difficult to deal with? Why?

In controlling network traffic to minimize slow-downs,a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

An authentication system in which a user must provide two types of identification,such as a bank card and PIN,is called:

Which of the following specifications replaced WEP with a stronger security standard that features changing encryption keys?

Malicious software programs referred to as spyware include a variety of threats such as computer viruses,worms,and Trojan horses.

Your company,an online discount pet supply store,has calculated that a loss of Internet connectivity for 3 hours results in a potential loss of $2,000 to $3,000 and that there is a 50% chance of this occurring each year.What is the annual expected loss from this exposure?

All of the following are specific security challenges that threaten corporate systems in a client/server environment except:

According to Ponemon Institute's 2015 Annual Cost of Cyber Crime Study,the average annualized cost of cybercrime for companies in the United States was approximately:

A digital certificate system:

A computer virus replicates more quickly than a computer worm.

The Apple iOS platform is the mobile platform most frequently targeted by hackers.

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems,organizations,and Strategy

Ethical and Social Issues in Information Systems

It Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications,the Internet,and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets,digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters

Exam 8: Securing Information Systems

A salesperson clicks repeatedly on the online ads of a competitor in order to drive the competitor's advertising costs up.This is an example of:

Which of the following defines acceptable uses of a firm's information resources and computing equipment?

Which of the following refers to all of the methods,policies,and organizational procedures that ensure the safety of the organization's assets,the accuracy and reliability of its accounting records,and operational adherence to management standards?

Which of the following statements about Internet security is not true?

NAT conceals the IP addresses of the organization's internal host computers to deter sniffer programs.

You have just been hired as a security consultant by MegaMalls Inc. ,a chain of retail malls,to make sure that the security of their information systems is up to par.Outline the steps you will take to achieve this.

All of the following are currently being used as traits that can be profiled by biometric authentication except:

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n)________ attack.

Explain how an SQL injection attack works and what types of systems are vulnerable to this type of attack.

Three major concerns of system builders and users are disaster,security,and human error.Of the three,which do you think is most difficult to deal with? Why?

In controlling network traffic to minimize slow-downs,a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

An authentication system in which a user must provide two types of identification,such as a bank card and PIN,is called:

Which of the following specifications replaced WEP with a stronger security standard that features changing encryption keys?

Malicious software programs referred to as spyware include a variety of threats such as computer viruses,worms,and Trojan horses.

Your company,an online discount pet supply store,has calculated that a loss of Internet connectivity for 3 hours results in a potential loss of $2,000 to $3,000 and that there is a 50% chance of this occurring each year.What is the annual expected loss from this exposure?

All of the following are specific security challenges that threaten corporate systems in a client/server environment except:

According to Ponemon Institute's 2015 Annual Cost of Cyber Crime Study,the average annualized cost of cybercrime for companies in the United States was approximately:

A digital certificate system:

A computer virus replicates more quickly than a computer worm.

The Apple iOS platform is the mobile platform most frequently targeted by hackers.

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems,organizations,and Strategy

Ethical and Social Issues in Information Systems

It Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications,the Internet,and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets,digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters