Question 1

Public key encryption uses two keys.

Accepted Answer

A) True 
 B)False

Question 2

All of the following are specific security challenges that threaten corporate servers in a client/server environment except:

Accepted Answer

A) hacking. 
B) malware. 
C) denial-of-service attacks. 
D) sniffing. 
E) vandalism. 
A) hacking. 
B) malware. 
C) denial-of-service attacks. 
D) sniffing. 
E) vandalism.

Question 3

How can a firm's security policies contribute and relate to the six main business objectives? Give examples.

Accepted Answer

A firm's security policies can contribut

Question 4

The Gramm-Leach-Bliley Act:

Accepted Answer

A) requires financial institutions to ensure the security of customer data. 
B) specifies best practices in information systems security and control. 
C) imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D) outlines medical security and privacy rules. 
E) identifies computer abuse as a crime and defines abusive activities. 
A) requires financial institutions to ensure the security of customer data. 
B) specifies best practices in information systems security and control. 
C) imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D) outlines medical security and privacy rules. 
E) identifies computer abuse as a crime and defines abusive activities.

Question 5

Which of the following statements about botnets is not true?

Accepted Answer

A) Eighty percent of the world's malware is delivered by botnets. 
B) Botnets are often used to perpetrate DDoS attacks. 
C) Ninety percent of the world's spam is delivered by botnets. 
D) Botnets are often used for click fraud. 
E) It is not possible to make a smartphone part of a botnet. 
A) Eighty percent of the world's malware is delivered by botnets. 
B) Botnets are often used to perpetrate DDoS attacks. 
C) Ninety percent of the world's spam is delivered by botnets. 
D) Botnets are often used for click fraud. 
E) It is not possible to make a smartphone part of a botnet.

Question 6

Most computer viruses deliver a:

Accepted Answer

A) worm. 
B) Trojan horse. 
C) driveby download. 
D) keylogger. 
E) payload. 
A) worm. 
B) Trojan horse. 
C) driveby download. 
D) keylogger. 
E) payload.

Question 7

Name and describe four firewall screening technologies.

Accepted Answer

There are a number of firewall screening

Question 8

Which of the following statements about passwords is not true?

Accepted Answer

A) Authentication cannot be established by the use of a password. 
B) Password systems that are too rigorous may hinder employee productivity. 
C) Passwords can be stolen through social engineering. 
D) Passwords are often disregarded by employees. 
E) Passwords can be sniffed when being transmitted over a network. 
A) Authentication cannot be established by the use of a password. 
B) Password systems that are too rigorous may hinder employee productivity. 
C) Passwords can be stolen through social engineering. 
D) Passwords are often disregarded by employees. 
E) Passwords can be sniffed when being transmitted over a network.

Question 9

________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access,change,or destruction while they are in use or in storage.

Accepted Answer

A) Software 
B) Administrative 
C) Data security 
D) Implementation 
E) Input 
A) Software 
B) Administrative 
C) Data security 
D) Implementation 
E) Input

Question 10

An acceptable use policy defines the acceptable level of access to information assets for different users.

Accepted Answer

A) True 
 B)False

Question 11

Application controls:

Accepted Answer

A) can be classified as input controls,processing controls,and output controls. 
B) govern the design,security,and use of computer programs and the security of data files in general throughout the organization. 
C) apply to all computerized applications and consist of a combination of hardware,software,and manual procedures that create an overall control environment. 
D) include software controls,computer operations controls,and implementation controls. 
E) monitor the use of system software and prevent unauthorized access to software and programs. 
A) can be classified as input controls,processing controls,and output controls. 
B) govern the design,security,and use of computer programs and the security of data files in general throughout the organization. 
C) apply to all computerized applications and consist of a combination of hardware,software,and manual procedures that create an overall control environment. 
D) include software controls,computer operations controls,and implementation controls. 
E) monitor the use of system software and prevent unauthorized access to software and programs.

Question 12

Sniffers enable hackers to steal proprietary information from anywhere on a network,including e-mail messages,company files,and confidential reports.

Accepted Answer

A) True 
 B)False

Question 13

How does disaster recovery planning differ from business continuity planning?

Accepted Answer

Disaster recovery planning devises plans

Question 14

The term cracker is used to identify a hacker whose specialty is breaking open security systems.

Accepted Answer

A) True 
 B)False

Question 15

What is a digital certificate? How does it work?

Accepted Answer

Digital certificates are data files used

Question 16

Authentication refers to verifying that a person is who he or she claims to be.

Accepted Answer

A) True 
 B)False

Question 17

Why is software quality important to security? What specific steps can an organization take to ensure software quality?

Accepted Answer

Software errors pose a constant threat t

Question 18

The HIPAA Act of 1996:

Accepted Answer

A) requires financial institutions to ensure the security of customer data. 
B) specifies best practices in information systems security and control. 
C) imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D) outlines medical security and privacy rules. 
E) identifies computer abuse as a crime and defines abusive activities. 
A) requires financial institutions to ensure the security of customer data. 
B) specifies best practices in information systems security and control. 
C) imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D) outlines medical security and privacy rules. 
E) identifies computer abuse as a crime and defines abusive activities.

Question 19

Which of the following focuses primarily on the technical issues of keeping systems up and running?

Accepted Answer

A) Business continuity planning 
B) Security policies 
C) Disaster recovery planning 
D) An AUP 
E) An information systems audit 
A) Business continuity planning 
B) Security policies 
C) Disaster recovery planning 
D) An AUP 
E) An information systems audit

Question 20

Evil twins are:

Accepted Answer

A) Trojan horses that appears to the user to be a legitimate commercial software application. 
B) e-mail messages that mimic the e-mail messages of a legitimate business. 
C) fraudulent websites that mimic a legitimate business's website. 
D) computers that fraudulently access a website or network using the IP address and identification of an authorized computer. 
E) bogus wireless network access points that look legitimate to users. 
A) Trojan horses that appears to the user to be a legitimate commercial software application. 
B) e-mail messages that mimic the e-mail messages of a legitimate business. 
C) fraudulent websites that mimic a legitimate business's website. 
D) computers that fraudulently access a website or network using the IP address and identification of an authorized computer. 
E) bogus wireless network access points that look legitimate to users.

Public key encryption uses two keys.

All of the following are specific security challenges that threaten corporate servers in a client/server environment except:

How can a firm's security policies contribute and relate to the six main business objectives? Give examples.

The Gramm-Leach-Bliley Act:

Which of the following statements about botnets is not true?

Most computer viruses deliver a:

Name and describe four firewall screening technologies.

Which of the following statements about passwords is not true?

________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access,change,or destruction while they are in use or in storage.

An acceptable use policy defines the acceptable level of access to information assets for different users.

Application controls:

Sniffers enable hackers to steal proprietary information from anywhere on a network,including e-mail messages,company files,and confidential reports.

How does disaster recovery planning differ from business continuity planning?

The term cracker is used to identify a hacker whose specialty is breaking open security systems.

What is a digital certificate? How does it work?

Authentication refers to verifying that a person is who he or she claims to be.

Why is software quality important to security? What specific steps can an organization take to ensure software quality?

The HIPAA Act of 1996:

Which of the following focuses primarily on the technical issues of keeping systems up and running?

Evil twins are:

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems,organizations,and Strategy

Ethical and Social Issues in Information Systems

It Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications,the Internet,and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets,digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters

Exam 8: Securing Information Systems

Public key encryption uses two keys.

All of the following are specific security challenges that threaten corporate servers in a client/server environment except:

How can a firm's security policies contribute and relate to the six main business objectives? Give examples.

The Gramm-Leach-Bliley Act:

Which of the following statements about botnets is not true?

Most computer viruses deliver a:

Name and describe four firewall screening technologies.

Which of the following statements about passwords is not true?

________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access,change,or destruction while they are in use or in storage.

An acceptable use policy defines the acceptable level of access to information assets for different users.

Application controls:

Sniffers enable hackers to steal proprietary information from anywhere on a network,including e-mail messages,company files,and confidential reports.

How does disaster recovery planning differ from business continuity planning?

The term cracker is used to identify a hacker whose specialty is breaking open security systems.

What is a digital certificate? How does it work?

Authentication refers to verifying that a person is who he or she claims to be.

Why is software quality important to security? What specific steps can an organization take to ensure software quality?

The HIPAA Act of 1996:

Which of the following focuses primarily on the technical issues of keeping systems up and running?

Evil twins are:

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems,organizations,and Strategy

Ethical and Social Issues in Information Systems

It Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications,the Internet,and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets,digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters