Question 1

The Gramm-Leach-Bliley Act

Accepted Answer

A)  requires financial institutions to ensure the security of customer data. 
B)  specifies best practices in information systems security and control. 
C)  imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D)  outlines medical security and privacy rules. 
A)  requires financial institutions to ensure the security of customer data. 
B)  specifies best practices in information systems security and control. 
C)  imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D)  outlines medical security and privacy rules. A

Question 2

In a walkthrough, hackers are able to bypass security controls of a system with little opposition.

Accepted Answer

A) True 
 B)False  False

Question 3

In 2004, ICQ users were enticed by a sales message from a supposed anti-virus vendor. On the vendor's site, a small program called Mitglieder was downloaded to the user's machine. The program enabled outsiders to infiltrate the user's machine. What type of malware is this an example of?

Accepted Answer

A)  Trojan horse 
B)  virus 
C)  worm 
D)  spyware 
A)  Trojan horse 
B)  virus 
C)  worm 
D)  spyware A

Question 4

Define a fault-tolerant computer system and a high-availability computer system. How do they differ? When would each be used?

Accepted Answer

Both systems use backup hardware resourc

Question 5

SSL is a protocol used to establish a secure connection between two computers.

Accepted Answer

A) True 
 B)False

Question 6

Packet filtering catches most types of network attacks.

Accepted Answer

A) True 
 B)False

Question 7

A(n) ________ examines the firm's overall security environment as well as the controls governing individual information systems.

Accepted Answer

The answer of A(n) ________ examines the firm's overall security...

Question 8

One form of spoofing involves forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender.

Accepted Answer

A) True 
 B)False

Question 9

Three major concerns of system builders and users are disaster, security, and human error. Of the three, which do you think is most difficult to deal with? Why?

Accepted Answer

Student answers will vary. Example answe

Question 10

A digital certificate system

Accepted Answer

A)  uses third-party CAs to validate a user's identity. 
B)  uses digital signatures to validate a user's identity. 
C)  uses tokens to validate a user's identity. 
D)  is used primarily by individuals for personal correspondence. 
A)  uses third-party CAs to validate a user's identity. 
B)  uses digital signatures to validate a user's identity. 
C)  uses tokens to validate a user's identity. 
D)  is used primarily by individuals for personal correspondence.

Question 11

For 100% availability, online transaction processing requires

Accepted Answer

A)  high-capacity storage. 
B)  a multi-tier server network. 
C)  fault-tolerant computer systems. 
D)  dedicated phone lines. 
A)  high-capacity storage. 
B)  a multi-tier server network. 
C)  fault-tolerant computer systems. 
D)  dedicated phone lines.

Question 12

Computers using cable modems to connect to the Internet are more open to penetration than those connecting via dial-up.

Accepted Answer

A) True 
 B)False

Question 13

Which of the following is not an example of a computer used as a target of crime?

Accepted Answer

A)  knowingly accessing a protected computer to commit fraud 
B)  accessing a computer system without authority 
C)  illegally accessing stored electronic communication 
D)  threatening to cause damage to a protected computer 
A)  knowingly accessing a protected computer to commit fraud 
B)  accessing a computer system without authority 
C)  illegally accessing stored electronic communication 
D)  threatening to cause damage to a protected computer

Question 14

Mobile devices are not targeted as extensively by malware as traditional computers.

Accepted Answer

A) True 
 B)False

Question 15

A firewall allows the organization to

Accepted Answer

A)  prevent unauthorized communication both into and out of the network. 
B)  monitor network hot spots for signs of intruders. 
C)  prevent known spyware and malware from entering the system. 
D)  all of the above. 
A)  prevent unauthorized communication both into and out of the network. 
B)  monitor network hot spots for signs of intruders. 
C)  prevent known spyware and malware from entering the system. 
D)  all of the above.

Question 16

Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems.

Accepted Answer

unified th

Question 17

When errors are discovered in software programs, the sources of the errors are found and eliminated through a process called ________.

Accepted Answer

The answer of When errors are discovered in software programs,...

Question 18

A drive-by download is a technique used by hackers to enable accessing files on a wireless network.

Accepted Answer

A) True 
 B)False

Question 19

Pharming involves

Accepted Answer

A)  redirecting users to a fraudulent Web site even when the user has typed in the correct address in the Web browser. 
B)  pretending to be a legitimate business's representative in order to garner information about a security system. 
C)  setting up fake Web sites to ask users for confidential information. 
D)  using e-mails for threats or harassment. 
A)  redirecting users to a fraudulent Web site even when the user has typed in the correct address in the Web browser. 
B)  pretending to be a legitimate business's representative in order to garner information about a security system. 
C)  setting up fake Web sites to ask users for confidential information. 
D)  using e-mails for threats or harassment.

Question 20

All of the following are methods of ensuring software quality except for

Accepted Answer

A)  systems analysis. 
B)  walkthroughs. 
C)  software testing. 
D)  internal corporate back-end system. 
A)  systems analysis. 
B)  walkthroughs. 
C)  software testing. 
D)  internal corporate back-end system.

The Gramm-Leach-Bliley Act

In a walkthrough, hackers are able to bypass security controls of a system with little opposition.

In 2004, ICQ users were enticed by a sales message from a supposed anti-virus vendor. On the vendor's site, a small program called Mitglieder was downloaded to the user's machine. The program enabled outsiders to infiltrate the user's machine. What type of malware is this an example of?

Define a fault-tolerant computer system and a high-availability computer system. How do they differ? When would each be used?

SSL is a protocol used to establish a secure connection between two computers.

Packet filtering catches most types of network attacks.

A(n) ________ examines the firm's overall security environment as well as the controls governing individual information systems.

One form of spoofing involves forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender.

Three major concerns of system builders and users are disaster, security, and human error. Of the three, which do you think is most difficult to deal with? Why?

A digital certificate system

For 100% availability, online transaction processing requires

Computers using cable modems to connect to the Internet are more open to penetration than those connecting via dial-up.

Which of the following is not an example of a computer used as a target of crime?

Mobile devices are not targeted as extensively by malware as traditional computers.

A firewall allows the organization to

Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems.

When errors are discovered in software programs, the sources of the errors are found and eliminated through a process called ________.

A drive-by download is a technique used by hackers to enable accessing files on a wireless network.

Pharming involves

All of the following are methods of ensuring software quality except for

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems, Organizations, and Strategy

Ethical and Social Issues in Information Systems

IT Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets, Digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters

Exam 8: Securing Information Systems

The Gramm-Leach-Bliley Act

In a walkthrough, hackers are able to bypass security controls of a system with little opposition.

In 2004, ICQ users were enticed by a sales message from a supposed anti-virus vendor. On the vendor's site, a small program called Mitglieder was downloaded to the user's machine. The program enabled outsiders to infiltrate the user's machine. What type of malware is this an example of?

Define a fault-tolerant computer system and a high-availability computer system. How do they differ? When would each be used?

SSL is a protocol used to establish a secure connection between two computers.

Packet filtering catches most types of network attacks.

A(n) ________ examines the firm's overall security environment as well as the controls governing individual information systems.

One form of spoofing involves forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender.

Three major concerns of system builders and users are disaster, security, and human error. Of the three, which do you think is most difficult to deal with? Why?

A digital certificate system

For 100% availability, online transaction processing requires

Computers using cable modems to connect to the Internet are more open to penetration than those connecting via dial-up.

Which of the following is not an example of a computer used as a target of crime?

Mobile devices are not targeted as extensively by malware as traditional computers.

A firewall allows the organization to

Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems.

When errors are discovered in software programs, the sources of the errors are found and eliminated through a process called ________.

A drive-by download is a technique used by hackers to enable accessing files on a wireless network.

Pharming involves

All of the following are methods of ensuring software quality except for

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems, Organizations, and Strategy

Ethical and Social Issues in Information Systems

IT Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets, Digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters