Question 1

Three major concerns of system builders and users are disaster,security,and human error.Of the three,which do you think is most difficult to deal with? Why?

Accepted Answer

Student answers will vary.Example answers are: Disaster might be the most difficult because it is unexpected,broad-based,and frequently life threatening.In addition,the company cannot know if the disaster plan will work until a disaster occurs,and then it's too late to make corrections.Security might be the most difficult because it is an ongoing problem,new viruses are devised constantly,and hackers get smarter every day.Furthermore,damage done by a trusted employee from inside cannot be obviated by system security measures.Human error might be most difficult because it isn't caught until too late,and the consequences may be disastrous.Also,administrative error can occur at any level and through any operation or procedure in the company.

Question 2

________ use scanning software to look for known problems such as bad passwords,the removal of important files,security attacks in progress,and system administration errors.

Accepted Answer

A) Stateful inspections 
B) Intrusion detection systems 
C) Application proxy filtering technologies 
D) Packet filtering technologies 
E) Firewalls 
A) Stateful inspections 
B) Intrusion detection systems 
C) Application proxy filtering technologies 
D) Packet filtering technologies 
E) Firewalls B

Question 3

________ refers to all of the methods,policies,and organizational procedures that ensure the safety of the organization's assets,the accuracy and reliability of its accounting records,and operational adherence to management standards.

Accepted Answer

A) "Legacy systems" 
B) "SSID standards" 
C) "Vulnerabilities" 
D) "Security policy" 
E) "Controls" 
A) "Legacy systems" 
B) "SSID standards" 
C) "Vulnerabilities" 
D) "Security policy" 
E) "Controls" E

Question 4

Application controls

Accepted Answer

A) can be classified as input controls,processing controls,and output controls. 
B) govern the design,security,and use of computer programs and the security of data files in general throughout the organization. 
C) apply to all computerized applications and consist of a combination of hardware,software,and manual procedures that create an overall control environment. 
D) include software controls,computer operations controls,and implementation controls. 
E) monitor the use of system software and prevent unauthorized access to software and programs. 
A) can be classified as input controls,processing controls,and output controls. 
B) govern the design,security,and use of computer programs and the security of data files in general throughout the organization. 
C) apply to all computerized applications and consist of a combination of hardware,software,and manual procedures that create an overall control environment. 
D) include software controls,computer operations controls,and implementation controls. 
E) monitor the use of system software and prevent unauthorized access to software and programs.

Question 5

Smartphones have the same security flaws as other Internet-connected devices.

Accepted Answer

A) True 
 B)False

Question 6

The communications lines in a client/server environment are specifically vulnerable to

Accepted Answer

A) vandalism. 
B) malware. 
C) software failure. 
D) tapping. 
E) errors. 
A) vandalism. 
B) malware. 
C) software failure. 
D) tapping. 
E) errors.

Question 7

Pharming involves

Accepted Answer

A) redirecting users to a fraudulent Web site even when the user has typed in the correct address in the Web browser. 
B) pretending to be a legitimate business's representative in order to garner information about a security system. 
C) setting up fake Web sites to ask users for confidential information. 
D) using e-mails for threats or harassment. 
E) setting up fake Wi-Fi access points that look as if they are legitimate public networks. 
A) redirecting users to a fraudulent Web site even when the user has typed in the correct address in the Web browser. 
B) pretending to be a legitimate business's representative in order to garner information about a security system. 
C) setting up fake Web sites to ask users for confidential information. 
D) using e-mails for threats or harassment. 
E) setting up fake Wi-Fi access points that look as if they are legitimate public networks.

Question 8

The intentional defacement or destruction of a Web site is called

Accepted Answer

A) spoofing. 
B) cybervandalism. 
C) cyberwarfare. 
D) phishing. 
E) pharming. 
A) spoofing. 
B) cybervandalism. 
C) cyberwarfare. 
D) phishing. 
E) pharming.

Question 9

Social networking sites have become a new conduit for malware because

Accepted Answer

A) they are used by so many people. 
B) they allow users to post media and image files. 
C) they are especially vulnerable to social engineering. 
D) they allow users to post software code. 
E) they have poor user authentication. 
A) they are used by so many people. 
B) they allow users to post media and image files. 
C) they are especially vulnerable to social engineering. 
D) they allow users to post software code. 
E) they have poor user authentication.

Question 10

Which of the following is not an example of a computer used as an instrument of crime?

Accepted Answer

A) theft of trade secrets 
B) intentionally attempting to intercept electronic communication 
C) unauthorized copying of software 
D) breaching the confidentiality of protected computerized data 
E) schemes to defraud 
A) theft of trade secrets 
B) intentionally attempting to intercept electronic communication 
C) unauthorized copying of software 
D) breaching the confidentiality of protected computerized data 
E) schemes to defraud

Question 11

________ is malware that hijacks a user's computer and demands payment in return for giving back access.

Accepted Answer

A) A Trojan horse 
B) Ransomware 
C) Spyware 
D) A virus 
E) An evil twin 
A) A Trojan horse 
B) Ransomware 
C) Spyware 
D) A virus 
E) An evil twin

Question 12

________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access,change,or destruction while they are in use or in storage.

Accepted Answer

A) Software 
B) Administrative 
C) Data security 
D) Implementation 
E) Input 
A) Software 
B) Administrative 
C) Data security 
D) Implementation 
E) Input

Question 13

In a client/server environment,corporate servers are specifically vulnerable to

Accepted Answer

A) unauthorized access. 
B) sniffing. 
C) malware. 
D) radiation. 
E) tapping. 
A) unauthorized access. 
B) sniffing. 
C) malware. 
D) radiation. 
E) tapping.

Question 14

What is a digital certificate? How does it work?

Accepted Answer

Digital certificates are data files used

Question 15

An authentication token is a(n)

Accepted Answer

A) device the size of a credit card that contains access permission data. 
B) type of smart card. 
C) gadget that displays passcodes. 
D) electronic marker attached to a digital authorization file. 
A) device the size of a credit card that contains access permission data. 
B) type of smart card. 
C) gadget that displays passcodes. 
D) electronic marker attached to a digital authorization file.

Question 16

An authentication system in which a user must provide two types of identification,such as a bank card and PIN,is called

Accepted Answer

A) smart card authentication. 
B) biometric authentication. 
C) two-factor authentication. 
D) symmetric key authorization. 
E) token authentication. 
A) smart card authentication. 
B) biometric authentication. 
C) two-factor authentication. 
D) symmetric key authorization. 
E) token authentication.

Question 17

________ is malware that logs and transmits everything a user types.

Accepted Answer

A) Spyware 
B) A Trojan horse 
C) A keylogger 
D) A worm 
E) A sniffer 
A) Spyware 
B) A Trojan horse 
C) A keylogger 
D) A worm 
E) A sniffer

Question 18

A salesperson clicks repeatedly on the online ads of a competitor's in order to drive the competitor's advertising costs up.This is an example of

Accepted Answer

A) phishing. 
B) pharming. 
C) spoofing. 
D) evil twins. 
E) click fraud. 
A) phishing. 
B) pharming. 
C) spoofing. 
D) evil twins. 
E) click fraud.

Question 19

Hackers create a botnet by

Accepted Answer

A) infecting Web search bots with malware. 
B) using Web search bots to infect other computers. 
C) causing other people's computers to become "zombie" PCs following a master computer. 
D) infecting corporate servers with "zombie" Trojan horses that allow undetected access through a back door. 
E) pharming multiple computers. 
A) infecting Web search bots with malware. 
B) using Web search bots to infect other computers. 
C) causing other people's computers to become "zombie" PCs following a master computer. 
D) infecting corporate servers with "zombie" Trojan horses that allow undetected access through a back door. 
E) pharming multiple computers.

Question 20

As discussed in the Chapter opening case,magnetic stripes are an old technology that is vulnerable to counterfeit and theft.

Accepted Answer

A) True 
 B)False

Three major concerns of system builders and users are disaster,security,and human error.Of the three,which do you think is most difficult to deal with? Why?

________ use scanning software to look for known problems such as bad passwords,the removal of important files,security attacks in progress,and system administration errors.

________ refers to all of the methods,policies,and organizational procedures that ensure the safety of the organization's assets,the accuracy and reliability of its accounting records,and operational adherence to management standards.

Application controls

Smartphones have the same security flaws as other Internet-connected devices.

The communications lines in a client/server environment are specifically vulnerable to

Pharming involves

The intentional defacement or destruction of a Web site is called

Social networking sites have become a new conduit for malware because

Which of the following is not an example of a computer used as an instrument of crime?

________ is malware that hijacks a user's computer and demands payment in return for giving back access.

________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access,change,or destruction while they are in use or in storage.

In a client/server environment,corporate servers are specifically vulnerable to

What is a digital certificate? How does it work?

An authentication token is a(n)

An authentication system in which a user must provide two types of identification,such as a bank card and PIN,is called

________ is malware that logs and transmits everything a user types.

A salesperson clicks repeatedly on the online ads of a competitor's in order to drive the competitor's advertising costs up.This is an example of

Hackers create a botnet by

As discussed in the Chapter opening case,magnetic stripes are an old technology that is vulnerable to counterfeit and theft.

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems, Organizations, and Strategy

Ethical and Social Issues in Information Systems

IT Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets, Digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters

Exam 8: Securing Information Systems

Three major concerns of system builders and users are disaster,security,and human error.Of the three,which do you think is most difficult to deal with? Why?

________ use scanning software to look for known problems such as bad passwords,the removal of important files,security attacks in progress,and system administration errors.

________ refers to all of the methods,policies,and organizational procedures that ensure the safety of the organization's assets,the accuracy and reliability of its accounting records,and operational adherence to management standards.

Application controls

Smartphones have the same security flaws as other Internet-connected devices.

The communications lines in a client/server environment are specifically vulnerable to

Pharming involves

The intentional defacement or destruction of a Web site is called

Social networking sites have become a new conduit for malware because

Which of the following is not an example of a computer used as an instrument of crime?

________ is malware that hijacks a user's computer and demands payment in return for giving back access.

________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access,change,or destruction while they are in use or in storage.

In a client/server environment,corporate servers are specifically vulnerable to

What is a digital certificate? How does it work?

An authentication token is a(n)

An authentication system in which a user must provide two types of identification,such as a bank card and PIN,is called

________ is malware that logs and transmits everything a user types.

A salesperson clicks repeatedly on the online ads of a competitor's in order to drive the competitor's advertising costs up.This is an example of

Hackers create a botnet by

As discussed in the Chapter opening case,magnetic stripes are an old technology that is vulnerable to counterfeit and theft.

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems, Organizations, and Strategy

Ethical and Social Issues in Information Systems

IT Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets, Digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters