Question 1

_____ are an inexpensive way to secure a computer to a desktop or counter and often have locks as an additional protection against theft.

Accepted Answer

A) Corner bolts 
B) Identification badges 
C) Callback modems 
D) Electronic trackers 
A) Corner bolts 
B) Identification badges 
C) Callback modems 
D) Electronic trackers

Question 2

In the context of security, _____ is an attack that takes advantage of the human element of security systems.

Accepted Answer

A) disk mirroring 
B) weblogging 
C) voice recognition 
D) social engineering 
A) disk mirroring 
B) weblogging 
C) voice recognition 
D) social engineering

Question 3

Which statement is true of asymmetric encryption?

Accepted Answer

A) It uses the same key to encrypt and decrypt a message. 
B) It requires a large amount of processing power. 
C) It can easily share a key over the Internet. 
D) It needs the shared key to be a secret between the sender and the receiver. 
A) It uses the same key to encrypt and decrypt a message. 
B) It requires a large amount of processing power. 
C) It can easily share a key over the Internet. 
D) It needs the shared key to be a secret between the sender and the receiver.

Question 4

The process of capturing and recording network traffic is referred to as _____.

Accepted Answer

A) sniffing 
B) phishing 
C) bombing 
D) pharming 
A) sniffing 
B) phishing 
C) bombing 
D) pharming

Question 5

_____, a more recent cryptographic protocol, ensures data security and integrity over public networks, such as the Internet.

Accepted Answer

A) Transport Layer Security 
B) Terminal Resource Security 
C) Transmission Control Security 
D) User Datagram Security 
A) Transport Layer Security 
B) Terminal Resource Security 
C) Transmission Control Security 
D) User Datagram Security

Question 6

_____ outlines procedures for keeping an organization operational in the event of a natural disaster or a network attack or intrusion.

Accepted Answer

A) An access control system 
B) Business continuity planning 
C) An intrusion detection system 
D) Terminal resource security 
A) An access control system 
B) Business continuity planning 
C) An intrusion detection system 
D) Terminal resource security

Question 7

Spoofing happens when:

Accepted Answer

A) a word is converted into a digital pattern. 
B) keystrokes are monitored and recorded. 
C) an illegitimate program poses as a legitimate one. 
D) a firewall rejects the incoming data packets. 
A) a word is converted into a digital pattern. 
B) keystrokes are monitored and recorded. 
C) an illegitimate program poses as a legitimate one. 
D) a firewall rejects the incoming data packets.

Question 8

In the context of the common intentional security threats, which statement best describes a worm?

Accepted Answer

A) It travels from computer to computer in a network, but it does not usually erase data. 
B) It attaches itself to a host program to spread to other files in a computer. 
C) It is a programming routine built into a system by its designer to bypass system security and sneak back into the system later to access data. 
D) It floods a network or server with service requests to prevent legitimate users' access to the system. 
A) It travels from computer to computer in a network, but it does not usually erase data. 
B) It attaches itself to a host program to spread to other files in a computer. 
C) It is a programming routine built into a system by its designer to bypass system security and sneak back into the system later to access data. 
D) It floods a network or server with service requests to prevent legitimate users' access to the system.

Question 9

_____  is an attempt to gain access to a network by posing as an authorized user in order to find sensitive information, such as passwords and credit card information.

Accepted Answer

A) Phishing 
B) Keystroke logging 
C) Spoofing 
D) Pharming 
A) Phishing 
B) Keystroke logging 
C) Spoofing 
D) Pharming

Question 10

A level 1 security system is used to protect _____ against unauthorized access.

Accepted Answer

A) users' workstations 
B) back-end systems 
C) internal database servers 
D) front-end servers 
A) users' workstations 
B) back-end systems 
C) internal database servers 
D) front-end servers

Question 11

Which statement is true of phishing?

Accepted Answer

A) It involves monitoring and recording keystrokes. 
B) It involves sending fraudulent e-mails that seem to come from legitimate sources. 
C) It consists of self-propagating program code that is triggered by a specified time or event. 
D) It prevents the disclosure of information to anyone who is not authorized to access it. 
A) It involves monitoring and recording keystrokes. 
B) It involves sending fraudulent e-mails that seem to come from legitimate sources. 
C) It consists of self-propagating program code that is triggered by a specified time or event. 
D) It prevents the disclosure of information to anyone who is not authorized to access it.

Question 12

In the context of intentional security threats, _____ can erase data and wreak havoc on computers and networks but do not replicate themselves.

Accepted Answer

A) Trojan programs 
B) worms 
C) viruses 
D) McCumber cubes 
A) Trojan programs 
B) worms 
C) viruses 
D) McCumber cubes

Question 13

Which of the following is recommended in the context of a comprehensive security plan?

Accepted Answer

A) Employees should be trained in security measures. 
B) Participants should receive certificates before training sessions. 
C) Management should expect employees to implement their own training. 
D) Employee passwords and ID badges should be periodically revoked. 
A) Employees should be trained in security measures. 
B) Participants should receive certificates before training sessions. 
C) Management should expect employees to implement their own training. 
D) Employee passwords and ID badges should be periodically revoked.

Question 14

In the context of intentional computer and network threats, describe how blended threats work.

Accepted Answer

Answers will vary. A blended threat is a

Question 15

In the context of e-commerce transaction security measures, authentication is a critical factor because it ensures that:

Accepted Answer

A) a system quickly recovers in the event of a system failure or disaster. 
B) the person using a credit card number is the card's legitimate owner. 
C) the accuracy of information resources within an organization is maintained. 
D) a system can easily be restored to operational status. 
A) a system quickly recovers in the event of a system failure or disaster. 
B) the person using a credit card number is the card's legitimate owner. 
C) the accuracy of information resources within an organization is maintained. 
D) a system can easily be restored to operational status.

Question 16

In the context of the CIA triangle, confidentiality means that computers and networks are operating and authorized users can access the information they need.

Accepted Answer

A) True 
 B)False

Question 17

The main function of Cyber Incident Response Capability (CIRC)is to _____.

Accepted Answer

A) provide level 1 security 
B) restrict access controls to unauthorized personnel 
C) provide information on security incidents 
D) create backdoors to bypass security protocols 
A) provide level 1 security 
B) restrict access controls to unauthorized personnel 
C) provide information on security incidents 
D) create backdoors to bypass security protocols

Question 18

In the context of computer crimes and attacks, the difference between phishing and spear phishing is that:

Accepted Answer

A) in spear phishing, the attack is targeted toward a specific person or a group. 
B) spear phishing involves monitoring and recording keystrokes. 
C) in spear phishing, hackers capture and record network traffic. 
D) spear phishing involves collecting sensitive information via phone calls. 
A) in spear phishing, the attack is targeted toward a specific person or a group. 
B) spear phishing involves monitoring and recording keystrokes. 
C) in spear phishing, hackers capture and record network traffic. 
D) spear phishing involves collecting sensitive information via phone calls.

Question 19

In the context of intentional computer and network threats, a _____ combines the characteristics of computer viruses, worms, and other malicious codes with vulnerabilities found on public and private networks.

Accepted Answer

A) blended threat 
B) mirror disk 
C) backdoor threat 
D) firewall 
A) blended threat 
B) mirror disk 
C) backdoor threat 
D) firewall

Question 20

_____ is a commonly used encryption protocol that manages transmission security on the Internet.

Accepted Answer

A) Application Layer 
B) Secure Sockets Layer 
C) Transmission Control Protocol 
D) User Datagram Protocol 
A) Application Layer 
B) Secure Sockets Layer 
C) Transmission Control Protocol 
D) User Datagram Protocol

_____ are an inexpensive way to secure a computer to a desktop or counter and often have locks as an additional protection against theft.

In the context of security, _____ is an attack that takes advantage of the human element of security systems.

Which statement is true of asymmetric encryption?

The process of capturing and recording network traffic is referred to as _____.

_____, a more recent cryptographic protocol, ensures data security and integrity over public networks, such as the Internet.

_____ outlines procedures for keeping an organization operational in the event of a natural disaster or a network attack or intrusion.

Spoofing happens when:

In the context of the common intentional security threats, which statement best describes a worm?

_____ is an attempt to gain access to a network by posing as an authorized user in order to find sensitive information, such as passwords and credit card information.

A level 1 security system is used to protect _____ against unauthorized access.

Which statement is true of phishing?

In the context of intentional security threats, _____ can erase data and wreak havoc on computers and networks but do not replicate themselves.

Which of the following is recommended in the context of a comprehensive security plan?

In the context of intentional computer and network threats, describe how blended threats work.

In the context of e-commerce transaction security measures, authentication is a critical factor because it ensures that:

In the context of the CIA triangle, confidentiality means that computers and networks are operating and authorized users can access the information they need.

The main function of Cyber Incident Response Capability (CIRC)is to _____.

In the context of computer crimes and attacks, the difference between phishing and spear phishing is that:

In the context of intentional computer and network threats, a _____ combines the characteristics of computer viruses, worms, and other malicious codes with vulnerabilities found on public and private networks.

_____ is a commonly used encryption protocol that manages transmission security on the Internet.

Information Systems in Business

Computers and Their Business Applications

Data and Business Intelligence

Personal, Legal, Ethical, and Organizational Issues

Data Communication: Delivering Information Anywhere and Anytime

A Connected World

E-Commerce

Global Information Systems

Building Successful Information Systems

Enterprise Systems

Supporting Decisions and Processes

Artificial Intelligence and Automation

Emerging Trends, Technologies, and Applications

Filters

Exam 5: Protecting Information Resources

_____ are an inexpensive way to secure a computer to a desktop or counter and often have locks as an additional protection against theft.

In the context of security, _____ is an attack that takes advantage of the human element of security systems.

Which statement is true of asymmetric encryption?

The process of capturing and recording network traffic is referred to as _____.

_____, a more recent cryptographic protocol, ensures data security and integrity over public networks, such as the Internet.

_____ outlines procedures for keeping an organization operational in the event of a natural disaster or a network attack or intrusion.

Spoofing happens when:

In the context of the common intentional security threats, which statement best describes a worm?

_____ is an attempt to gain access to a network by posing as an authorized user in order to find sensitive information, such as passwords and credit card information.

A level 1 security system is used to protect _____ against unauthorized access.

Which statement is true of phishing?

In the context of intentional security threats, _____ can erase data and wreak havoc on computers and networks but do not replicate themselves.

Which of the following is recommended in the context of a comprehensive security plan?

In the context of intentional computer and network threats, describe how blended threats work.

In the context of e-commerce transaction security measures, authentication is a critical factor because it ensures that:

In the context of the CIA triangle, confidentiality means that computers and networks are operating and authorized users can access the information they need.

The main function of Cyber Incident Response Capability (CIRC)is to _____.

In the context of computer crimes and attacks, the difference between phishing and spear phishing is that:

In the context of intentional computer and network threats, a _____ combines the characteristics of computer viruses, worms, and other malicious codes with vulnerabilities found on public and private networks.

_____ is a commonly used encryption protocol that manages transmission security on the Internet.

Information Systems in Business

Computers and Their Business Applications

Data and Business Intelligence

Personal, Legal, Ethical, and Organizational Issues

Data Communication: Delivering Information Anywhere and Anytime

A Connected World

E-Commerce

Global Information Systems

Building Successful Information Systems

Enterprise Systems

Supporting Decisions and Processes

Artificial Intelligence and Automation

Emerging Trends, Technologies, and Applications

Filters