Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Exam 12: Information Systems Development

arrow
Exam 1: The Importance of MIS120 Questionsadd course
Exam 2: Business Processes, Information Systems, and Information123 Questionsadd course
Exam 3: Organizational Strategy, Information Systems, and Competitive Advantage119 Questionsadd course
Exam 4: Hardware and Software124 Questionsadd course
Exam 5: Database Processing123 Questionsadd course
Exam 6: The Cloud120 Questionsadd course
Exam 7: Organizations and Information Systems116 Questionsadd course
Exam 8: Social Media Information Systems120 Questionsadd course
Exam 9: Business Intelligence Systems122 Questionsadd course
Exam 10: Information Systems Security118 Questionsadd course
Exam 11: Information Systems Management105 Questionsadd course
Exam 12: Information Systems Development123 Questionsadd course
Exam 13: The International Dimension31 Questionsadd course
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags
search iconSearch Question
flashcardsStudy Flashcards
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags

How should organizations respond to security incidents?

Free
(Essay)
4.9/5
(35)
Question 1
Correct Answer:
Verified

First, every organization should have an incident-response plan as part of the security program. No organization should wait until some asset has been lost or compromised before deciding what to do. The plan should include how employees are to respond to security problems, whom they should contact, the reports they should make, and steps they can take to reduce further loss. An incident-response plan will stipulate what an employee should do when he notices the virus. It should specify whom to contact and what to do. It may stipulate that the employee should turn off his computer and physically disconnect from the network. The plan should also indicate what users with wireless computers should do. When an incident does occur, speed is of the essence. The longer the incident goes on, the greater the cost. Viruses and worms can spread very quickly across an organization's networks, and a fast response will help to mitigate the consequences. Because of the need for speed, preparation pays. The incident-response plan should identify critical personnel and their off-hours contact information. These personnel should be trained on where to go and what to do when they get there. Finally, organizations should periodically practice incident response. Without such practice, personnel will be poorly informed on the response plan, and the plan itself may have flaws that only become apparent during a drill.

Define threat, vulnerability, safeguard, and target.

Free
(Essay)
4.8/5
(39)
Question 2
Correct Answer:
Verified

A threat is a person or organization that seeks to obtain or alter data or other IS assets illegally, without the owner's permission and often without the owner's knowledge. A vulnerability is an opportunity for threats to gain access to individual or organizational assets. For example, when an individual buys something online, he/she provides credit card data; when that data is transmitted over the Internet, it is vulnerable to threats. A safeguard is some measure that individuals or organizations take to block the threat from obtaining the asset. Finally, the target is the asset that is desired by the threat.

Which of the following was passed to give individuals the right to access their own health data created by doctors and other healthcare providers?

Free
(Multiple Choice)
5.0/5
(42)
Question 3
Correct Answer:
Verified

C

Even short passwords with no special characters can make strong passwords.

(True/False)
4.8/5
(39)
Question 4

Key escrow is a(n) ________.

(Multiple Choice)
4.9/5
(41)
Question 5

A new hire must seek out the employer's security policy if it is not discussed in new-employee training.

(True/False)
4.7/5
(35)
Question 6

Viruses and worms are examples of malware.

(True/False)
4.7/5
(35)
Question 7

Mark is transferring funds online through the Web site of a reputed bank. Which of the following will be displayed in the address bar of his browser that will let him know that the bank is using the SSL protocol?

(Multiple Choice)
4.8/5
(33)
Question 8

Which of the following is most likely to be a result of hacking?

(Multiple Choice)
4.9/5
(40)
Question 9

A magnetic strip holds far more data than a microchip.

(True/False)
4.8/5
(39)
Question 10

Technical safeguards involve the hardware and software components of an information system.

(True/False)
4.9/5
(39)
Question 11

________ occurs when someone deceives by pretending to be someone else.

(Multiple Choice)
4.7/5
(34)
Question 12

Phishing is a technique for intercepting computer communications.

(True/False)
4.9/5
(41)
Question 13

When a hacker floods a Web server with millions of bogus service requests so that it cannot service legitimate requests, it is called a denial-of-service attack.

(True/False)
4.7/5
(30)
Question 14

Which of the following is considered a computer crime?

(Multiple Choice)
4.8/5
(37)
Question 15

The losses due to human error are minimal; hence, organizations tend to ignore these losses.

(True/False)
4.8/5
(45)
Question 16

In symmetric encryption, two different keys are used to encode and decode a message.

(True/False)
4.9/5
(41)
Question 17

An intrusion detection system (IDS) is a computer program that senses when another computer is attempting to scan the disk or otherwise access a computer.

(True/False)
4.8/5
(37)
Question 18

Most emails and IMs are protected by encryption.

(True/False)
4.8/5
(43)
Question 19

________ involves accomplishing job tasks during failure.

(Multiple Choice)
4.9/5
(41)
Question 20
Showing 1 - 20 of 123
close modal

Filters

  • Essay(0)
  • Multiple Choice(0)
  • Short Answer(0)
  • True False(0)
  • Matching(0)