Question 1

Which of the following is likely to be accepted by a poorly designed application, leading to improper disclosure of data?

Accepted Answer

A)  public key 
B)  asymmetric encryption 
C)  key escrow 
D)  SQL injection 
A)  public key 
B)  asymmetric encryption 
C)  key escrow 
D)  SQL injection

Question 2

Sniffing occurs when an intruder uses another site's IP address to masquerade as that other site.

Accepted Answer

A) True 
 B)False

Question 3

What is meant by denial of service?

Accepted Answer

Human error in following procedures, or

Question 4

When referring to security threats, pretexting, sniffing, spoofing, and phishing are all examples of ________.

Accepted Answer

A)  unauthorized data disclosure 
B)  incorrect data modification 
C)  faulty services 
D)  loss of infrastructure 
A)  unauthorized data disclosure 
B)  incorrect data modification 
C)  faulty services 
D)  loss of infrastructure

Question 5

________ is the term used to denote viruses, worms, and Trojan horses.

Accepted Answer

A)  Malware 
B)  Cookie 
C)  Firewall 
D)  Spam 
A)  Malware 
B)  Cookie 
C)  Firewall 
D)  Spam

Question 6

________ present the largest risk for an organization's infrastructure loss.

Accepted Answer

A)  Employees 
B)  Natural disasters 
C)  Hackers 
D)  Competitors 
A)  Employees 
B)  Natural disasters 
C)  Hackers 
D)  Competitors

Question 7

A ________ pretends to be a legitimate company and sends an email requesting confidential data, such as account numbers, Social Security numbers, account passwords, and so forth.

Accepted Answer

A)  hacker 
B)  phisher 
C)  safeguard 
D)  sniffer 
A)  hacker 
B)  phisher 
C)  safeguard 
D)  sniffer

Question 8

Define encryption and explain symmetric and asymmetric encryption for computer systems.

Accepted Answer

Encryption is the process of transformin

Question 9

Which of the following usually happens in a malicious denial-of-service attack?

Accepted Answer

A)  a hacker monitors and intercepts wireless traffic at will 
B)  a hacker floods a Web server with millions of bogus service requests 
C)  an intruder uses another site's IP address to masquerade as that other site 
D)  a phisher pretends to be a legitimate company and requests confidential data 
A)  a hacker monitors and intercepts wireless traffic at will 
B)  a hacker floods a Web server with millions of bogus service requests 
C)  an intruder uses another site's IP address to masquerade as that other site 
D)  a phisher pretends to be a legitimate company and requests confidential data

Question 10

________ are small files that the browser stores on the user's computer when he/she visits Web sites and enables him/her to access Web sites without having to sign in every time.

Accepted Answer

A)  Cookies 
B)  Botnets 
C)  Payloads 
D)  Public keys 
A)  Cookies 
B)  Botnets 
C)  Payloads 
D)  Public keys

Question 11

Data safeguards are measures used to protect computer hardware from external threat.

Accepted Answer

A) True 
 B)False

Question 12

The computers that run the DBMS and all devices that store database data should reside in locked, controlled-access facilities. This is done to ________.

Accepted Answer

A)  stop SQL injection attacks 
B)  protect against email spoofing 
C)  prevent brute force attacks 
D)  provide physical security 
A)  stop SQL injection attacks 
B)  protect against email spoofing 
C)  prevent brute force attacks 
D)  provide physical security

Question 13

What are spyware and adware programs?

Accepted Answer

• Spyware programs are install

Question 14

Firewalls produce ________ which include lists of all dropped packets, infiltration attempts, and unauthorized access attempts from within the firewall.

Accepted Answer

A)  honeypots 
B)  blogs 
C)  activity logs 
D)  RSS feeds 
A)  honeypots 
B)  blogs 
C)  activity logs 
D)  RSS feeds

Question 15

Which of the following statements is true about losses due to computer security threats?

Accepted Answer

A)  Surveys on computer crimes provide accurate results since they use standard parameters to measure and tally computer crime costs. 
B)  Some organizations don't report all their computer crime losses, and some won't report such losses at all. 
C)  Losses due to natural disasters can be measured accurately. 
D)  Losses due to human error are insignificant. 
A)  Surveys on computer crimes provide accurate results since they use standard parameters to measure and tally computer crime costs. 
B)  Some organizations don't report all their computer crime losses, and some won't report such losses at all. 
C)  Losses due to natural disasters can be measured accurately. 
D)  Losses due to human error are insignificant.

Question 16

Which of the following statements is true of data administration?

Accepted Answer

A)  It is a line function to the chief information officer. 
B)  It merely involves developing data policies. 
C)  It applies to individual units and not to the entire organization. 
D)  It is involved in establishing data safeguards. 
A)  It is a line function to the chief information officer. 
B)  It merely involves developing data policies. 
C)  It applies to individual units and not to the entire organization. 
D)  It is involved in establishing data safeguards.

Question 17

Which of the following is considered a threat caused by human error?

Accepted Answer

A)  an employee inadvertently installs an old database on top of the current one 
B)  an employee intentionally destroys data and system components 
C)  a virus and worm writer infects computer systems 
D)  a hacker breaks into a system to steal for financial gain 
A)  an employee inadvertently installs an old database on top of the current one 
B)  an employee intentionally destroys data and system components 
C)  a virus and worm writer infects computer systems 
D)  a hacker breaks into a system to steal for financial gain

Question 18

If the incident-response plan is not well-prepared, there is substantial risk that the actions of well-meaning people will make the problem worse.

Accepted Answer

A) True 
 B)False

Question 19

A ________ is a number used to encrypt data.

Accepted Answer

A)  key 
B)  honeypot 
C)  cookie 
D)  cache 
A)  key 
B)  honeypot 
C)  cookie 
D)  cache

Question 20

Email spoofing is a synonym for ________.

Accepted Answer

A)  hacking 
B)  phishing 
C)  usurping 
D)  sniffing 
A)  hacking 
B)  phishing 
C)  usurping 
D)  sniffing

Which of the following is likely to be accepted by a poorly designed application, leading to improper disclosure of data?

Sniffing occurs when an intruder uses another site's IP address to masquerade as that other site.

What is meant by denial of service?

When referring to security threats, pretexting, sniffing, spoofing, and phishing are all examples of ________.

________ is the term used to denote viruses, worms, and Trojan horses.

________ present the largest risk for an organization's infrastructure loss.

A ________ pretends to be a legitimate company and sends an email requesting confidential data, such as account numbers, Social Security numbers, account passwords, and so forth.

Define encryption and explain symmetric and asymmetric encryption for computer systems.

Which of the following usually happens in a malicious denial-of-service attack?

________ are small files that the browser stores on the user's computer when he/she visits Web sites and enables him/her to access Web sites without having to sign in every time.

Data safeguards are measures used to protect computer hardware from external threat.

The computers that run the DBMS and all devices that store database data should reside in locked, controlled-access facilities. This is done to ________.

What are spyware and adware programs?

Firewalls produce ________ which include lists of all dropped packets, infiltration attempts, and unauthorized access attempts from within the firewall.

Which of the following statements is true about losses due to computer security threats?

Which of the following statements is true of data administration?

Which of the following is considered a threat caused by human error?

If the incident-response plan is not well-prepared, there is substantial risk that the actions of well-meaning people will make the problem worse.

A ________ is a number used to encrypt data.

Email spoofing is a synonym for ________.

The Importance of MIS

Business Processes, Information Systems, and Information

Organizational Strategy, Information Systems, and Competitive Advantage

Hardware and Software

Database Processing

The Cloud

Organizations and Information Systems

Social Media Information Systems

Business Intelligence Systems

Information Systems Security

Information Systems Management

The International Dimension

Filters

Exam 12: Information Systems Development

Which of the following is likely to be accepted by a poorly designed application, leading to improper disclosure of data?

Sniffing occurs when an intruder uses another site's IP address to masquerade as that other site.

What is meant by denial of service?

When referring to security threats, pretexting, sniffing, spoofing, and phishing are all examples of ________.

________ is the term used to denote viruses, worms, and Trojan horses.

________ present the largest risk for an organization's infrastructure loss.

A ________ pretends to be a legitimate company and sends an email requesting confidential data, such as account numbers, Social Security numbers, account passwords, and so forth.

Define encryption and explain symmetric and asymmetric encryption for computer systems.

Which of the following usually happens in a malicious denial-of-service attack?

________ are small files that the browser stores on the user's computer when he/she visits Web sites and enables him/her to access Web sites without having to sign in every time.

Data safeguards are measures used to protect computer hardware from external threat.

The computers that run the DBMS and all devices that store database data should reside in locked, controlled-access facilities. This is done to ________.

What are spyware and adware programs?

Firewalls produce ________ which include lists of all dropped packets, infiltration attempts, and unauthorized access attempts from within the firewall.

Which of the following statements is true about losses due to computer security threats?

Which of the following statements is true of data administration?

Which of the following is considered a threat caused by human error?

If the incident-response plan is not well-prepared, there is substantial risk that the actions of well-meaning people will make the problem worse.

A ________ is a number used to encrypt data.

Email spoofing is a synonym for ________.

The Importance of MIS

Business Processes, Information Systems, and Information

Organizational Strategy, Information Systems, and Competitive Advantage

Hardware and Software

Database Processing

The Cloud

Organizations and Information Systems

Social Media Information Systems

Business Intelligence Systems

Information Systems Security

Information Systems Management

The International Dimension

Filters