Question 1

What is the basic information that a security policy must stipulate?

Accepted Answer

At a minimum, a security policy should s

Question 2

The computers that run the DBMS and all devices that store database data should reside in locked, controlled-access facilities. This is done to ________.

Accepted Answer

A)  stop SQL injection attacks 
B)  prevent email spoofing 
C)  prevent brute force attacks 
D)  provide physical security 
E)  prevent unauthorized encryption 
A)  stop SQL injection attacks 
B)  prevent email spoofing 
C)  prevent brute force attacks 
D)  provide physical security 
E)  prevent unauthorized encryption

Question 3

Removing and disabling ________ that may contain sensitive security data presents an excellent example of the trade-off between improved security and cost.

Accepted Answer

A)  bookmarks 
B)  pop-ups 
C)  cookies 
D)  toolbars 
E)  key loggers 
A)  bookmarks 
B)  pop-ups 
C)  cookies 
D)  toolbars 
E)  key loggers

Question 4

________ are the primary means of authentication for a user's computer and other networks and servers to which the user may have access.

Accepted Answer

A)  Private keys 
B)  User names 
C)  Passwords 
D)  Personal identification numbers 
E)  CA key rings 
A)  Private keys 
B)  User names 
C)  Passwords 
D)  Personal identification numbers 
E)  CA key rings

Question 5

Human error cannot cause unauthorized data disclosure.

Accepted Answer

A) True 
 B)False

Question 6

John has been appointed as an operations manager at a software company. Which of the following systems procedures will be John's responsibility?

Accepted Answer

A)  writing software program codes 
B)  using systems to perform job tasks 
C)  creating a backup of system databases 
D)  knowing whom to contact when a security breach occurs 
E)  prepare for loss of system functionality 
A)  writing software program codes 
B)  using systems to perform job tasks 
C)  creating a backup of system databases 
D)  knowing whom to contact when a security breach occurs 
E)  prepare for loss of system functionality

Question 7

Which of the following statements is True about the position definitions component of human safeguards?

Accepted Answer

A)  System administrators should retain user accounts after an employee has been terminated. 
B)  All employees must be provided with uniform, general training on security regardless of the sensitivity of their positions. 
C)  Documenting position sensitivity enables security personnel to prioritize their activities based on possible risk. 
D)  Holding public users of Web sites accountable for security violations is easy and inexpensive. 
E)  Security considerations should not be part of the hiring process. 
A)  System administrators should retain user accounts after an employee has been terminated. 
B)  All employees must be provided with uniform, general training on security regardless of the sensitivity of their positions. 
C)  Documenting position sensitivity enables security personnel to prioritize their activities based on possible risk. 
D)  Holding public users of Web sites accountable for security violations is easy and inexpensive. 
E)  Security considerations should not be part of the hiring process.

Question 8

Which of the following is used for biometric authentication?

Accepted Answer

A)  smart cards 
B)  facial features 
C)  passwords 
D)  personal identification numbers 
E)  MD5 hashes 
A)  smart cards 
B)  facial features 
C)  passwords 
D)  personal identification numbers 
E)  MD5 hashes

Question 9

Improper data disclosure and data damage and loss are possible consequences of an SQL injection attack.

Accepted Answer

A) True 
 B)False

Question 10

Key escrow is a(n) ________.

Accepted Answer

A)  protocol used to secure communication over the internet 
B)  safety procedure that allows a trusted party to have a copy of the encryption key 
C)  device that prevents unauthorized network access 
D)  encryption algorithm that uses both public and private keys 
E)  the creation of related public and private keys 
A)  protocol used to secure communication over the internet 
B)  safety procedure that allows a trusted party to have a copy of the encryption key 
C)  device that prevents unauthorized network access 
D)  encryption algorithm that uses both public and private keys 
E)  the creation of related public and private keys

Question 11

In asymmetric encryption, each site has a ________ for encoding messages.

Accepted Answer

A)  botnet 
B)  private key 
C)  public key 
D)  cookie 
E)  cipher 
A)  botnet 
B)  private key 
C)  public key 
D)  cookie 
E)  cipher

Question 12

What is a virus? Differentiate between Trojan horses and worms.

Accepted Answer

A virus is a computer program that repli

Question 13

Layla is purchasing a new laptop from an online vendor. Which of the following will be displayed in the address bar of his browser that will let her know that the online retailer is using the Secure Sockets Layer (SSL) protocol?

Accepted Answer

A)  ftp 
B)  www 
C)  https 
D)  .com 
E)  smtp 
A)  ftp 
B)  www 
C)  https 
D)  .com 
E)  smtp

Question 14

Email spoofing is a synonym for ________.

Accepted Answer

A)  hacking 
B)  phishing 
C)  usurping 
D)  sniffing 
E)  baiting 
A)  hacking 
B)  phishing 
C)  usurping 
D)  sniffing 
E)  baiting

Question 15

One of the personal security safeguards is to use https at trusted, reputable vendors.

Accepted Answer

A) True 
 B)False

Question 16

In the context of security threats, pretexting, sniffing, spoofing, and phishing are all examples of ________.

Accepted Answer

A)  unauthorized data disclosure 
B)  incorrect data modification 
C)  faulty services 
D)  loss of infrastructure 
E)  SQL injection 
A)  unauthorized data disclosure 
B)  incorrect data modification 
C)  faulty services 
D)  loss of infrastructure 
E)  SQL injection

Question 17

Hardening a site means to take extraordinary measures to reduce a system's vulnerability.

Accepted Answer

A) True 
 B)False

Question 18

________ involve the people and procedure components of information systems.

Accepted Answer

A)  Firewalls 
B)  Technical safeguards 
C)  Human safeguards 
D)  Payloads 
E)  Port scanners 
A)  Firewalls 
B)  Technical safeguards 
C)  Human safeguards 
D)  Payloads 
E)  Port scanners

Question 19

________ occurs when computer criminals invade a computer system and replace legitimate programs with their own, unauthorized ones that shut down legitimate applications.

Accepted Answer

A)  Encryption 
B)  Spoofing 
C)  Phishing 
D)  Usurpation 
E)  Spear Phishing 
A)  Encryption 
B)  Spoofing 
C)  Phishing 
D)  Usurpation 
E)  Spear Phishing

Question 20

Nonword passwords are vulnerable to a ________ attack in which the password cracker tries every possible combination of characters.

Accepted Answer

A)  denial-of-service 
B)  sniffing 
C)  brute force 
D)  phishing 
E)  nuanced 
A)  denial-of-service 
B)  sniffing 
C)  brute force 
D)  phishing 
E)  nuanced

What is the basic information that a security policy must stipulate?

The computers that run the DBMS and all devices that store database data should reside in locked, controlled-access facilities. This is done to ________.

Removing and disabling ________ that may contain sensitive security data presents an excellent example of the trade-off between improved security and cost.

________ are the primary means of authentication for a user's computer and other networks and servers to which the user may have access.

Human error cannot cause unauthorized data disclosure.

John has been appointed as an operations manager at a software company. Which of the following systems procedures will be John's responsibility?

Which of the following statements is True about the position definitions component of human safeguards?

Which of the following is used for biometric authentication?

Improper data disclosure and data damage and loss are possible consequences of an SQL injection attack.

Key escrow is a(n) ________.

In asymmetric encryption, each site has a ________ for encoding messages.

What is a virus? Differentiate between Trojan horses and worms.

Layla is purchasing a new laptop from an online vendor. Which of the following will be displayed in the address bar of his browser that will let her know that the online retailer is using the Secure Sockets Layer (SSL) protocol?

Email spoofing is a synonym for ________.

One of the personal security safeguards is to use https at trusted, reputable vendors.

In the context of security threats, pretexting, sniffing, spoofing, and phishing are all examples of ________.

Hardening a site means to take extraordinary measures to reduce a system's vulnerability.

________ involve the people and procedure components of information systems.

________ occurs when computer criminals invade a computer system and replace legitimate programs with their own, unauthorized ones that shut down legitimate applications.

Nonword passwords are vulnerable to a ________ attack in which the password cracker tries every possible combination of characters.

The Importance of Mis

Collaboration Information Systems

Strategy and Information Systems

Hardware, Software, and Mobile Systems

Database Processing

The Cloud

Processes, Organizations, and Information Systems

Social Media Information Systems

Business Intelligence Systems

Information Systems Management

Information Systems Development

Filters

Exam 10: Information Systems Security

What is the basic information that a security policy must stipulate?

The computers that run the DBMS and all devices that store database data should reside in locked, controlled-access facilities. This is done to ________.

Removing and disabling ________ that may contain sensitive security data presents an excellent example of the trade-off between improved security and cost.

________ are the primary means of authentication for a user's computer and other networks and servers to which the user may have access.

Human error cannot cause unauthorized data disclosure.

John has been appointed as an operations manager at a software company. Which of the following systems procedures will be John's responsibility?

Which of the following statements is True about the position definitions component of human safeguards?

Which of the following is used for biometric authentication?

Improper data disclosure and data damage and loss are possible consequences of an SQL injection attack.

Key escrow is a(n) ________.

In asymmetric encryption, each site has a ________ for encoding messages.

What is a virus? Differentiate between Trojan horses and worms.

Layla is purchasing a new laptop from an online vendor. Which of the following will be displayed in the address bar of his browser that will let her know that the online retailer is using the Secure Sockets Layer (SSL) protocol?

Email spoofing is a synonym for ________.

One of the personal security safeguards is to use https at trusted, reputable vendors.

In the context of security threats, pretexting, sniffing, spoofing, and phishing are all examples of ________.

Hardening a site means to take extraordinary measures to reduce a system's vulnerability.

________ involve the people and procedure components of information systems.

________ occurs when computer criminals invade a computer system and replace legitimate programs with their own, unauthorized ones that shut down legitimate applications.

Nonword passwords are vulnerable to a ________ attack in which the password cracker tries every possible combination of characters.

The Importance of Mis

Collaboration Information Systems

Strategy and Information Systems

Hardware, Software, and Mobile Systems

Database Processing

The Cloud

Processes, Organizations, and Information Systems

Social Media Information Systems

Business Intelligence Systems

Information Systems Management

Information Systems Development

Filters