Question 1

An acceptable use policy defines the acceptable level of access to information assets for different users.

Accepted Answer

A) True 
 B)False  False

Question 2

________ is malware that logs and transmits everything a user types.

Accepted Answer

A)  Spyware 
B)  A Trojan horse 
C)  A keylogger 
D)  A worm 
E)  A sniffer 
A)  Spyware 
B)  A Trojan horse 
C)  A keylogger 
D)  A worm 
E)  A sniffer C

Question 3

Computer forensics tasks include all of the following except

Accepted Answer

A)  presenting collected evidence in a court of law. 
B)  securely storing recovered electronic data. 
C)  collecting physical evidence on the computer. 
D)  finding significant information in a large volume of electronic data. 
A)  presenting collected evidence in a court of law. 
B)  securely storing recovered electronic data. 
C)  collecting physical evidence on the computer. 
D)  finding significant information in a large volume of electronic data. C

Question 4

Which of the following is not an example of a computer used as a target of crime?

Accepted Answer

A)  knowingly accessing a protected computer to commit fraud 
B)  sccessing a computer system without authority 
C)  illegally accessing stored electronic communication 
D)  threatening to cause damage to a protected computer 
E)  breaching the confidentiality of protected computerized data 
A)  knowingly accessing a protected computer to commit fraud 
B)  sccessing a computer system without authority 
C)  illegally accessing stored electronic communication 
D)  threatening to cause damage to a protected computer 
E)  breaching the confidentiality of protected computerized data

Question 5

Malicious software programs referred to as spyware include a variety of threats such as computer viruses, worms, and Trojan horses.

Accepted Answer

A) True 
 B)False

Question 6

________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access, change, or destruction while they are in use or in storage.

Accepted Answer

A)  Software 
B)  Administrative 
C)  Data security 
D)  Implementation 
E)  Input 
A)  Software 
B)  Administrative 
C)  Data security 
D)  Implementation 
E)  Input

Question 7

Analysis of an information system that rates the likelihood of a security incident occurring and its cost is included in a(n)

Accepted Answer

A)  security policy. 
B)  AUP. 
C)  risk assessment. 
D)  business impact analysis. 
E)  business continuity plan. 
A)  security policy. 
B)  AUP. 
C)  risk assessment. 
D)  business impact analysis. 
E)  business continuity plan.

Question 8

Sniffers enable hackers to steal proprietary information from anywhere on a network, including e-mail messages, company files, and confidential reports.

Accepted Answer

A) True 
 B)False

Question 9

How can a firm's security policies contribute and relate to the six main business objectives?
 Give examples.

Accepted Answer

(1) Operational excellence: Security pol

Question 10

An authentication token is a(n)

Accepted Answer

A)  device the size of a credit card that contains access permission data. 
B)  type of smart card. 
C)  gadget that displays passcodes. 
D)  electronic marker attached to a digital authorization file. 
A)  device the size of a credit card that contains access permission data. 
B)  type of smart card. 
C)  gadget that displays passcodes. 
D)  electronic marker attached to a digital authorization file.

Question 11

A practice in which eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic is referred to as

Accepted Answer

A)  war driving. 
B)  sniffing. 
C)  cybervandalism. 
D)  drive-by tapping. 
E)  snooping. 
A)  war driving. 
B)  sniffing. 
C)  cybervandalism. 
D)  drive-by tapping. 
E)  snooping.

Question 12

Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.

Accepted Answer

A) True 
 B)False

Question 13

Viruses can be spread through e-mail.

Accepted Answer

A) True 
 B)False

Question 14

Which of the following is not an example of a computer used as an instrument of crime?

Accepted Answer

A)  theft of trade secrets 
B)  intentionally attempting to intercept electronic communication 
C)  unauthorized copying of software 
D)  breaching the confidentiality of protected computerized data 
E)  schemes to defraud 
A)  theft of trade secrets 
B)  intentionally attempting to intercept electronic communication 
C)  unauthorized copying of software 
D)  breaching the confidentiality of protected computerized data 
E)  schemes to defraud

Question 15

Packet filtering catches most types of network attacks.

Accepted Answer

A) True 
 B)False

Question 16

For 100-percent availability, online transaction processing requires

Accepted Answer

A)  high-capacity storage. 
B)  a multi-tier server network. 
C)  fault-tolerant computer systems. 
D)  dedicated phone lines. 
E)  a digital certificate system. 
A)  high-capacity storage. 
B)  a multi-tier server network. 
C)  fault-tolerant computer systems. 
D)  dedicated phone lines. 
E)  a digital certificate system.

Question 17

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n) ________ attack.

Accepted Answer

A)  DDoS 
B)  DoS 
C)  SQL injection 
D)  phishing 
E)  botnet 
A)  DDoS 
B)  DoS 
C)  SQL injection 
D)  phishing 
E)  botnet

Question 18

An authentication system in which a user must provide two types of identification, such as a bank card and PIN, is called

Accepted Answer

A)  smart card authentication. 
B)  biometric authentication. 
C)  two-factor authentication. 
D)  symmetric key authorization. 
E)  token authentication. 
A)  smart card authentication. 
B)  biometric authentication. 
C)  two-factor authentication. 
D)  symmetric key authorization. 
E)  token authentication.

Question 19

What is a digital certificate?
 How does it work?

Accepted Answer

Digital certificates are data files used

Question 20

________ use scanning software to look for known problems such as bad passwords, the removal of important files, security attacks in progress, and system administration errors.

Accepted Answer

A)  Stateful inspections 
B)  Intrusion detection systems 
C)  Application proxy filtering technologies 
D)  Packet filtering technologies 
E)  Firewalls 
A)  Stateful inspections 
B)  Intrusion detection systems 
C)  Application proxy filtering technologies 
D)  Packet filtering technologies 
E)  Firewalls

An acceptable use policy defines the acceptable level of access to information assets for different users.

________ is malware that logs and transmits everything a user types.

Computer forensics tasks include all of the following except

Which of the following is not an example of a computer used as a target of crime?

Malicious software programs referred to as spyware include a variety of threats such as computer viruses, worms, and Trojan horses.

________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access, change, or destruction while they are in use or in storage.

Analysis of an information system that rates the likelihood of a security incident occurring and its cost is included in a(n)

Sniffers enable hackers to steal proprietary information from anywhere on a network, including e-mail messages, company files, and confidential reports.

How can a firm's security policies contribute and relate to the six main business objectives? Give examples.

An authentication token is a(n)

A practice in which eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic is referred to as

Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.

Viruses can be spread through e-mail.

Which of the following is not an example of a computer used as an instrument of crime?

Packet filtering catches most types of network attacks.

For 100-percent availability, online transaction processing requires

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n) ________ attack.

An authentication system in which a user must provide two types of identification, such as a bank card and PIN, is called

What is a digital certificate? How does it work?

________ use scanning software to look for known problems such as bad passwords, the removal of important files, security attacks in progress, and system administration errors.

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems, Organizations, and Strategy

Ethical and Social Issues in Information Systems

It Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets, Digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters

Exam 8: Securing Information Systems

An acceptable use policy defines the acceptable level of access to information assets for different users.

________ is malware that logs and transmits everything a user types.

Computer forensics tasks include all of the following except

Which of the following is not an example of a computer used as a target of crime?

Malicious software programs referred to as spyware include a variety of threats such as computer viruses, worms, and Trojan horses.

________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access, change, or destruction while they are in use or in storage.

Analysis of an information system that rates the likelihood of a security incident occurring and its cost is included in a(n)

Sniffers enable hackers to steal proprietary information from anywhere on a network, including e-mail messages, company files, and confidential reports.

How can a firm's security policies contribute and relate to the six main business objectives? Give examples.

An authentication token is a(n)

A practice in which eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic is referred to as

Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.

Viruses can be spread through e-mail.

Which of the following is not an example of a computer used as an instrument of crime?

Packet filtering catches most types of network attacks.

For 100-percent availability, online transaction processing requires

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n) ________ attack.

An authentication system in which a user must provide two types of identification, such as a bank card and PIN, is called

What is a digital certificate? How does it work?

________ use scanning software to look for known problems such as bad passwords, the removal of important files, security attacks in progress, and system administration errors.

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems, Organizations, and Strategy

Ethical and Social Issues in Information Systems

It Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets, Digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters