Exam 8: Securing Information Systems

________ involves setting up fake Web sites or sending e-mail messages that look like those of legitimate businesses to ask users for confidential personal data.

Keyloggers record every keystroke made on a computer to steal serial numbers for software,to launch Internet attacks,to gain access to e-mail accounts,to obtain passwords to protected computer systems,or to pick up personal information such as credit card numbers.

The ________ worm word macro script mailing infected Word file to first 50 entries in user's Microsoft Outlook address book.Infected 15 to 29 percent of all business PCs,causing $300 million to $600 million in damage.

Which of the following is NOT an example of a computer used as an instrument of crime?

________ is/are methods,policies,and organizational procedures ensuring the safety of the organization's assets,the accuracy and reliability of its records,and operational adherence to management standards.

An authentication token is a(n)

Web 2.0 applications,such as blogs,wikis,and social networking sites such as Facebook and MySpace,have are not conduits for malware or spyware.

________ consists of all the policies and procedures a company uses to prevent improper access to systems by unauthorized insiders and outsiders.

________ is the scientific collection,examination,authentication,preservation,and analysis of data held on or retrieved from computer storage media in such a way that the information can be used as evidence in a court of law.

In which method of encryption is a single encryption key sent to the receiver so both sender and receiver share the same key?

Daniel is sitting home one night and is very bored.He gets on his computer and starts to surf the net.He comes to a bank site.He thinks he might be able to get around the security of the site and into the bank computer system.He spends the next two hours trying to find his way into their system.Daniel gets into the system and puts $200 into his account from just some random name he found in the banking system.Daniel is a ________.

Specific security challenges that threaten corporate servers in a client/server environment include

The WEP specification calls for an access point and its users to share the same 40-bit encrypted password.

The ________ worm uses flaws in Windows software to take over machines and link them into a virtual computer that can be commanded remotely.

Helen downloaded a greeting card program from the internet.She was surprised that it really didn't do what it was supposed to do.What the program did was send nasty,profane e-mails to all the people in her contact list.Helen is the victim of ________.

A(n)________ examines the firm's overall security environment as well as the controls governing individual information systems.

Smartphones share the same security weaknesses as other Internet devices and are vulnerable to malicious software and penetration from outsiders.

A firewall allows the organization to

________ are specific controls unique to each computerized application,such as payroll or order processing.

________ is the intentional disruption,defacement,or even destruction of a Web site or corporate information system.