Question 1

DoS attacks are used to destroy information and access restricted areas of a company's information system.

Accepted Answer

A) True 
 B)False

Question 2

Hackers and their companion viruses are an increasing problem, especially on the Internet. What are the most important measurers for a firm to take to protect itself from this? Is full protection feasible? Why or why not?

Accepted Answer

For protection, a company must institute

Question 3

Is the cloud a safer and more secure computing environment than an in-house network? Why or why not?

Accepted Answer

Student evaluations will vary, but shoul

Question 4

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

Accepted Answer

A) high availability computing 
B) deep-packet inspection 
C) application proxy filtering 
D) stateful inspection 
A) high availability computing 
B) deep-packet inspection 
C) application proxy filtering 
D) stateful inspection

Question 5

Which of the following is not an example of a computer used as an instrument of crime?

Accepted Answer

A) Theft of trade secrets 
B) Intentionally attempting to intercept electronic communication 
C) Unauthorized copying of software 
D) Breaching the confidentiality of protected computerized data 
A) Theft of trade secrets 
B) Intentionally attempting to intercept electronic communication 
C) Unauthorized copying of software 
D) Breaching the confidentiality of protected computerized data

Question 6

Rigorous password systems:

Accepted Answer

A) are one of the most effective security tools. 
B) may hinder employee productivity. 
C) are costly to implement. 
D) are often disregarded by employees. 
A) are one of the most effective security tools. 
B) may hinder employee productivity. 
C) are costly to implement. 
D) are often disregarded by employees.

Question 7

Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.

Accepted Answer

A) True 
 B)False

Question 8

A walkthrough is a type of software testing used before software is even written.

Accepted Answer

A) True 
 B)False

Question 9

Which of the following specifications replaces WEP with a stronger security standard that features changing encryption keys?

Accepted Answer

A) TLS 
B) AUP 
C) VPN 
D) WPA2 
A) TLS 
B) AUP 
C) VPN 
D) WPA2

Question 10

How is the security of a firm's information system and data affected by its people, organization, and technology? Is the contribution of one of these dimensions any more important than the other? Why?

Accepted Answer

There are various technological essentia

Question 11

Currently, the protocols used for secure information transfer over the Internet are:

Accepted Answer

A) TCP/IP and SSL. 
B) S-HTTP and CA. 
C) HTTP and TCP/IP. 
D) SSL, TLS, and S-HTTP. 
A) TCP/IP and SSL. 
B) S-HTTP and CA. 
C) HTTP and TCP/IP. 
D) SSL, TLS, and S-HTTP.

Question 12

Evil twins are:

Accepted Answer

A) Trojan horses that appears to the user to be a legitimate commercial software application. 
B) e-mail messages that mimic the e-mail messages of a legitimate business. 
C) fraudulent Web sites that mimic a legitimate business's Web site. 
D) bogus wireless network access points that look legitimate to users. 
A) Trojan horses that appears to the user to be a legitimate commercial software application. 
B) e-mail messages that mimic the e-mail messages of a legitimate business. 
C) fraudulent Web sites that mimic a legitimate business's Web site. 
D) bogus wireless network access points that look legitimate to users.

Question 13

Which of the following statements about the Internet security is not true?

Accepted Answer

A) The use of P2P networks can expose a corporate computer to outsiders. 
B) A corporate network without access to the Internet is more secure than one that provides access. 
C) VoIP is more secure than the switched voice network. 
D) Instant messaging can provide hackers access to an otherwise secure network. 
A) The use of P2P networks can expose a corporate computer to outsiders. 
B) A corporate network without access to the Internet is more secure than one that provides access. 
C) VoIP is more secure than the switched voice network. 
D) Instant messaging can provide hackers access to an otherwise secure network.

Question 14

The Sarbanes-Oxley Act:

Accepted Answer

A) requires financial institutions to ensure the security of customer data. 
B) specifies best practices in information systems security and control. 
C) imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D) outlines medical security and privacy rules. 
A) requires financial institutions to ensure the security of customer data. 
B) specifies best practices in information systems security and control. 
C) imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D) outlines medical security and privacy rules.

Question 15

The development and use of methods to make computer systems resume their activities more quickly after mishaps is called:

Accepted Answer

A) high-availability computing. 
B) recovery-oriented computing. 
C) fault-tolerant computing. 
D) disaster-recovery planning. 
A) high-availability computing. 
B) recovery-oriented computing. 
C) fault-tolerant computing. 
D) disaster-recovery planning.

Question 16

For 100 percent availability, online transaction processing requires:

Accepted Answer

A) high-capacity storage. 
B) a multi-tier server network. 
C) fault-tolerant computer systems. 
D) dedicated phone lines. 
A) high-capacity storage. 
B) a multi-tier server network. 
C) fault-tolerant computer systems. 
D) dedicated phone lines.

Question 17

Malicious software programs referred to as spyware include a variety of threats such as computer viruses, worms, and Trojan horses.

Accepted Answer

A) True 
 B)False

Question 18

Your company, an online clothing store, has calculated that a loss of Internet connectivity for 5 hours results in a potential loss of $1,000 to $2,000 and that there is a 50% chance of this occurring. What is the annual expected loss from this exposure?

Accepted Answer

A) $750 
B) $1,000 
C) $1,500 
D) $3,000 
A) $750 
B) $1,000 
C) $1,500 
D) $3,000

Question 19

How can a firm's security policies contribute and relate to the six main business objectives? Give examples.

Accepted Answer

(1)Operational excellence: Security poli

Question 20

Packet filtering catches most types of network attacks.

Accepted Answer

A) True 
 B)False

DoS attacks are used to destroy information and access restricted areas of a company's information system.

Hackers and their companion viruses are an increasing problem, especially on the Internet. What are the most important measurers for a firm to take to protect itself from this? Is full protection feasible? Why or why not?

Is the cloud a safer and more secure computing environment than an in-house network? Why or why not?

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

Which of the following is not an example of a computer used as an instrument of crime?

Rigorous password systems:

Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.

A walkthrough is a type of software testing used before software is even written.

Which of the following specifications replaces WEP with a stronger security standard that features changing encryption keys?

How is the security of a firm's information system and data affected by its people, organization, and technology? Is the contribution of one of these dimensions any more important than the other? Why?

Currently, the protocols used for secure information transfer over the Internet are:

Evil twins are:

Which of the following statements about the Internet security is not true?

The Sarbanes-Oxley Act:

The development and use of methods to make computer systems resume their activities more quickly after mishaps is called:

For 100 percent availability, online transaction processing requires:

Malicious software programs referred to as spyware include a variety of threats such as computer viruses, worms, and Trojan horses.

Your company, an online clothing store, has calculated that a loss of Internet connectivity for 5 hours results in a potential loss of $1,000 to $2,000 and that there is a 50% chance of this occurring. What is the annual expected loss from this exposure?

How can a firm's security policies contribute and relate to the six main business objectives? Give examples.

Packet filtering catches most types of network attacks.

Business Information Systems in Your Career

Global E-Business and Collaboration

Achieving Competitive Advantage With Information Systems

Ethical and Social Issues in Information Systems

It Infrastructure: Hardware and Software

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets, Digital Goods

Improving Decision Making and Managing Knowledge

Building Information Systems and Managing Projects

Filters

Exam 8: Securing Information Systems

DoS attacks are used to destroy information and access restricted areas of a company's information system.

Hackers and their companion viruses are an increasing problem, especially on the Internet. What are the most important measurers for a firm to take to protect itself from this? Is full protection feasible? Why or why not?

Is the cloud a safer and more secure computing environment than an in-house network? Why or why not?

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

Which of the following is not an example of a computer used as an instrument of crime?

Rigorous password systems:

Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.

A walkthrough is a type of software testing used before software is even written.

Which of the following specifications replaces WEP with a stronger security standard that features changing encryption keys?

How is the security of a firm's information system and data affected by its people, organization, and technology? Is the contribution of one of these dimensions any more important than the other? Why?

Currently, the protocols used for secure information transfer over the Internet are:

Evil twins are:

Which of the following statements about the Internet security is not true?

The Sarbanes-Oxley Act:

The development and use of methods to make computer systems resume their activities more quickly after mishaps is called:

For 100 percent availability, online transaction processing requires:

Malicious software programs referred to as spyware include a variety of threats such as computer viruses, worms, and Trojan horses.

Your company, an online clothing store, has calculated that a loss of Internet connectivity for 5 hours results in a potential loss of $1,000 to $2,000 and that there is a 50% chance of this occurring. What is the annual expected loss from this exposure?

How can a firm's security policies contribute and relate to the six main business objectives? Give examples.

Packet filtering catches most types of network attacks.

Business Information Systems in Your Career

Global E-Business and Collaboration

Achieving Competitive Advantage With Information Systems

Ethical and Social Issues in Information Systems

It Infrastructure: Hardware and Software

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets, Digital Goods

Improving Decision Making and Managing Knowledge

Building Information Systems and Managing Projects

Filters