Question 1

Internal threats are considered the most lethal threat. What are they, why are they so lethal and what can a company do to protect against them?

Accepted Answer

The answer of Internal threats are considered the most lethal...

Question 2

On the black market, stolen data in a "kit" that contains credit card information plus social security number and medical information is worth:

Accepted Answer

A)  between $13 and $18 per record 
B)  between $43 and 65 per record 
C)  between $145 and $154 per record 
D)  between $100 and $1,000 per record 
E)  between $4,520 and $4,580 per record 
A)  between $13 and $18 per record 
B)  between $43 and 65 per record 
C)  between $145 and $154 per record 
D)  between $100 and $1,000 per record 
E)  between $4,520 and $4,580 per record D

Question 3

Two factor authentication is when you use two different methods for people trying to use the system. For instance, you can use a password and a challenge question

Accepted Answer

A) True 
 B)False  True

Question 4

When the Office of Personnel Management was hacked, all of the following are true except:

Accepted Answer

A)  The hackers gained access to the building to steal the records 
B)  It took the Office of Personnel Management many months to detect the break-in 
C)  The hackers likely exploited a stolen password 
D)  The hackers did not need to escape in the blue turbocharged vehicle 
E)  None of the above (indicating that all are true) 
A)  The hackers gained access to the building to steal the records 
B)  It took the Office of Personnel Management many months to detect the break-in 
C)  The hackers likely exploited a stolen password 
D)  The hackers did not need to escape in the blue turbocharged vehicle 
E)  None of the above (indicating that all are true)

Question 5

In the Office of Personnel Management's case, the security breach made many people vulnerable to this.

Accepted Answer

A)  Loss of personal property 
B)  Inaccurate personal data 
C)  Identity theft 
D)  Loss of access to personal data 
E)  Credit card fees 
A)  Loss of personal property 
B)  Inaccurate personal data 
C)  Identity theft 
D)  Loss of access to personal data 
E)  Credit card fees

Question 6

A challenge question is when you are stopped at the gate and the guard asks who you are.

Accepted Answer

A) True 
 B)False

Question 7

Who is responsible for developing security education, awareness, and training programs?

Accepted Answer

A)  IT people 
B)  Shared: IT leaders and business leaders 
C)  Business leaders 
D)  Consultants 
E)  Team of consultants and IT people 
A)  IT people 
B)  Shared: IT leaders and business leaders 
C)  Business leaders 
D)  Consultants 
E)  Team of consultants and IT people

Question 8

In the Target breach, the IT department was warned on or about the time the files were transferred.

Accepted Answer

A) True 
 B)False

Question 9

The cost of a data breach in 2015 is estimated to be:

Accepted Answer

A)  between $13 and $18 per record 
B)  between $43 and 65 per record 
C)  between $145 and $154 per record 
D)  between $100 and $1,000 per record 
E)  between $4,520 and $4,580 per record 
A)  between $13 and $18 per record 
B)  between $43 and 65 per record 
C)  between $145 and $154 per record 
D)  between $100 and $1,000 per record 
E)  between $4,520 and $4,580 per record

Question 10

In the Target breach, the HVAC systems were actually attached to the retail sales system.

Accepted Answer

A) True 
 B)False

Question 11

What is a piece of software that traps keystrokes and stores them for hackers to inspect later?

Accepted Answer

The answer of What is a piece of software that...

Question 12

What are the shortcomings of passwords?

Accepted Answer

Passwords, while being one of the most c

Question 13

Firewalls can be either in hardware or software form.

Accepted Answer

A) True 
 B)False

Question 14

Spoofing is:

Accepted Answer

A)  When someone makes fun of you for falling for a phishing scam 
B)  When the "from" address says the name/email address of a person different from who really sent it 
C)  When hackers snoop around in a system 
D)  When a person from IT unlocks your email account 
E)  When you receive a notice of an inheritance 
A)  When someone makes fun of you for falling for a phishing scam 
B)  When the "from" address says the name/email address of a person different from who really sent it 
C)  When hackers snoop around in a system 
D)  When a person from IT unlocks your email account 
E)  When you receive a notice of an inheritance

Question 15

___ of breaches are caused by stealing a password

Accepted Answer

A)  A very low percentage (somewhere around 1%) 
B)  A low percentage (around 10%) 
C)  A moderate percentage (around 25%) 
D)  A high percentage (around 50%) 
E)  A very high percentage (around 80%) 
A)  A very low percentage (somewhere around 1%) 
B)  A low percentage (around 10%) 
C)  A moderate percentage (around 25%) 
D)  A high percentage (around 50%) 
E)  A very high percentage (around 80%)

Question 16

An "evil twin" in the context of computer security is:

Accepted Answer

A)  A virus-laden attachment that looks just like a sincere attachment 
B)  A duplicate badge that allows a nasty person entry into a data center 
C)  Someone who looks just like the Chief Information Officer, but steals data 
D)  An operating system that is not genuine 
E)  A counterfeit wifi connection in a hotel or coffee shop that appears to be genuine 
A)  A virus-laden attachment that looks just like a sincere attachment 
B)  A duplicate badge that allows a nasty person entry into a data center 
C)  Someone who looks just like the Chief Information Officer, but steals data 
D)  An operating system that is not genuine 
E)  A counterfeit wifi connection in a hotel or coffee shop that appears to be genuine

Question 17

A hacker who buys credit card information from hackers receives a short-term guarantee in case the card is declined.

Accepted Answer

A) True 
 B)False

Question 18

In the Anthem Blue Cross breach, where 80 million names, birthdays, social security numbers, etc., were stolen, the hackers got in by:

Accepted Answer

A)  Breaking into the building where they were stored 
B)  Obtaining passwords of five or more high-level employees 
C)  Making phone calls to insiders posing as IT people needing to log into their accounts 
D)  Emailing each of the 80 million patients asking for their private information 
E)  Recovering patient records from a large recycling bin 
A)  Breaking into the building where they were stored 
B)  Obtaining passwords of five or more high-level employees 
C)  Making phone calls to insiders posing as IT people needing to log into their accounts 
D)  Emailing each of the 80 million patients asking for their private information 
E)  Recovering patient records from a large recycling bin

Question 19

Many organizations and even consumers use this to control access to a network like the Internet, allowing only authorized traffic to pass.

Accepted Answer

A)  Encryption 
B)  VPN 
C)  Firewall 
D)  Anonymizing tools 
E)  Filtering 
A)  Encryption 
B)  VPN 
C)  Firewall 
D)  Anonymizing tools 
E)  Filtering

Question 20

It is estimated that ___ % of all firms have been breached:

Accepted Answer

A)  5% or less 
B)  10% to 20% 
C)  40% to 60% 
D)  70% to 90% 
E)  Over 95% 
A)  5% or less 
B)  10% to 20% 
C)  40% to 60% 
D)  70% to 90% 
E)  Over 95%

Internal threats are considered the most lethal threat. What are they, why are they so lethal and what can a company do to protect against them?

On the black market, stolen data in a "kit" that contains credit card information plus social security number and medical information is worth:

Two factor authentication is when you use two different methods for people trying to use the system. For instance, you can use a password and a challenge question

When the Office of Personnel Management was hacked, all of the following are true except:

In the Office of Personnel Management's case, the security breach made many people vulnerable to this.

A challenge question is when you are stopped at the gate and the guard asks who you are.

Who is responsible for developing security education, awareness, and training programs?

In the Target breach, the IT department was warned on or about the time the files were transferred.

The cost of a data breach in 2015 is estimated to be:

In the Target breach, the HVAC systems were actually attached to the retail sales system.

What is a piece of software that traps keystrokes and stores them for hackers to inspect later?

What are the shortcomings of passwords?

Firewalls can be either in hardware or software form.

Spoofing is:

___ of breaches are caused by stealing a password

An "evil twin" in the context of computer security is:

A hacker who buys credit card information from hackers receives a short-term guarantee in case the card is declined.

In the Anthem Blue Cross breach, where 80 million names, birthdays, social security numbers, etc., were stolen, the hackers got in by:

Many organizations and even consumers use this to control access to a network like the Internet, allowing only authorized traffic to pass.

It is estimated that ___ % of all firms have been breached:

Introduction

The Information Systems Strategy Triangle

Strategic Use of Information Resources

Organizational Strategy and Information Systems

Information Systems and the Design of Work

Information Systems and Business Transformation

Architecture and Infrastructure

The Business of Information Technology

Governance of the Information Systems Organization

Information Systems Sourcing

Managing IT Projects

Business Intelligence Knowledge Management and Analytics

Privacy and Ethical Considerations in Information Management

Filters

Exam 8: Security

Internal threats are considered the most lethal threat. What are they, why are they so lethal and what can a company do to protect against them?

On the black market, stolen data in a "kit" that contains credit card information plus social security number and medical information is worth:

Two factor authentication is when you use two different methods for people trying to use the system. For instance, you can use a password and a challenge question

When the Office of Personnel Management was hacked, all of the following are true except:

In the Office of Personnel Management's case, the security breach made many people vulnerable to this.

A challenge question is when you are stopped at the gate and the guard asks who you are.

Who is responsible for developing security education, awareness, and training programs?

In the Target breach, the IT department was warned on or about the time the files were transferred.

The cost of a data breach in 2015 is estimated to be:

In the Target breach, the HVAC systems were actually attached to the retail sales system.

What is a piece of software that traps keystrokes and stores them for hackers to inspect later?

What are the shortcomings of passwords?

Firewalls can be either in hardware or software form.

Spoofing is:

___ of breaches are caused by stealing a password

An "evil twin" in the context of computer security is:

A hacker who buys credit card information from hackers receives a short-term guarantee in case the card is declined.

In the Anthem Blue Cross breach, where 80 million names, birthdays, social security numbers, etc., were stolen, the hackers got in by:

Many organizations and even consumers use this to control access to a network like the Internet, allowing only authorized traffic to pass.

It is estimated that ___ % of all firms have been breached:

Introduction

The Information Systems Strategy Triangle

Strategic Use of Information Resources

Organizational Strategy and Information Systems

Information Systems and the Design of Work

Information Systems and Business Transformation

Architecture and Infrastructure

The Business of Information Technology

Governance of the Information Systems Organization

Information Systems Sourcing

Managing IT Projects

Business Intelligence Knowledge Management and Analytics

Privacy and Ethical Considerations in Information Management

Filters