Question 1

The dispersed nature of cloud computing makes it difficult to track unauthorized access.

Accepted Answer

A) True 
 B)False

Question 2

Which of the following statements about the Internet security is not true?

Accepted Answer

A)  The use of P2P networks can expose a corporate computer to outsiders. 
B)  A corporate network without access to the Internet is more secure than one that provides access. 
C)  VoIP is more secure than the switched voice network. 
D)  Instant messaging can provide hackers access to an otherwise secure network. 
E)  Smartphones have the same security weaknesses as other Internet devices. 
A)  The use of P2P networks can expose a corporate computer to outsiders. 
B)  A corporate network without access to the Internet is more secure than one that provides access. 
C)  VoIP is more secure than the switched voice network. 
D)  Instant messaging can provide hackers access to an otherwise secure network. 
E)  Smartphones have the same security weaknesses as other Internet devices.

Question 3

A Trojan horse

Accepted Answer

A)  is software that appears to be benign but does something other than expected. 
B)  is a virus that replicates quickly. 
C)  is malware named for a breed of fast-moving Near-Eastern horses. 
D)  installs spyware on users' computers. 
E)  is a type of sniffer used to infiltrate corporate networks. 
A)  is software that appears to be benign but does something other than expected. 
B)  is a virus that replicates quickly. 
C)  is malware named for a breed of fast-moving Near-Eastern horses. 
D)  installs spyware on users' computers. 
E)  is a type of sniffer used to infiltrate corporate networks.

Question 4

The intentional defacement or destruction of a Web site is called

Accepted Answer

A)  spoofing. 
B)  cybervandalism. 
C)  cyberwarfare. 
D)  phishing. 
E)  pharming. 
A)  spoofing. 
B)  cybervandalism. 
C)  cyberwarfare. 
D)  phishing. 
E)  pharming.

Question 5

The HIPAA Act of 1996

Accepted Answer

A)  requires financial institutions to ensure the security of customer data. 
B)  specifies best practices in information systems security and control. 
C)  imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D)  outlines medical security and privacy rules. 
E)  identifies computer abuse as a crime and defines abusive activities. 
A)  requires financial institutions to ensure the security of customer data. 
B)  specifies best practices in information systems security and control. 
C)  imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D)  outlines medical security and privacy rules. 
E)  identifies computer abuse as a crime and defines abusive activities.

Question 6

Why is software quality important to security?
 What specific steps can an organization take to ensure software quality?

Accepted Answer

Software errors pose a constant threat t

Question 7

Biometric authentication is the use of personal, biographic details such as the high school you attended and the first street you lived on to provide identification.

Accepted Answer

A) True 
 B)False

Question 8

How is the security of a firm's information system and data affected by its people, organization, and technology?
 Is the contribution of one of these dimensions any more important than the other?
 Why?

Accepted Answer

There are various technological essentia

Question 9

Large amounts of data stored in electronic form are ________ than the same data in manual form.

Accepted Answer

A)  less vulnerable to damage 
B)  more secure 
C)  vulnerable to many more kinds of threats 
D)  more critical to most businesses 
E)  prone to more errors 
A)  less vulnerable to damage 
B)  more secure 
C)  vulnerable to many more kinds of threats 
D)  more critical to most businesses 
E)  prone to more errors

Question 10

Public key encryption uses two keys.

Accepted Answer

A) True 
 B)False

Question 11

For 100-percent availability, online transaction processing requires

Accepted Answer

A)  high-capacity storage. 
B)  a multi-tier server network. 
C)  fault-tolerant computer systems. 
D)  dedicated phone lines. 
E)  a digital certificate system. 
A)  high-capacity storage. 
B)  a multi-tier server network. 
C)  fault-tolerant computer systems. 
D)  dedicated phone lines. 
E)  a digital certificate system.

Question 12

When errors are discovered in software programs, the sources of the errors are found and eliminated through a process called debugging.

Accepted Answer

A) True 
 B)False

Question 13

Most antivirus software is effective against

Accepted Answer

A)  only those viruses active on the Internet and through e-mail. 
B)  any virus. 
C)  any virus except those in wireless communications applications. 
D)  only those viruses already known when the software is written. 
E)  only viruses that are well-known and typically several years old. 
A)  only those viruses active on the Internet and through e-mail. 
B)  any virus. 
C)  any virus except those in wireless communications applications. 
D)  only those viruses already known when the software is written. 
E)  only viruses that are well-known and typically several years old.

Question 14

Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems.

Accepted Answer

A)  DPI 
B)  MSSP 
C)  NSP 
D)  PKI 
E)  UTM 
A)  DPI 
B)  MSSP 
C)  NSP 
D)  PKI 
E)  UTM

Question 15

Which of the following specifications replaces WEP with a stronger security standard that features changing encryption keys?

Accepted Answer

A)  TLS 
B)  AUP 
C)  VPN 
D)  WPA2 
E)  UTM 
A)  TLS 
B)  AUP 
C)  VPN 
D)  WPA2 
E)  UTM

Question 16

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

Accepted Answer

A)  high availability computing 
B)  deep-packet inspection 
C)  application proxy filtering 
D)  stateful inspection 
E)  unified threat management 
A)  high availability computing 
B)  deep-packet inspection 
C)  application proxy filtering 
D)  stateful inspection 
E)  unified threat management

Question 17

Three major concerns of system builders and users are disaster, security, and human error. Of the three, which do you think is most difficult to deal with?
 Why?

Accepted Answer

Student answers will vary. Example answe

Question 18

Currently, the protocols used for secure information transfer over the Internet are

Accepted Answer

A)  TCP/IP and SSL. 
B)  S-HTTP and CA. 
C)  HTTP and TCP/IP. 
D)  S-HTTP and SHTML. 
E)  SSL, TLS, and S-HTTP. 
A)  TCP/IP and SSL. 
B)  S-HTTP and CA. 
C)  HTTP and TCP/IP. 
D)  S-HTTP and SHTML. 
E)  SSL, TLS, and S-HTTP.

Question 19

You have been hired as a security consultant for a law firm. Which of the following constitutes the greatest source for network security breaches to the firm?

Accepted Answer

A)  wireless network 
B)  employees 
C)  authentication procedures 
D)  lack of data encryption 
E)  software quality 
A)  wireless network 
B)  employees 
C)  authentication procedures 
D)  lack of data encryption 
E)  software quality

Question 20

One form of spoofing involves forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender.

Accepted Answer

A) True 
 B)False

The dispersed nature of cloud computing makes it difficult to track unauthorized access.

Which of the following statements about the Internet security is not true?

A Trojan horse

The intentional defacement or destruction of a Web site is called

The HIPAA Act of 1996

Why is software quality important to security? What specific steps can an organization take to ensure software quality?

Biometric authentication is the use of personal, biographic details such as the high school you attended and the first street you lived on to provide identification.

How is the security of a firm's information system and data affected by its people, organization, and technology? Is the contribution of one of these dimensions any more important than the other? Why?

Large amounts of data stored in electronic form are ________ than the same data in manual form.

Public key encryption uses two keys.

For 100-percent availability, online transaction processing requires

When errors are discovered in software programs, the sources of the errors are found and eliminated through a process called debugging.

Most antivirus software is effective against

Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems.

Which of the following specifications replaces WEP with a stronger security standard that features changing encryption keys?

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

Three major concerns of system builders and users are disaster, security, and human error. Of the three, which do you think is most difficult to deal with? Why?

Currently, the protocols used for secure information transfer over the Internet are

You have been hired as a security consultant for a law firm. Which of the following constitutes the greatest source for network security breaches to the firm?

One form of spoofing involves forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender.

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems, Organizations, and Strategy

Ethical and Social Issues in Information Systems

It Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets, Digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters

Exam 8: Securing Information Systems

The dispersed nature of cloud computing makes it difficult to track unauthorized access.

Which of the following statements about the Internet security is not true?

A Trojan horse

The intentional defacement or destruction of a Web site is called

The HIPAA Act of 1996

Why is software quality important to security? What specific steps can an organization take to ensure software quality?

Biometric authentication is the use of personal, biographic details such as the high school you attended and the first street you lived on to provide identification.

How is the security of a firm's information system and data affected by its people, organization, and technology? Is the contribution of one of these dimensions any more important than the other? Why?

Large amounts of data stored in electronic form are ________ than the same data in manual form.

Public key encryption uses two keys.

For 100-percent availability, online transaction processing requires

When errors are discovered in software programs, the sources of the errors are found and eliminated through a process called debugging.

Most antivirus software is effective against

Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems.

Which of the following specifications replaces WEP with a stronger security standard that features changing encryption keys?

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

Three major concerns of system builders and users are disaster, security, and human error. Of the three, which do you think is most difficult to deal with? Why?

Currently, the protocols used for secure information transfer over the Internet are

You have been hired as a security consultant for a law firm. Which of the following constitutes the greatest source for network security breaches to the firm?

One form of spoofing involves forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender.

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems, Organizations, and Strategy

Ethical and Social Issues in Information Systems

It Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets, Digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters