Question 1

SSL is a protocol used to establish a secure connection between two computers.

Accepted Answer

A) True 
 B)False  True

Question 2

You have been hired as a security consultant for a law firm.Which of the following constitutes the greatest source of security threats to the firm?

Accepted Answer

A) Wireless network 
B) Employees 
C) Authentication procedures 
D) Lack of data encryption 
A) Wireless network 
B) Employees 
C) Authentication procedures 
D) Lack of data encryption B

Question 3

Evil twins are:

Accepted Answer

A) Trojan horses that appears to the user to be a legitimate commercial software application. 
B) e-mail messages that mimic the e-mail messages of a legitimate business. 
C) fraudulent Web sites that mimic a legitimate business's Web site. 
D) bogus wireless network access points that look legitimate to users. 
A) Trojan horses that appears to the user to be a legitimate commercial software application. 
B) e-mail messages that mimic the e-mail messages of a legitimate business. 
C) fraudulent Web sites that mimic a legitimate business's Web site. 
D) bogus wireless network access points that look legitimate to users. D

Question 4

Which of the following is not an example of a computer used as a target of crime?

Accepted Answer

A) Knowingly accessing a protected computer to commit fraud 
B) Accessing a computer system without authority 
C) Illegally accessing stored electronic communication 
D) Threatening to cause damage to a protected computer 
A) Knowingly accessing a protected computer to commit fraud 
B) Accessing a computer system without authority 
C) Illegally accessing stored electronic communication 
D) Threatening to cause damage to a protected computer

Question 5

High-availability computing is also referred to as fault tolerance.

Accepted Answer

A) True 
 B)False

Question 6

Comprehensive security management products,with tools for firewalls,VPNs,intrusion detection systems,and more,are called ________ systems.

Accepted Answer

A) DPI 
B) MSSP 
C) NSP 
D) UTM 
A) DPI 
B) MSSP 
C) NSP 
D) UTM

Question 7

________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access,change,or destruction while they are in use or in storage.

Accepted Answer

A) Software 
B) Administrative 
C) Data security 
D) Implementation 
A) Software 
B) Administrative 
C) Data security 
D) Implementation

Question 8

When errors are discovered in software programs,the sources of the errors are found and eliminated through a process called debugging.

Accepted Answer

A) True 
 B)False

Question 9

The Sarbanes-Oxley Act:

Accepted Answer

A) requires financial institutions to ensure the security of customer data. 
B) specifies best practices in information systems security and control. 
C) imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D) outlines medical security and privacy rules. 
A) requires financial institutions to ensure the security of customer data. 
B) specifies best practices in information systems security and control. 
C) imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D) outlines medical security and privacy rules.

Question 10

Viruses can be spread through e-mail.

Accepted Answer

A) True 
 B)False

Question 11

Biometric authentication:

Accepted Answer

A) is inexpensive. 
B) is used widely in Europe for security applications. 
C) can use a person's voice as a unique,measurable trait. 
D) only uses physical measurements for identification. 
A) is inexpensive. 
B) is used widely in Europe for security applications. 
C) can use a person's voice as a unique,measurable trait. 
D) only uses physical measurements for identification.

Question 12

Which of the following statements about the Internet security is not true?

Accepted Answer

A) The use of P2P networks can expose a corporate computer to outsiders. 
B) A corporate network without access to the Internet is more secure than one that provides access. 
C) VoIP is more secure than the switched voice network. 
D) Instant messaging can provide hackers access to an otherwise secure network. 
A) The use of P2P networks can expose a corporate computer to outsiders. 
B) A corporate network without access to the Internet is more secure than one that provides access. 
C) VoIP is more secure than the switched voice network. 
D) Instant messaging can provide hackers access to an otherwise secure network.

Question 13

A(n)________ audit examines the firm's overall security environment as well as the controls governing individual information systems.

Accepted Answer

A) security 
B) MIS 
C) network 
D) software 
A) security 
B) MIS 
C) network 
D) software

Question 14

Three major concerns of system builders and users are disaster,security,and human error.Of the three,which do you think is most difficult to deal with? Why?

Accepted Answer

Student answers will vary.Example answer

Question 15

One form of spoofing involves forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender.

Accepted Answer

A) True 
 B)False

Question 16

The HIPAA Act of 1996:

Accepted Answer

A) requires financial institutions to ensure the security of customer data. 
B) specifies best practices in information systems security and control. 
C) imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D) outlines medical security and privacy rules. 
A) requires financial institutions to ensure the security of customer data. 
B) specifies best practices in information systems security and control. 
C) imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D) outlines medical security and privacy rules.

Question 17

An example of phishing is:

Accepted Answer

A) setting up a bogus Wi-Fi hot spot. 
B) setting up a fake medical Web site that asks users for confidential information. 
C) pretending to be a utility company's employee in order to garner information from that company about their security system. 
D) sending bulk e-mail that asks for financial aid under a false pretext. 
A) setting up a bogus Wi-Fi hot spot. 
B) setting up a fake medical Web site that asks users for confidential information. 
C) pretending to be a utility company's employee in order to garner information from that company about their security system. 
D) sending bulk e-mail that asks for financial aid under a false pretext.

Question 18

________ is a crime in which an imposter obtains key pieces of personal information to impersonate someone else.

Accepted Answer

A) Identity theft 
B) Spoofing 
C) Social engineering 
D) Evil twins 
A) Identity theft 
B) Spoofing 
C) Social engineering 
D) Evil twins

Question 19

Electronic evidence on computer storage media that is not visible to the average user is called ________ data.

Accepted Answer

A) defragmented 
B) ambient 
C) forensic 
D) fragmented 
A) defragmented 
B) ambient 
C) forensic 
D) fragmented

Question 20

Malicious software programs referred to as spyware include a variety of threats such as computer viruses,worms,and Trojan horses.

Accepted Answer

A) True 
 B)False

SSL is a protocol used to establish a secure connection between two computers.

You have been hired as a security consultant for a law firm.Which of the following constitutes the greatest source of security threats to the firm?

Evil twins are:

Which of the following is not an example of a computer used as a target of crime?

High-availability computing is also referred to as fault tolerance.

Comprehensive security management products,with tools for firewalls,VPNs,intrusion detection systems,and more,are called ________ systems.

________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access,change,or destruction while they are in use or in storage.

When errors are discovered in software programs,the sources of the errors are found and eliminated through a process called debugging.

The Sarbanes-Oxley Act:

Viruses can be spread through e-mail.

Biometric authentication:

Which of the following statements about the Internet security is not true?

A(n)________ audit examines the firm's overall security environment as well as the controls governing individual information systems.

Three major concerns of system builders and users are disaster,security,and human error.Of the three,which do you think is most difficult to deal with? Why?

One form of spoofing involves forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender.

The HIPAA Act of 1996:

An example of phishing is:

________ is a crime in which an imposter obtains key pieces of personal information to impersonate someone else.

Electronic evidence on computer storage media that is not visible to the average user is called ________ data.

Malicious software programs referred to as spyware include a variety of threats such as computer viruses,worms,and Trojan horses.

Business Information Systems in Your Career

Global E-Business and Collaboration

Achieving Competitive Advantage With Information Systems

IT Infrastructure: Hardware and Software

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets,digital Goods

Improving Decision Making and Managing Knowledge

Building Information Systems and Managing Projects

Ethical and Social Issues in Information Systems

Filters

Exam 7: Securing Information Systems

SSL is a protocol used to establish a secure connection between two computers.

You have been hired as a security consultant for a law firm.Which of the following constitutes the greatest source of security threats to the firm?

Evil twins are:

Which of the following is not an example of a computer used as a target of crime?

High-availability computing is also referred to as fault tolerance.

Comprehensive security management products,with tools for firewalls,VPNs,intrusion detection systems,and more,are called ________ systems.

________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access,change,or destruction while they are in use or in storage.

When errors are discovered in software programs,the sources of the errors are found and eliminated through a process called debugging.

The Sarbanes-Oxley Act:

Viruses can be spread through e-mail.

Biometric authentication:

Which of the following statements about the Internet security is not true?

A(n)________ audit examines the firm's overall security environment as well as the controls governing individual information systems.

Three major concerns of system builders and users are disaster,security,and human error.Of the three,which do you think is most difficult to deal with? Why?

One form of spoofing involves forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender.

The HIPAA Act of 1996:

An example of phishing is:

________ is a crime in which an imposter obtains key pieces of personal information to impersonate someone else.

Electronic evidence on computer storage media that is not visible to the average user is called ________ data.

Malicious software programs referred to as spyware include a variety of threats such as computer viruses,worms,and Trojan horses.

Business Information Systems in Your Career

Global E-Business and Collaboration

Achieving Competitive Advantage With Information Systems

IT Infrastructure: Hardware and Software

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets,digital Goods

Improving Decision Making and Managing Knowledge

Building Information Systems and Managing Projects

Ethical and Social Issues in Information Systems

Filters