Question 1

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n)________ attack.

Accepted Answer

A) DDoS 
B) DoS 
C) SQL injection 
D) phishing 
A) DDoS 
B) DoS 
C) SQL injection 
D) phishing

Question 2

You have just been hired as a security consultant by MegaMalls Inc.,a national chain of retail malls,to make sure that the security of their information systems is up to par.Outline the steps you will take to achieve this.

Accepted Answer

(1)Establish what data and processes are

Question 3

Which of the following is not an example of a computer used as an instrument of crime?

Accepted Answer

A) Theft of trade secrets 
B) Intentionally attempting to intercept electronic communication 
C) Unauthorized copying of software 
D) Breaching the confidentiality of protected computerized data 
A) Theft of trade secrets 
B) Intentionally attempting to intercept electronic communication 
C) Unauthorized copying of software 
D) Breaching the confidentiality of protected computerized data

Question 4

The development and use of methods to make computer systems resume their activities more quickly after mishaps is called:

Accepted Answer

A) high-availability computing. 
B) recovery-oriented computing. 
C) fault-tolerant computing. 
D) disaster-recovery planning. 
A) high-availability computing. 
B) recovery-oriented computing. 
C) fault-tolerant computing. 
D) disaster-recovery planning.

Question 5

Pharming involves:

Accepted Answer

A) redirecting users to a fraudulent Web site even when the user has typed in the correct address in the Web browser. 
B) pretending to be a legitimate business's representative in order to garner information about a security system. 
C) setting up fake Web sites to ask users for confidential information. 
D) using e-mails for threats or harassment. 
A) redirecting users to a fraudulent Web site even when the user has typed in the correct address in the Web browser. 
B) pretending to be a legitimate business's representative in order to garner information about a security system. 
C) setting up fake Web sites to ask users for confidential information. 
D) using e-mails for threats or harassment.

Question 6

The Gramm-Leach-Bliley Act:

Accepted Answer

A) requires financial institutions to ensure the security of customer data. 
B) specifies best practices in information systems security and control. 
C) imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D) outlines medical security and privacy rules. 
A) requires financial institutions to ensure the security of customer data. 
B) specifies best practices in information systems security and control. 
C) imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D) outlines medical security and privacy rules.

Question 7

Rigorous password systems:

Accepted Answer

A) are one of the most effective security tools. 
B) may hinder employee productivity. 
C) are costly to implement. 
D) are often disregarded by employees. 
A) are one of the most effective security tools. 
B) may hinder employee productivity. 
C) are costly to implement. 
D) are often disregarded by employees.

Question 8

Public key encryption uses two keys.

Accepted Answer

A) True 
 B)False

Question 9

DoS attacks are used to destroy information and access restricted areas of a company's information system.

Accepted Answer

A) True 
 B)False

Question 10

Sniffers enable hackers to steal proprietary information from anywhere on a network,including e-mail messages,company files,and confidential reports.

Accepted Answer

A) True 
 B)False

Question 11

How do software vendors correct flaws in their software after it has been distributed?

Accepted Answer

A) They issue bug fixes. 
B) They issue patches. 
C) They re-release the software. 
D) They release updated versions of the software. 
A) They issue bug fixes. 
B) They issue patches. 
C) They re-release the software. 
D) They release updated versions of the software.

Question 12

An independent computer program that copies itself from one computer to another over a network is called a:

Accepted Answer

A) worm. 
B) Trojan horse. 
C) bug. 
D) pest. 
A) worm. 
B) Trojan horse. 
C) bug. 
D) pest.

Question 13

Define a fault-tolerant computer system and a high-availability computer system.How do they differ? When would each be used?

Accepted Answer

Both systems use backup hardware resourc

Question 14

Downtime refers to periods of time in which a:

Accepted Answer

A) computer system is malfunctioning. 
B) computer system is not operational. 
C) company or organization is not operational. 
D) computer is not online. 
A) computer system is malfunctioning. 
B) computer system is not operational. 
C) company or organization is not operational. 
D) computer is not online.

Question 15

Biometric authentication is the use of physical characteristics such as retinal images to provide identification.

Accepted Answer

A) True 
 B)False

Question 16

Tricking employees to reveal their passwords by pretending to be a legitimate member of a company is called:

Accepted Answer

A) sniffing. 
B) social engineering. 
C) phishing. 
D) pharming. 
A) sniffing. 
B) social engineering. 
C) phishing. 
D) pharming.

Question 17

A keylogger is a type of:

Accepted Answer

A) worm. 
B) Trojan horse. 
C) virus. 
D) spyware. 
A) worm. 
B) Trojan horse. 
C) virus. 
D) spyware.

Question 18

An acceptable use policy defines the acceptable level of access to information assets for different users.

Accepted Answer

A) True 
 B)False

Question 19

In controlling network traffic to minimize slow-downs,a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

Accepted Answer

A) high availability computing 
B) deep-packet inspection 
C) application proxy filtering 
D) stateful inspection 
A) high availability computing 
B) deep-packet inspection 
C) application proxy filtering 
D) stateful inspection

Question 20

Hackers and their companion viruses are an increasing problem,especially on the Internet.What are the most important measurers for a firm to take to protect itself from this? Is full protection feasible? Why or why not?

Accepted Answer

For protection,a company must institute

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n)________ attack.

You have just been hired as a security consultant by MegaMalls Inc.,a national chain of retail malls,to make sure that the security of their information systems is up to par.Outline the steps you will take to achieve this.

Which of the following is not an example of a computer used as an instrument of crime?

The development and use of methods to make computer systems resume their activities more quickly after mishaps is called:

Pharming involves:

The Gramm-Leach-Bliley Act:

Rigorous password systems:

Public key encryption uses two keys.

DoS attacks are used to destroy information and access restricted areas of a company's information system.

Sniffers enable hackers to steal proprietary information from anywhere on a network,including e-mail messages,company files,and confidential reports.

How do software vendors correct flaws in their software after it has been distributed?

An independent computer program that copies itself from one computer to another over a network is called a:

Define a fault-tolerant computer system and a high-availability computer system.How do they differ? When would each be used?

Downtime refers to periods of time in which a:

Biometric authentication is the use of physical characteristics such as retinal images to provide identification.

Tricking employees to reveal their passwords by pretending to be a legitimate member of a company is called:

A keylogger is a type of:

An acceptable use policy defines the acceptable level of access to information assets for different users.

In controlling network traffic to minimize slow-downs,a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

Hackers and their companion viruses are an increasing problem,especially on the Internet.What are the most important measurers for a firm to take to protect itself from this? Is full protection feasible? Why or why not?

Business Information Systems in Your Career

Global E-Business and Collaboration

Achieving Competitive Advantage With Information Systems

IT Infrastructure: Hardware and Software

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets,digital Goods

Improving Decision Making and Managing Knowledge

Building Information Systems and Managing Projects

Ethical and Social Issues in Information Systems

Filters

Exam 7: Securing Information Systems

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n)________ attack.

You have just been hired as a security consultant by MegaMalls Inc.,a national chain of retail malls,to make sure that the security of their information systems is up to par.Outline the steps you will take to achieve this.

Which of the following is not an example of a computer used as an instrument of crime?

The development and use of methods to make computer systems resume their activities more quickly after mishaps is called:

Pharming involves:

The Gramm-Leach-Bliley Act:

Rigorous password systems:

Public key encryption uses two keys.

DoS attacks are used to destroy information and access restricted areas of a company's information system.

Sniffers enable hackers to steal proprietary information from anywhere on a network,including e-mail messages,company files,and confidential reports.

How do software vendors correct flaws in their software after it has been distributed?

An independent computer program that copies itself from one computer to another over a network is called a:

Define a fault-tolerant computer system and a high-availability computer system.How do they differ? When would each be used?

Downtime refers to periods of time in which a:

Biometric authentication is the use of physical characteristics such as retinal images to provide identification.

Tricking employees to reveal their passwords by pretending to be a legitimate member of a company is called:

A keylogger is a type of:

An acceptable use policy defines the acceptable level of access to information assets for different users.

In controlling network traffic to minimize slow-downs,a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

Hackers and their companion viruses are an increasing problem,especially on the Internet.What are the most important measurers for a firm to take to protect itself from this? Is full protection feasible? Why or why not?

Business Information Systems in Your Career

Global E-Business and Collaboration

Achieving Competitive Advantage With Information Systems

IT Infrastructure: Hardware and Software

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets,digital Goods

Improving Decision Making and Managing Knowledge

Building Information Systems and Managing Projects

Ethical and Social Issues in Information Systems

Filters