Question 1

Trojan horses are software programs that hide in other computer programs and reveal their designed behaviour only when they are activated.

Accepted Answer

A) True 
 B)False

Question 2

A(n)______________ is any danger to which a system may be exposed.

Accepted Answer

A) attack 
B) security failure 
C) threat 
D) vulnerability 
A) attack 
B) security failure 
C) threat 
D) vulnerability

Question 3

______________ is a private network that uses a public network to connect users securely to the organization's internal systems.

Accepted Answer

A) SSL 
B) VPN 
C) URL 
D) A firewall 
A) SSL 
B) VPN 
C) URL 
D) A firewall

Question 4

Risk _________ involves minimizing the impact of a threat.

Accepted Answer

A) acceptance 
B) diversion 
C) limitation 
D) transference 
A) acceptance 
B) diversion 
C) limitation 
D) transference

Question 5

An information system's _______ is the possibility that the system will be harmed by a threat.

Accepted Answer

A) vulnerability 
B) risk 
C) control 
D) danger 
E) compromise 
A) vulnerability 
B) risk 
C) control 
D) danger 
E) compromise

Question 6

The term _____ refers to clandestine software that is installed on your PC through duplicitous channels but is not particularly malicious.

Accepted Answer

A) alien software 
B) virus 
C) worm 
D) back door 
E) logic bomb 
A) alien software 
B) virus 
C) worm 
D) back door 
E) logic bomb

Question 7

______________ is a process in which a company allows all software to run unless it is on the list.

Accepted Answer

A) Blacklisting 
B) Graylisting 
C) Hitlisting 
D) Whitelisting 
A) Blacklisting 
B) Graylisting 
C) Hitlisting 
D) Whitelisting

Question 8

Passwords and passphrases are examples of:

Accepted Answer

A) something the user is. 
B) something the user wants. 
C) something the user has. 
D) something the user knows. 
E) something the user does. 
A) something the user is. 
B) something the user wants. 
C) something the user has. 
D) something the user knows. 
E) something the user does.

Question 9

Organizations use authentication to establish privileges to systems operations.

Accepted Answer

A) True 
 B)False

Question 10

Contrast risk acceptance, risk limitation, and risk transference.

Accepted Answer

The answer of Contrast risk acceptance, risk limitation, and risk...

Question 11

Cookies in your web browser are not tracked by businesses.

Accepted Answer

A) True 
 B)False

Question 12

Rank the following in terms of dollar value of the crime, from highest to lowest.

Accepted Answer

A) Robbery - white-collar crime - cybercrime 
B) White-collar crime - extortion - robbery 
C) Cybercrime - white-collar crime - robbery 
D) Cybercrime - robbery - white-collar crime 
E) White-collar crime - burglary - robbery 
A) Robbery - white-collar crime - cybercrime 
B) White-collar crime - extortion - robbery 
C) Cybercrime - white-collar crime - robbery 
D) Cybercrime - robbery - white-collar crime 
E) White-collar crime - burglary - robbery

Question 13

You start a new job, and Human Resources gives you a 10-page document that outlines the employee responsibilities for information security. Which of the following statements is most likely to be true?

Accepted Answer

A) The document recommends that login passwords be left on a piece of paper in the centre desk drawer so that others can use the laptop if necessary. 
B) You are expected to read the document, and you could be reprimanded if you don't follow its guidelines. 
C) You can back up sensitive data to a thumb drive so you can take them home to work with. 
D) The document indicates that you can leave your laptop unlocked if you leave your desk for less than an hour. 
E) The document permits you to lend your laptop to your brother for the weekend. 
A) The document recommends that login passwords be left on a piece of paper in the centre desk drawer so that others can use the laptop if necessary. 
B) You are expected to read the document, and you could be reprimanded if you don't follow its guidelines. 
C) You can back up sensitive data to a thumb drive so you can take them home to work with. 
D) The document indicates that you can leave your laptop unlocked if you leave your desk for less than an hour. 
E) The document permits you to lend your laptop to your brother for the weekend.

Question 14

The Internet is a(n)___________ network.

Accepted Answer

A) trusted 
B) untrusted 
C) neutral 
D) unbiased 
A) trusted 
B) untrusted 
C) neutral 
D) unbiased

Question 15

The most overlooked people in information security are:

Accepted Answer

A) consultants and temporary hires. 
B) secretaries and consultants. 
C) contract labourers and executive assistants. 
D) janitors and guards. 
E) executives and executive secretaries. 
A) consultants and temporary hires. 
B) secretaries and consultants. 
C) contract labourers and executive assistants. 
D) janitors and guards. 
E) executives and executive secretaries.

Question 16

Shodan's primary purpose is ___________.

Accepted Answer

A) to be a hacker website 
B) to be a service that searches the Internet for devices connected to the Internet 
C) to be a website that shows which devices are vulnerable to hackers 
D) to help users search for other people who use similar devices 
A) to be a hacker website 
B) to be a service that searches the Internet for devices connected to the Internet 
C) to be a website that shows which devices are vulnerable to hackers 
D) to help users search for other people who use similar devices

Question 17

A DMZ is located ______________.

Accepted Answer

A) inside the company's firewalls 
B) outside the company's firewalls 
C) between two firewalls 
D) on the Internet 
A) inside the company's firewalls 
B) outside the company's firewalls 
C) between two firewalls 
D) on the Internet

Question 18

In a process called _____, a company allows nothing to run unless it is approved, whereas in a process called _____, the company allows everything to run unless it is not approved.

Accepted Answer

A) whitelisting, blacklisting 
B) whitelisting, encryption 
C) encryption, whitelisting 
D) encryption, blacklisting 
E) blacklisting, whitelisting 
A) whitelisting, blacklisting 
B) whitelisting, encryption 
C) encryption, whitelisting 
D) encryption, blacklisting 
E) blacklisting, whitelisting

Question 19

Which of the following is not a factor increasing the vulnerability of information resources?

Accepted Answer

A) Business environments are more connected than ever. 
B) Our small, portable devices are much easier to steal or lose. 
C) Hacking is more difficult, but hackers are more skilled. 
D) Management support is lacking. 
A) Business environments are more connected than ever. 
B) Our small, portable devices are much easier to steal or lose. 
C) Hacking is more difficult, but hackers are more skilled. 
D) Management support is lacking.

Question 20

Access controls involve _______ before _______.

Accepted Answer

A) biometrics, signature recognition 
B) authentication, authorization 
C) iris scanning, voice recognition 
D) strong passwords, biometrics 
E) authorization, authentication 
A) biometrics, signature recognition 
B) authentication, authorization 
C) iris scanning, voice recognition 
D) strong passwords, biometrics 
E) authorization, authentication

Trojan horses are software programs that hide in other computer programs and reveal their designed behaviour only when they are activated.

A(n)______________ is any danger to which a system may be exposed.

______________ is a private network that uses a public network to connect users securely to the organization's internal systems.

Risk _________ involves minimizing the impact of a threat.

An information system's _______ is the possibility that the system will be harmed by a threat.

The term _____ refers to clandestine software that is installed on your PC through duplicitous channels but is not particularly malicious.

______________ is a process in which a company allows all software to run unless it is on the list.

Passwords and passphrases are examples of:

Organizations use authentication to establish privileges to systems operations.

Contrast risk acceptance, risk limitation, and risk transference.

Cookies in your web browser are not tracked by businesses.

Rank the following in terms of dollar value of the crime, from highest to lowest.

You start a new job, and Human Resources gives you a 10-page document that outlines the employee responsibilities for information security. Which of the following statements is most likely to be true?

The Internet is a(n)___________ network.

The most overlooked people in information security are:

Shodan's primary purpose is ___________.

A DMZ is located ______________.

In a process called _, a company allows nothing to run unless it is approved, whereas in a process called _, the company allows everything to run unless it is not approved.

Which of the following is not a factor increasing the vulnerability of information resources?

Access controls involve _ before _.

Introduction to Information Systems

Organizational Strategy, Competitive Advantage, and Information Systems

Ethics and Privacy

Data and Knowledge Management

Telecommunications and Networking

E-Business and E-Commerce

Wireless, Mobile Computing, and Mobile Commerce

Social Computing

Information Systems Within the Organization

Customer Relationship Management and Supply Chain Management

Business Intelligence

Acquiring Information Systems and Applications

Technology Guide 1 : Hardware

Technology Guide 2 : Software

Technology Guide 3 : Cloud Computing

Technology Guide 4 : Intelligent Systems

Technology Guide 5 Protecting Your Information Assets

Filters

Exam 4: Information Security and Controls

Trojan horses are software programs that hide in other computer programs and reveal their designed behaviour only when they are activated.

A(n)______________ is any danger to which a system may be exposed.

______________ is a private network that uses a public network to connect users securely to the organization's internal systems.

Risk _________ involves minimizing the impact of a threat.

An information system's _______ is the possibility that the system will be harmed by a threat.

The term _____ refers to clandestine software that is installed on your PC through duplicitous channels but is not particularly malicious.

______________ is a process in which a company allows all software to run unless it is on the list.

Passwords and passphrases are examples of:

Organizations use authentication to establish privileges to systems operations.

Contrast risk acceptance, risk limitation, and risk transference.

Cookies in your web browser are not tracked by businesses.

Rank the following in terms of dollar value of the crime, from highest to lowest.

You start a new job, and Human Resources gives you a 10-page document that outlines the employee responsibilities for information security. Which of the following statements is most likely to be true?

The Internet is a(n)___________ network.

The most overlooked people in information security are:

Shodan's primary purpose is ___________.

A DMZ is located ______________.

In a process called _____, a company allows nothing to run unless it is approved, whereas in a process called _____, the company allows everything to run unless it is not approved.

Which of the following is not a factor increasing the vulnerability of information resources?

Access controls involve _______ before _______.

Introduction to Information Systems

Organizational Strategy, Competitive Advantage, and Information Systems

Ethics and Privacy

Data and Knowledge Management

Telecommunications and Networking

E-Business and E-Commerce

Wireless, Mobile Computing, and Mobile Commerce

Social Computing

Information Systems Within the Organization

Customer Relationship Management and Supply Chain Management

Business Intelligence

Acquiring Information Systems and Applications

Technology Guide 1 : Hardware

Technology Guide 2 : Software

Technology Guide 3 : Cloud Computing

Technology Guide 4 : Intelligent Systems

Technology Guide 5 Protecting Your Information Assets

Filters

In a process called _, a company allows nothing to run unless it is approved, whereas in a process called _, the company allows everything to run unless it is not approved.

Access controls involve _ before _.