Question 1

When it comes to fraud committed by an organization's employees,the single most effective fraud prevention technique is _______.

Accepted Answer

A) Holding managers responsible for the actions of their employees 
B) Peer monitoring (employees monitor each other) 
C) Creating the perception that fraud will be detected and punished 
D) A clearly written employee policy manual that explains unacceptable behaviors 
A) Holding managers responsible for the actions of their employees 
B) Peer monitoring (employees monitor each other) 
C) Creating the perception that fraud will be detected and punished 
D) A clearly written employee policy manual that explains unacceptable behaviors

Question 2

Crime can be divided into two categories depending on the tactics used to carry out the crime: ________.

Accepted Answer

A) Fraud and felonies 
B) Occupational and opportunistic 
C) Lethal and misdemeanors 
D) violent and nonviolent 
A) Fraud and felonies 
B) Occupational and opportunistic 
C) Lethal and misdemeanors 
D) violent and nonviolent

Question 3

A(n)________ attack bombards a network or website with traffic to crash it and leave it vulnerable to other threats.

Accepted Answer

A) advanced persistent threat 
B) distributed denial-of-service 
C) malware 
D) phishing 
A) advanced persistent threat 
B) distributed denial-of-service 
C) malware 
D) phishing

Question 4

The consequences of lax cybersecurity include damaged reputations,financial penalties,government fines,lost market share,falling share prices,and consumer backlash.

Accepted Answer

A) True 
 B)False

Question 5

An audit is an important part of any control system.Which of the following is not a question that would typically be asked as part of an information systems audit?

Accepted Answer

A) Are there sufficient controls in the system? Which areas are not covered by controls? 
B) Are the controls effective and implemented properly? 
C) What is the ROI associated with system controls? 
D) Are there procedures to ensure reporting and corrective actions in case of violations of controls? 
A) Are there sufficient controls in the system? Which areas are not covered by controls? 
B) Are the controls effective and implemented properly? 
C) What is the ROI associated with system controls? 
D) Are there procedures to ensure reporting and corrective actions in case of violations of controls?

Question 6

In Cybersecurity terminology,a(n)__________is defined as something or someone that may result in harm to an asset.

Accepted Answer

The answer of In Cybersecurity terminology,a(n)__________is defined as something or...

Question 7

Business operations are controlled by apps,systems,and networks that are so interconnected that anyone's ________ is an entry point for attacks.

Accepted Answer

A) mobile device 
B) botnet 
C) BYOD 
D) firewall 
A) mobile device 
B) botnet 
C) BYOD 
D) firewall

Question 8

SOX and the SEC regulators are making it clear that if controls can be ignored,there is no control.Therefore,fraud prevention and detection require an effective monitoring system.

Accepted Answer

A) True 
 B)False

Question 9

Detecting internal fraud has become sophisticated.Audit trails from key systems and personnel records are stored in data warehouses and subjected to __________ where things like excessive hours worked,unusual transactions,copying of huge amounts of data and other unusual patterns of behavior are identified.

Accepted Answer

A) Security audits 
B) Pattern analysis 
C) Behavior recognition scans 
D) Anomaly detection analysis 
A) Security audits 
B) Pattern analysis 
C) Behavior recognition scans 
D) Anomaly detection analysis

Question 10

Discuss how social networks and cloud computing increase IT security risks.How do you recommend that the risks be reduced?

Accepted Answer

Answers will vary.
Social networks and c

Question 11

A stealth network attack in which an unauthorized person gains access to a network and remains undetected for a long time is referred to as a(n)__________ attack.

Accepted Answer

A) registry denial 
B) advanced persistent threat 
C) DDOS 
D) hacktivist 
A) registry denial 
B) advanced persistent threat 
C) DDOS 
D) hacktivist

Question 12

John received a strange message on his computer that asked him to send a hundred dollars in Bitcoin to a link or else he would lose all the data on his computer.John is a victim of:

Accepted Answer

A) Spyware 
B) Ransomware 
C) Spear phishing 
D) Denial-of-service 
A) Spyware 
B) Ransomware 
C) Spear phishing 
D) Denial-of-service

Question 13

It is often easy to get users to infect their corporate network or mobiles by tricking them into downloading and installing malicious apps or backdoors.

Accepted Answer

A) True 
 B)False

Question 14

Which of the following represents a cybersecurity concern about employees using their own smartphones for work purposes?

Accepted Answer

A) Employees will spend too much time playing games or using entertainment and recreation apps,thus reducing productivity. 
B) Managers will be unable to monitor the time spent on personal calls made during work hours. 
C) Many personal smartphones do not have anti-malware or data encryption apps,creating a security problem with respect to any confidential business data stored on the device. 
D) Consumer-quality equipment are more likely to break or malfunction than enterprise quality devices. 
A) Employees will spend too much time playing games or using entertainment and recreation apps,thus reducing productivity. 
B) Managers will be unable to monitor the time spent on personal calls made during work hours. 
C) Many personal smartphones do not have anti-malware or data encryption apps,creating a security problem with respect to any confidential business data stored on the device. 
D) Consumer-quality equipment are more likely to break or malfunction than enterprise quality devices.

Question 15

The _________ is an exercise that determines the impact of losing the support or availability of a resource.

Accepted Answer

A) Business impact analysis (BI
A)  
B) Vulnerability audit 
C) Asset valuation audit 
D) Computing Cost/Benefit (CC
B) audit 
A) Business impact analysis (BI
A)  
B) Vulnerability audit 
C) Asset valuation audit 
D) Computing Cost/Benefit (CC
B) audit

Question 16

Online gambling offers easy fronts for international money-laundering operations.

Accepted Answer

A) True 
 B)False

Question 17

When an employee's device is lost,the company can suffer a data breach if the device is not encrypted.

Accepted Answer

A) True 
 B)False

Question 18

The three key cybersecurity principles are:

Accepted Answer

A) Data protection,equipment protection,reputation protection 
B) Confidentiality,integrity,availability 
C) Anticipate,defend,counter-attack 
D) Identify,assess risk,take action 
A) Data protection,equipment protection,reputation protection 
B) Confidentiality,integrity,availability 
C) Anticipate,defend,counter-attack 
D) Identify,assess risk,take action

Question 19

One of the biggest mistakes managers make is underestimating IT vulnerabilities and threats.

Accepted Answer

A) True 
 B)False

Question 20

Exploits are gaps,holes,weaknesses,or flaws in corporate networks,IT security defenses,user training,policy enforcement,data storage,software,operating systems,apps,or mobile devices that expose an organization to intrusions or other attacks.

Accepted Answer

A) True 
 B)False

When it comes to fraud committed by an organization's employees,the single most effective fraud prevention technique is _______.

Crime can be divided into two categories depending on the tactics used to carry out the crime: ________.

A(n)________ attack bombards a network or website with traffic to crash it and leave it vulnerable to other threats.

The consequences of lax cybersecurity include damaged reputations,financial penalties,government fines,lost market share,falling share prices,and consumer backlash.

An audit is an important part of any control system.Which of the following is not a question that would typically be asked as part of an information systems audit?

In Cybersecurity terminology,a(n)__________is defined as something or someone that may result in harm to an asset.

Business operations are controlled by apps,systems,and networks that are so interconnected that anyone's ________ is an entry point for attacks.

SOX and the SEC regulators are making it clear that if controls can be ignored,there is no control.Therefore,fraud prevention and detection require an effective monitoring system.

Discuss how social networks and cloud computing increase IT security risks.How do you recommend that the risks be reduced?

A stealth network attack in which an unauthorized person gains access to a network and remains undetected for a long time is referred to as a(n)__________ attack.

John received a strange message on his computer that asked him to send a hundred dollars in Bitcoin to a link or else he would lose all the data on his computer.John is a victim of:

It is often easy to get users to infect their corporate network or mobiles by tricking them into downloading and installing malicious apps or backdoors.

Which of the following represents a cybersecurity concern about employees using their own smartphones for work purposes?

The _________ is an exercise that determines the impact of losing the support or availability of a resource.

Online gambling offers easy fronts for international money-laundering operations.

When an employee's device is lost,the company can suffer a data breach if the device is not encrypted.

The three key cybersecurity principles are:

One of the biggest mistakes managers make is underestimating IT vulnerabilities and threats.

Exploits are gaps,holes,weaknesses,or flaws in corporate networks,IT security defenses,user training,policy enforcement,data storage,software,operating systems,apps,or mobile devices that expose an organization to intrusions or other attacks.

Disruptive IT Impacts Companies, competition, and Careers

Information Systems, IT Architecture, Data Governance, and Cloud Computing

Data Management, Business Intelligence, and Data Analytics

Networks, Collaborative Technology, and the Internet of Things

Search, Semantic, and Recommendation Technology

Web 2.0 and Social Technology

Retail, e-Commerce, and Mobile Commerce Technology

Functional Business Systems

Enterprise Systems

Data Visualization and Geographic Information Systems

IT Strategy, Sourcing, and Strategic Technology Trends

Systems Development and Project Management

IT Ethics, Privacy and Sustainability

Filters

Exam 5: Cybersecurity and Risk Management Technology

When it comes to fraud committed by an organization's employees,the single most effective fraud prevention technique is _______.

Crime can be divided into two categories depending on the tactics used to carry out the crime: ________.

A(n)________ attack bombards a network or website with traffic to crash it and leave it vulnerable to other threats.

The consequences of lax cybersecurity include damaged reputations,financial penalties,government fines,lost market share,falling share prices,and consumer backlash.

An audit is an important part of any control system.Which of the following is not a question that would typically be asked as part of an information systems audit?

In Cybersecurity terminology,a(n)__________is defined as something or someone that may result in harm to an asset.

Business operations are controlled by apps,systems,and networks that are so interconnected that anyone's ________ is an entry point for attacks.

SOX and the SEC regulators are making it clear that if controls can be ignored,there is no control.Therefore,fraud prevention and detection require an effective monitoring system.

Discuss how social networks and cloud computing increase IT security risks.How do you recommend that the risks be reduced?

A stealth network attack in which an unauthorized person gains access to a network and remains undetected for a long time is referred to as a(n)__________ attack.

John received a strange message on his computer that asked him to send a hundred dollars in Bitcoin to a link or else he would lose all the data on his computer.John is a victim of:

It is often easy to get users to infect their corporate network or mobiles by tricking them into downloading and installing malicious apps or backdoors.

Which of the following represents a cybersecurity concern about employees using their own smartphones for work purposes?

The _________ is an exercise that determines the impact of losing the support or availability of a resource.

Online gambling offers easy fronts for international money-laundering operations.

When an employee's device is lost,the company can suffer a data breach if the device is not encrypted.

The three key cybersecurity principles are:

One of the biggest mistakes managers make is underestimating IT vulnerabilities and threats.

Exploits are gaps,holes,weaknesses,or flaws in corporate networks,IT security defenses,user training,policy enforcement,data storage,software,operating systems,apps,or mobile devices that expose an organization to intrusions or other attacks.

Disruptive IT Impacts Companies, competition, and Careers

Information Systems, IT Architecture, Data Governance, and Cloud Computing

Data Management, Business Intelligence, and Data Analytics

Networks, Collaborative Technology, and the Internet of Things

Search, Semantic, and Recommendation Technology

Web 2.0 and Social Technology

Retail, e-Commerce, and Mobile Commerce Technology

Functional Business Systems

Enterprise Systems

Data Visualization and Geographic Information Systems

IT Strategy, Sourcing, and Strategic Technology Trends

Systems Development and Project Management

IT Ethics, Privacy and Sustainability

Filters