Question 1

Robust data security is the responsibility of IT and data managers.

Accepted Answer

A) True 
 B)False

Question 2

LulzSec is a hacker group and spin-off of the loosely organized hacking group called Anonymous.

Accepted Answer

A) True 
 B)False

Question 3

Business operations are controlled by apps,systems,and networks that are so interconnected that anyone's ________ is an entry point for attacks.

Accepted Answer

A) mobile device 
B) botnet 
C) BYOD 
D) firewall 
A) mobile device 
B) botnet 
C) BYOD 
D) firewall

Question 4

One of ________ specialties is finding websites with poor security,and then stealing and posting information from them online.

Accepted Answer

A) LulzSec's. 
B) .RSA's 
C) Fraudsters' 
D) Botmasters' 
A) LulzSec's. 
B) .RSA's 
C) Fraudsters' 
D) Botmasters'

Question 5

Cyber-security experts warn that battling distributed denial-of-service and malware attacks has become part of everyday business for all organizations.

Accepted Answer

A) True 
 B)False

Question 6

Detection and damage containment are the most desirable fraud controls.

Accepted Answer

A) True 
 B)False

Question 7

A business impact analysis estimates the consequences of disruption of a business function and collects data to develop recovery strategies.

Accepted Answer

A) True 
 B)False

Question 8

People who have their social security or credit card numbers stolen and used by thieves are frequently victims of ___________________.

Accepted Answer

A) Insider fraud 
B) Identity theft 
C) Occupational corruption 
D) Document sabotage 
A) Insider fraud 
B) Identity theft 
C) Occupational corruption 
D) Document sabotage

Question 9

In the United States,the Sarbanes-Oxley Act (SOX),Gramm-Leach-Bliley Act (GLB),Federal Information Security Management Act (FISMA),and USA Patriot Act all require businesses to __________________________.

Accepted Answer

A) Report security breaches via media sources to inform the public 
B) Backup sensitive data to offsite locations 
C) Protect personally identifiable information 
D) Inform the public about network failures in a timely manner 
A) Report security breaches via media sources to inform the public 
B) Backup sensitive data to offsite locations 
C) Protect personally identifiable information 
D) Inform the public about network failures in a timely manner

Question 10

A biometric control is an automated method of verifying the identity of a person,based on physical or behavioral characteristics.

Accepted Answer

A) True 
 B)False

Question 11

The Payment Card Industry Data Security Standard (PCI DSS)created by Visa,MasterCard,American Express,and Discover is a __________.

Accepted Answer

A) Set of standards required by U.S.and international law for protecting credit card transaction data. 
B) Set of industry standards required for all online merchants that store,process,or transmit cardholder data. 
C) Set of voluntary security guidelines for retailers who accept Visa,MasterCard,American Express,and Discover credit cards. 
D) Set of regulations (that vary from state to state,and country to country)that apply to credit card companies. 
A) Set of standards required by U.S.and international law for protecting credit card transaction data. 
B) Set of industry standards required for all online merchants that store,process,or transmit cardholder data. 
C) Set of voluntary security guidelines for retailers who accept Visa,MasterCard,American Express,and Discover credit cards. 
D) Set of regulations (that vary from state to state,and country to country)that apply to credit card companies.

Question 12

.The IT security defense-in-depth model ends with ________.

Accepted Answer

A) Senior management commitment and support 
B) IT security procedures and enforcement 
C) Hardware and software selection 
D) Acceptable use policies and IT security training 
A) Senior management commitment and support 
B) IT security procedures and enforcement 
C) Hardware and software selection 
D) Acceptable use policies and IT security training

Question 13

Samuel received an email that looked like it came from his bank.The email told him to click a link that opened an official looking Webpage where he was asked to enter his account information.But when Samuel examined the URL,he noticed it was a strange address he did not recognize.Most likely,someone was attempting to steal Samuel's confidential information using a technique called __________.

Accepted Answer

A) Botnets 
B) Phishing 
C) Spoofing 
D) Click hijacking 
A) Botnets 
B) Phishing 
C) Spoofing 
D) Click hijacking

Question 14

The main cause of a data breach is malware,but the reason hacking is so successful is negligence-management not doing enough to defend against cyberthreats.

Accepted Answer

A) True 
 B)False

Question 15

The preferred method of hackers who want to steal trade secrets and other confidential information from business organizations is ___________.

Accepted Answer

A) To bribe employees to get access codes and passwords. 
B) To bombard websites or networks with so much traffic that they "crash",exposing sensitive data. 
C) To break into employees' mobile devices and leapfrog into employers' networks-stealing secrets without a trace. 
D) Use a combination of sophisticated hardware tools designed to defeat IT security defenses. 
A) To bribe employees to get access codes and passwords. 
B) To bombard websites or networks with so much traffic that they "crash",exposing sensitive data. 
C) To break into employees' mobile devices and leapfrog into employers' networks-stealing secrets without a trace. 
D) Use a combination of sophisticated hardware tools designed to defeat IT security defenses.

Question 16

Internal fraud prevention measures are based on the same controls used to prevent external intrusions-perimeter defense technologies,such as firewalls,e-mail scanners,and biometric access.

Accepted Answer

A) True 
 B)False

Question 17

In cybersecurity terms,the function of a password together with a username is to __________ a user's identity to verify that the person has the right to access a computer or network.

Accepted Answer

A) Record 
B) Authenticate 
C) Substantiate 
D) Validate 
A) Record 
B) Authenticate 
C) Substantiate 
D) Validate

Question 18

Access to top secret or highly secure networks associated with Homeland Security or national defense use authentication methods based on a biological feature,such as a fingerprint or retinal scan to identify a person.These methods are called _____________.

Accepted Answer

A) Bio-Engineering 
B) Physical security 
C) Biometrics 
D) Human factors 
A) Bio-Engineering 
B) Physical security 
C) Biometrics 
D) Human factors

Question 19

The cybersecurity defense strategy and controls that should be used depend on __________.

Accepted Answer

A) The source of the threat 
B) Industry regulations regarding protection of sensitive data 
C) What needs to be protected and the cost-benefit analysis 
D) The available IT budget 
A) The source of the threat 
B) Industry regulations regarding protection of sensitive data 
C) What needs to be protected and the cost-benefit analysis 
D) The available IT budget

Question 20

Internal fraud prevention and detection measures are based on __________ and __________.

Accepted Answer

A) A detailed recovery plan;containment,including a fault-tolerant system 
B) Perimeter defense technologies,such as e-mail scanners;human resource procedures,such as recruitment screening 
C) General controls;application controls 
D) Physical controls,including authorization;authentication systems 
A) A detailed recovery plan;containment,including a fault-tolerant system 
B) Perimeter defense technologies,such as e-mail scanners;human resource procedures,such as recruitment screening 
C) General controls;application controls 
D) Physical controls,including authorization;authentication systems

Robust data security is the responsibility of IT and data managers.

LulzSec is a hacker group and spin-off of the loosely organized hacking group called Anonymous.

Business operations are controlled by apps,systems,and networks that are so interconnected that anyone's ________ is an entry point for attacks.

One of ________ specialties is finding websites with poor security,and then stealing and posting information from them online.

Cyber-security experts warn that battling distributed denial-of-service and malware attacks has become part of everyday business for all organizations.

Detection and damage containment are the most desirable fraud controls.

A business impact analysis estimates the consequences of disruption of a business function and collects data to develop recovery strategies.

People who have their social security or credit card numbers stolen and used by thieves are frequently victims of ___________________.

In the United States,the Sarbanes-Oxley Act (SOX),Gramm-Leach-Bliley Act (GLB),Federal Information Security Management Act (FISMA),and USA Patriot Act all require businesses to __________________________.

A biometric control is an automated method of verifying the identity of a person,based on physical or behavioral characteristics.

The Payment Card Industry Data Security Standard (PCI DSS)created by Visa,MasterCard,American Express,and Discover is a __________.

.The IT security defense-in-depth model ends with ________.

The main cause of a data breach is malware,but the reason hacking is so successful is negligence-management not doing enough to defend against cyberthreats.

The preferred method of hackers who want to steal trade secrets and other confidential information from business organizations is ___________.

Internal fraud prevention measures are based on the same controls used to prevent external intrusions-perimeter defense technologies,such as firewalls,e-mail scanners,and biometric access.

In cybersecurity terms,the function of a password together with a username is to __________ a user's identity to verify that the person has the right to access a computer or network.

Access to top secret or highly secure networks associated with Homeland Security or national defense use authentication methods based on a biological feature,such as a fingerprint or retinal scan to identify a person.These methods are called _____________.

The cybersecurity defense strategy and controls that should be used depend on __________.

Internal fraud prevention and detection measures are based on and .

Doing Business in Digital Times

Data Governance and IT Architecture Support Long-Term Performance

Data Management, Big Data Analytics, and Records Management

Networks for Efficient Operations and Sustainability

Attracting Buyers With Search, Semantic, and Recommendation Technology

Mobile Technologies and Commerce

Retail, E-Commerce, and Mobile Commerce Technology

Effective and Efficient Business Functions

Strategic Technology and Enterprise Systems

Data Visualization and Geographic Information Systems

IT Strategy and Balanced Scorecard

Project Management and SDLC

Ethical Risks and Responsibilities of IT Innovations

Filters

Exam 5: Cybersecurity and Risk Management

Robust data security is the responsibility of IT and data managers.

LulzSec is a hacker group and spin-off of the loosely organized hacking group called Anonymous.

Business operations are controlled by apps,systems,and networks that are so interconnected that anyone's ________ is an entry point for attacks.

One of ________ specialties is finding websites with poor security,and then stealing and posting information from them online.

Cyber-security experts warn that battling distributed denial-of-service and malware attacks has become part of everyday business for all organizations.

Detection and damage containment are the most desirable fraud controls.

A business impact analysis estimates the consequences of disruption of a business function and collects data to develop recovery strategies.

People who have their social security or credit card numbers stolen and used by thieves are frequently victims of ___________________.

In the United States,the Sarbanes-Oxley Act (SOX),Gramm-Leach-Bliley Act (GLB),Federal Information Security Management Act (FISMA),and USA Patriot Act all require businesses to __________________________.

A biometric control is an automated method of verifying the identity of a person,based on physical or behavioral characteristics.

The Payment Card Industry Data Security Standard (PCI DSS)created by Visa,MasterCard,American Express,and Discover is a __________.

.The IT security defense-in-depth model ends with ________.

The main cause of a data breach is malware,but the reason hacking is so successful is negligence-management not doing enough to defend against cyberthreats.

The preferred method of hackers who want to steal trade secrets and other confidential information from business organizations is ___________.

Internal fraud prevention measures are based on the same controls used to prevent external intrusions-perimeter defense technologies,such as firewalls,e-mail scanners,and biometric access.

In cybersecurity terms,the function of a password together with a username is to __________ a user's identity to verify that the person has the right to access a computer or network.

Access to top secret or highly secure networks associated with Homeland Security or national defense use authentication methods based on a biological feature,such as a fingerprint or retinal scan to identify a person.These methods are called _____________.

The cybersecurity defense strategy and controls that should be used depend on __________.

Internal fraud prevention and detection measures are based on __________ and __________.

Doing Business in Digital Times

Data Governance and IT Architecture Support Long-Term Performance

Data Management, Big Data Analytics, and Records Management

Networks for Efficient Operations and Sustainability

Attracting Buyers With Search, Semantic, and Recommendation Technology

Mobile Technologies and Commerce

Retail, E-Commerce, and Mobile Commerce Technology

Effective and Efficient Business Functions

Strategic Technology and Enterprise Systems

Data Visualization and Geographic Information Systems

IT Strategy and Balanced Scorecard

Project Management and SDLC

Ethical Risks and Responsibilities of IT Innovations

Filters

Internal fraud prevention and detection measures are based on and .