Question 1

Firewalls and intrusion detection systems (IDS)mostly protect against internal threats.

Accepted Answer

A) True 
 B)False

Question 2

According to cybersecurity experts,most data breaches go unreported because corporate victims fear that disclosure would damage their stock price,or because ________.

Accepted Answer

A) they want to hide the attack from the government 
B) they never knew they were hacked in the first place 
C) they want to cover up the intrusion 
D) they do not have to report them. 
A) they want to hide the attack from the government 
B) they never knew they were hacked in the first place 
C) they want to cover up the intrusion 
D) they do not have to report them.

Question 3

The internal control environment is the work atmosphere that a company sets for its employees and is designed to achieve all of the following except _________.

Accepted Answer

A) Reliability of financial reporting 
B) Secure decision making 
C) Compliance with laws 
D) Compliance with regulations and policies 
A) Reliability of financial reporting 
B) Secure decision making 
C) Compliance with laws 
D) Compliance with regulations and policies

Question 4

Since protecting all data at an equally high level is not practical,cybersecurity strategies need to classify and prioritize defenses.

Accepted Answer

A) True 
 B)False

Question 5

Malware infected computers can be organized into networks called ________.

Accepted Answer

The answer of Malware infected computers can be organized into...

Question 6

________ is also known as human hacking-tricking users into revealing their credentials and then using them to gain access to networks or accounts.

Accepted Answer

A) Android-hacking 
B) BYOD 
C) Hacktivism 
D) Social engineering 
A) Android-hacking 
B) BYOD 
C) Hacktivism 
D) Social engineering

Question 7

In Cybersecurity terminology,a risk is defined as ________:

Accepted Answer

A) A weakness that threatens the confidentiality,integrity,or availability of data. 
B) Something or someone that can damage,disrupt,or destroy an asset. 
C) Estimated cost,loss,or damage that can result from an exploit. 
D) The probability of a threat exploiting a vulnerability. 
A) A weakness that threatens the confidentiality,integrity,or availability of data. 
B) Something or someone that can damage,disrupt,or destroy an asset. 
C) Estimated cost,loss,or damage that can result from an exploit. 
D) The probability of a threat exploiting a vulnerability.

Question 8

In the United States,the Sarbanes-Oxley Act (SOX),Gramm-Leach-Bliley Act (GLB),Federal Information Security Management Act (FISMA),and USA Patriot Act all require businesses to protect PII,which stands for _______________.

Accepted Answer

Personally

Question 9

The consequences of lax cybersecurity include damaged reputations,financial penalties,government fines,lost market share,falling share prices,and consumer backlash.

Accepted Answer

A) True 
 B)False

Question 10

A key of finding of the 2014 Global State of Information Security Survey was ________.

Accepted Answer

A) Too many companies are defending yesterday---that is,they rely on yesterday's cybersecurity practices that are ineffective at combating today's threats. 
B) Protecting all data at an equally high level is now practical and feasible. 
C) Most companies implement stringent security policies before moving to cloud computing,but not before implementing BYOD. 
D) APTs require a new information-protection model that focuses on preventing DDoS attacks. 
A) Too many companies are defending yesterday---that is,they rely on yesterday's cybersecurity practices that are ineffective at combating today's threats. 
B) Protecting all data at an equally high level is now practical and feasible. 
C) Most companies implement stringent security policies before moving to cloud computing,but not before implementing BYOD. 
D) APTs require a new information-protection model that focuses on preventing DDoS attacks.

Question 11

_____________detection identifies things like excessive hours worked,unusual transactions,copying of huge amounts of data and other unusual patterns of behavior,and uses them to alert IT managers to the possibility of internal fraud.

Accepted Answer

The answer of _____________detection identifies things like excessive hours worked,unusual...

Question 12

Facebook,YouTube,Twitter,LinkedIn,and other social networks are making IT security dangers worse.Why?

Accepted Answer

A) Users invite in and build relationships with others.Cybercriminals hack into these trusted relationships using stolen log-in credentials. 
B) E-mail viruses and malware have been increasing for years even though e-mail security has improved. 
C) Communication has shifted from social networks to smartphones. 
D) Web filtering,user education,and strict policies cannot help prevent IT security dangers on Facebook and other social networks. 
A) Users invite in and build relationships with others.Cybercriminals hack into these trusted relationships using stolen log-in credentials. 
B) E-mail viruses and malware have been increasing for years even though e-mail security has improved. 
C) Communication has shifted from social networks to smartphones. 
D) Web filtering,user education,and strict policies cannot help prevent IT security dangers on Facebook and other social networks.

Question 13

While security threats from e-mail viruses and malware have been declining for years as e-mail security has improved,threats from __________ have increased considerably in recent years.

Accepted Answer

A) Software errors 
B) Malicious employees 
C) Social networks and cloud computing 
D) Vendor sabotage 
A) Software errors 
B) Malicious employees 
C) Social networks and cloud computing 
D) Vendor sabotage

Question 14

One of the biggest mistakes managers make is underestimating IT vulnerabilities and threats.

Accepted Answer

A) True 
 B)False

Question 15

Most organizations use software or hardware devices to control access to their private networks from the Internet by analyzing incoming and outgoing data packets.These devices are called ___________.

Accepted Answer

A) Antimalware 
B) Firewalls 
C) Intrusion detection systems 
D) Middleware 
A) Antimalware 
B) Firewalls 
C) Intrusion detection systems 
D) Middleware

Question 16

During the fraud investigation of Bernie Madoff,computer forensics experts were tasked with uncovering digital messages that revealed "who knew what" and "who did what."

Accepted Answer

A) True 
 B)False

Question 17

Which of the following is not a characteristic of money laundering and terrorist financing?

Accepted Answer

A) Transnational organized crime groups use money laundering to fund their operations,which creates international and national security threats. 
B) Cybercrime is safer and easier than selling drugs,dealing in black market diamonds,or robbing banks. 
C) Funds used to finance terrorist operations are easy to track,which provides evidence to identify and locate leaders of terrorist organizations and cells. 
D) Online gambling offers easy fronts for international money-laundering operations. 
A) Transnational organized crime groups use money laundering to fund their operations,which creates international and national security threats. 
B) Cybercrime is safer and easier than selling drugs,dealing in black market diamonds,or robbing banks. 
C) Funds used to finance terrorist operations are easy to track,which provides evidence to identify and locate leaders of terrorist organizations and cells. 
D) Online gambling offers easy fronts for international money-laundering operations.

Question 18

IT professionals work hard to protect key characteristics of an asset from security breaches.One of these characteristics is ____________,or the property that data or files have not been altered in an unauthorized way.

Accepted Answer

A) Integrity 
B) Confidentiality 
C) Availability 
D) Reliability 
A) Integrity 
B) Confidentiality 
C) Availability 
D) Reliability

Question 19

Most APT attacks are launched through ________.

Accepted Answer

A) Data tampering 
B) Worms 
C) Phishing 
D) Vectors 
A) Data tampering 
B) Worms 
C) Phishing 
D) Vectors

Question 20

Phishing is a deceptive method of stealing confidential information by pretending to be a legitimate organization,such as PayPal,a bank,credit card company,or other trusted source.

Accepted Answer

A) True 
 B)False

Firewalls and intrusion detection systems (IDS)mostly protect against internal threats.

According to cybersecurity experts,most data breaches go unreported because corporate victims fear that disclosure would damage their stock price,or because ________.

The internal control environment is the work atmosphere that a company sets for its employees and is designed to achieve all of the following except _________.

Since protecting all data at an equally high level is not practical,cybersecurity strategies need to classify and prioritize defenses.

Malware infected computers can be organized into networks called ________.

________ is also known as human hacking-tricking users into revealing their credentials and then using them to gain access to networks or accounts.

In Cybersecurity terminology,a risk is defined as ________:

In the United States,the Sarbanes-Oxley Act (SOX),Gramm-Leach-Bliley Act (GLB),Federal Information Security Management Act (FISMA),and USA Patriot Act all require businesses to protect PII,which stands for _______________.

The consequences of lax cybersecurity include damaged reputations,financial penalties,government fines,lost market share,falling share prices,and consumer backlash.

A key of finding of the 2014 Global State of Information Security Survey was ________.

_____________detection identifies things like excessive hours worked,unusual transactions,copying of huge amounts of data and other unusual patterns of behavior,and uses them to alert IT managers to the possibility of internal fraud.

Facebook,YouTube,Twitter,LinkedIn,and other social networks are making IT security dangers worse.Why?

While security threats from e-mail viruses and malware have been declining for years as e-mail security has improved,threats from __________ have increased considerably in recent years.

One of the biggest mistakes managers make is underestimating IT vulnerabilities and threats.

Most organizations use software or hardware devices to control access to their private networks from the Internet by analyzing incoming and outgoing data packets.These devices are called ___________.

During the fraud investigation of Bernie Madoff,computer forensics experts were tasked with uncovering digital messages that revealed "who knew what" and "who did what."

Which of the following is not a characteristic of money laundering and terrorist financing?

IT professionals work hard to protect key characteristics of an asset from security breaches.One of these characteristics is ____________,or the property that data or files have not been altered in an unauthorized way.

Most APT attacks are launched through ________.

Phishing is a deceptive method of stealing confidential information by pretending to be a legitimate organization,such as PayPal,a bank,credit card company,or other trusted source.

Doing Business in Digital Times

Data Governance and IT Architecture Support Long-Term Performance

Data Management, Big Data Analytics, and Records Management

Networks for Efficient Operations and Sustainability

Attracting Buyers With Search, Semantic, and Recommendation Technology

Mobile Technologies and Commerce

Retail, E-Commerce, and Mobile Commerce Technology

Effective and Efficient Business Functions

Strategic Technology and Enterprise Systems

Data Visualization and Geographic Information Systems

IT Strategy and Balanced Scorecard

Project Management and SDLC

Ethical Risks and Responsibilities of IT Innovations

Filters

Exam 5: Cybersecurity and Risk Management

Firewalls and intrusion detection systems (IDS)mostly protect against internal threats.

According to cybersecurity experts,most data breaches go unreported because corporate victims fear that disclosure would damage their stock price,or because ________.

The internal control environment is the work atmosphere that a company sets for its employees and is designed to achieve all of the following except _________.

Since protecting all data at an equally high level is not practical,cybersecurity strategies need to classify and prioritize defenses.

Malware infected computers can be organized into networks called ________.

________ is also known as human hacking-tricking users into revealing their credentials and then using them to gain access to networks or accounts.

In Cybersecurity terminology,a risk is defined as ________:

In the United States,the Sarbanes-Oxley Act (SOX),Gramm-Leach-Bliley Act (GLB),Federal Information Security Management Act (FISMA),and USA Patriot Act all require businesses to protect PII,which stands for _______________.

The consequences of lax cybersecurity include damaged reputations,financial penalties,government fines,lost market share,falling share prices,and consumer backlash.

A key of finding of the 2014 Global State of Information Security Survey was ________.

_____________detection identifies things like excessive hours worked,unusual transactions,copying of huge amounts of data and other unusual patterns of behavior,and uses them to alert IT managers to the possibility of internal fraud.

Facebook,YouTube,Twitter,LinkedIn,and other social networks are making IT security dangers worse.Why?

While security threats from e-mail viruses and malware have been declining for years as e-mail security has improved,threats from __________ have increased considerably in recent years.

One of the biggest mistakes managers make is underestimating IT vulnerabilities and threats.

Most organizations use software or hardware devices to control access to their private networks from the Internet by analyzing incoming and outgoing data packets.These devices are called ___________.

During the fraud investigation of Bernie Madoff,computer forensics experts were tasked with uncovering digital messages that revealed "who knew what" and "who did what."

Which of the following is not a characteristic of money laundering and terrorist financing?

IT professionals work hard to protect key characteristics of an asset from security breaches.One of these characteristics is ____________,or the property that data or files have not been altered in an unauthorized way.

Most APT attacks are launched through ________.

Phishing is a deceptive method of stealing confidential information by pretending to be a legitimate organization,such as PayPal,a bank,credit card company,or other trusted source.

Doing Business in Digital Times

Data Governance and IT Architecture Support Long-Term Performance

Data Management, Big Data Analytics, and Records Management

Networks for Efficient Operations and Sustainability

Attracting Buyers With Search, Semantic, and Recommendation Technology

Mobile Technologies and Commerce

Retail, E-Commerce, and Mobile Commerce Technology

Effective and Efficient Business Functions

Strategic Technology and Enterprise Systems

Data Visualization and Geographic Information Systems

IT Strategy and Balanced Scorecard

Project Management and SDLC

Ethical Risks and Responsibilities of IT Innovations

Filters