Question 1

In most cases,companies can screen vendor,partner personnel and public users.

Accepted Answer

A) True 
 B)False

Question 2

Which of the following is a valid difference between a password and user name?

Accepted Answer

A)  A password is used to encode information, whereas a user name is used to decode information. 
B)  Unlike a password, a user name is more complex. 
C)  A user name identifies the user, whereas a password authenticates the user. 
D)  A user name is common among users, whereas a password is unique. 
A)  A password is used to encode information, whereas a user name is used to decode information. 
B)  Unlike a password, a user name is more complex. 
C)  A user name identifies the user, whereas a password authenticates the user. 
D)  A user name is common among users, whereas a password is unique.

Question 3

The ___________ should also gather and preserve evidence for legal action.

Accepted Answer

A)  organization 
B)  centralized reporting 
C)  incident response plan 
D)  forensics investigation 
A)  organization 
B)  centralized reporting 
C)  incident response plan 
D)  forensics investigation

Question 4

Many organizations create honey-pots,which are false targets for hackers to attack.

Accepted Answer

A) True 
 B)False

Question 5

A __________ is a systematic evaluation of security by assessing how well the security safeguards conform to established criteria.

Accepted Answer

A)  security audit 
B)  systems analysis 
C)  a recovery procedure 
D)  a security screening 
A)  security audit 
B)  systems analysis 
C)  a recovery procedure 
D)  a security screening

Question 6

Standard human resource policies should ensure that system administrators receive notification in advance of the employee's last day so they can remove accounts and passwords.

Accepted Answer

A) True 
 B)False

Question 7

A vulnerability is some measure that individuals or organizations take to block the threat from obtaining the asset.

Accepted Answer

A) True 
 B)False

Question 8

Companies often allow employees to use their own personal mobile device to conduct company activities,a policy called Bring Your Own Device (BYOD).

Accepted Answer

A) True 
 B)False

Question 9

A company-wide security policy should include how employees and others can request changes to inaccurate data.

Accepted Answer

A) True 
 B)False

Question 10

In a typical _________ attack,the criminal posts a reply to a discussion board but along with
The plaintext reply adds malicious code invisible to the discussion board.

Accepted Answer

A)  brute force attack 
B)  denial-of-service (DoS) 
C)  cross-site scripting (XSS) 
D)  SQL injection attack 
A)  brute force attack 
B)  denial-of-service (DoS) 
C)  cross-site scripting (XSS) 
D)  SQL injection attack

Question 11

Provide a brief explanation for each of the three categories of security losses:

Accepted Answer

A data loss occurs when a threat obtains

Question 12

Malware definitions-patterns that exist in malware code-should be downloaded frequently.

Accepted Answer

A) True 
 B)False

Question 13

Why should every company have a security incident response plan? What steps are involved?

Accepted Answer

First,every organization should have an

Question 14

______________ concerns the creation of new user accounts,the modification of existing account permissions,and the removal of unneeded accounts.

Accepted Answer

A)  a recovery procedure 
B)  account management 
C)  security audit 
D)  a security screening 
A)  a recovery procedure 
B)  account management 
C)  security audit 
D)  a security screening

Question 15

Removing and disabling cookies improves security,but your computer will be more difficult to use.

Accepted Answer

A) True 
 B)False

Question 16

Few individuals take security as seriously as they should,and most fail to implement even low-cost safeguards.

Accepted Answer

A) True 
 B)False

Question 17

Malware protection is an example of a data safeguard.

Accepted Answer

A) True 
 B)False

Question 18

Firewalls are an example of what type of safeguard?

Accepted Answer

A)  technical 
B)  data 
C)  procedural 
D)  human 
A)  technical 
B)  data 
C)  procedural 
D)  human

Question 19

The preventative measures used by organizations to reduce IS security are called:

Accepted Answer

A)  encryption 
B)  avoidance 
C)  safeguards 
D)  risks 
A)  encryption 
B)  avoidance 
C)  safeguards 
D)  risks

Question 20

A number used to encrypt data is called a(n)________.

Accepted Answer

A)  signature 
B)  key 
C)  cookie 
D)  escrow 
A)  signature 
B)  key 
C)  cookie 
D)  escrow

In most cases,companies can screen vendor,partner personnel and public users.

Which of the following is a valid difference between a password and user name?

The ___________ should also gather and preserve evidence for legal action.

Many organizations create honey-pots,which are false targets for hackers to attack.

A __________ is a systematic evaluation of security by assessing how well the security safeguards conform to established criteria.

Standard human resource policies should ensure that system administrators receive notification in advance of the employee's last day so they can remove accounts and passwords.

A vulnerability is some measure that individuals or organizations take to block the threat from obtaining the asset.

Companies often allow employees to use their own personal mobile device to conduct company activities,a policy called Bring Your Own Device (BYOD).

A company-wide security policy should include how employees and others can request changes to inaccurate data.

In a typical _________ attack,the criminal posts a reply to a discussion board but along with The plaintext reply adds malicious code invisible to the discussion board.

Provide a brief explanation for each of the three categories of security losses:

Malware definitions-patterns that exist in malware code-should be downloaded frequently.

Why should every company have a security incident response plan? What steps are involved?

______________ concerns the creation of new user accounts,the modification of existing account permissions,and the removal of unneeded accounts.

Removing and disabling cookies improves security,but your computer will be more difficult to use.

Few individuals take security as seriously as they should,and most fail to implement even low-cost safeguards.

Malware protection is an example of a data safeguard.

Firewalls are an example of what type of safeguard?

The preventative measures used by organizations to reduce IS security are called:

A number used to encrypt data is called a(n)________.

The Importance of MIS

Business Processes, Information Systems, and Information

Networks and the Cloud

Database Processing

Using Is to Improve Processes

Supporting Processes With ERP Systems

Supporting the Procurement Process With SAP

Supporting the Sales Process With SAP

Collaboration and IS

Social Media and IS

Business Intelligence and IS

Filters

Exam 5: Information Systems Security

In most cases,companies can screen vendor,partner personnel and public users.

Which of the following is a valid difference between a password and user name?

The ___________ should also gather and preserve evidence for legal action.

Many organizations create honey-pots,which are false targets for hackers to attack.

A __________ is a systematic evaluation of security by assessing how well the security safeguards conform to established criteria.

Standard human resource policies should ensure that system administrators receive notification in advance of the employee's last day so they can remove accounts and passwords.

A vulnerability is some measure that individuals or organizations take to block the threat from obtaining the asset.

Companies often allow employees to use their own personal mobile device to conduct company activities,a policy called Bring Your Own Device (BYOD).

A company-wide security policy should include how employees and others can request changes to inaccurate data.

In a typical _________ attack,the criminal posts a reply to a discussion board but along with The plaintext reply adds malicious code invisible to the discussion board.

Provide a brief explanation for each of the three categories of security losses:

Malware definitions-patterns that exist in malware code-should be downloaded frequently.

Why should every company have a security incident response plan? What steps are involved?

______________ concerns the creation of new user accounts,the modification of existing account permissions,and the removal of unneeded accounts.

Removing and disabling cookies improves security,but your computer will be more difficult to use.

Few individuals take security as seriously as they should,and most fail to implement even low-cost safeguards.

Malware protection is an example of a data safeguard.

Firewalls are an example of what type of safeguard?

The preventative measures used by organizations to reduce IS security are called:

A number used to encrypt data is called a(n)________.

The Importance of MIS

Business Processes, Information Systems, and Information

Networks and the Cloud

Database Processing

Using Is to Improve Processes

Supporting Processes With ERP Systems

Supporting the Procurement Process With SAP

Supporting the Sales Process With SAP

Collaboration and IS

Social Media and IS

Business Intelligence and IS

Filters