Question 1

_____ is a method of access control that prevents unauthorized users from using an unattended computer to access the network and data.

Accepted Answer

A) Terminal resource security 
B) Distance-vector routing 
C) Direct digital synthesis 
D) Link-state routing 
A) Terminal resource security 
B) Distance-vector routing 
C) Direct digital synthesis 
D) Link-state routing A

Question 2

Viruses can be transmitted through a network or through e-mail attachments.

Accepted Answer

A) True 
 B)False  True

Question 3

Briefly explain an intrusion detection system (IDS).

Accepted Answer

Answers will vary.Firewalls protect against external access,but they leave networks unprotected from internal intrusions.An IDS can protect against both external and internal access.It is usually placed in front of a firewall and can identify attack signatures,trace patterns,generate alarms for a network administrator,and cause routers to terminate connections with suspicious sources.
These systems can also prevent denial-of-service attacks.An IDS monitors network traffic and uses the "prevent,detect,and react" approach to security.Although it improves security,it requires a great deal of processing power and can affect network performance.It might also need additional configuration to prevent it from generating false positive alarms.

Question 4

John downloaded Alten Cleaner,a program that poses as a computer registry cleaner,on his computer.Once he installed the program on his computer,the program illegitimately gained access to John's passwords and credit card information.In this scenario,it is evident that John was a victim of _____.

Accepted Answer

A) spoofing 
B) phishing 
C) baiting 
D) pharming 
A) spoofing 
B) phishing 
C) baiting 
D) pharming

Question 5

Briefly discuss the process of data encryption.

Accepted Answer

Answers will vary.Data encryption transf

Question 6

Briefly discuss dumpster diving and shoulder surfing,two commonly used social-engineering techniques.

Accepted Answer

Answers will vary.Two commonly used soci

Question 7

When planning a comprehensive security system,the first step is designing _____,which use a combination of hardware and software for improving reliability,a way of ensuring availability in case of a system failure.

Accepted Answer

A) database-resilient systems 
B) vulnerability-evade systems 
C) primary-defense systems 
D) fault-tolerant systems 
A) database-resilient systems 
B) vulnerability-evade systems 
C) primary-defense systems 
D) fault-tolerant systems

Question 8

In the context of e-commerce transaction security measures,authentication is a critical factor because it ensures that:

Accepted Answer

A) a system quickly recovers in the event of a system failure or disaster. 
B) the person using a credit card number is the card's legitimate owner. 
C) the accuracy of information resources within an organization is maintained. 
D) a system can easily be restored to operational status. 
A) a system quickly recovers in the event of a system failure or disaster. 
B) the person using a credit card number is the card's legitimate owner. 
C) the accuracy of information resources within an organization is maintained. 
D) a system can easily be restored to operational status.

Question 9

An intrusion detection system (IDS)can protect networks against both external and internal access.

Accepted Answer

A) True 
 B)False

Question 10

Briefly explain the McCumber cube.

Accepted Answer

Answers will vary.The Committee on Natio

Question 11

_____ is a type of data encryption that enables users of the Internet to securely and privately exchange data through the use of a pair of keys that is obtained from a trusted authority and shared through that authority.

Accepted Answer

A) A public key infrastructure 
B) Open key encryption 
C) Secret key encryption 
D) A private key infrastructure 
A) A public key infrastructure 
B) Open key encryption 
C) Secret key encryption 
D) A private key infrastructure

Question 12

List several different types of intentional computer and network security threats.

Accepted Answer

Answers will vary.Intentional computer a

Question 13

A(n)_____contains code intended to disrupt a computer,network,or Web site and is usually hidden inside a popular program.

Accepted Answer

A) Trojan program 
B) PageRank 
C) exit application 
D) withdrawal suite 
A) Trojan program 
B) PageRank 
C) exit application 
D) withdrawal suite

Question 14

The main function of Cyber Incident Response Capability (CIRC)is to _____.

Accepted Answer

A) provide level 1 security 
B) restrict access controls to unauthorized personnel 
C) provide information on security incidents 
D) create backdoors to bypass security protocols 
A) provide level 1 security 
B) restrict access controls to unauthorized personnel 
C) provide information on security incidents 
D) create backdoors to bypass security protocols

Question 15

In the context of intentional computer and network threats,a _____ is a programming routine built into a system by its designer or programmer to bypass system security and sneak back into the system later to access programs or files.

Accepted Answer

A) logic bomb 
B) proxy server 
C) firewall 
D) backdoor 
A) logic bomb 
B) proxy server 
C) firewall 
D) backdoor

Question 16

Which type of access control is used to protect systems from unauthorized access?

Accepted Answer

A) Electronic trackers 
B) Passwords 
C) Firewalls 
D) Identification badges 
A) Electronic trackers 
B) Passwords 
C) Firewalls 
D) Identification badges

Question 17

Which of the following intentional computer and network threats is a type of Trojan program used to release a virus,worm,or other destructive code?

Accepted Answer

A) A logic bomb 
B) Dumpster diving 
C) A blended threat 
D) Shoulder surfing 
A) A logic bomb 
B) Dumpster diving 
C) A blended threat 
D) Shoulder surfing

Question 18

In the context of the CIA triangle,confidentiality means that computers and networks are operating and authorized users can access the information they need.

Accepted Answer

A) True 
 B)False

Question 19

In the context of security,_____ is an attack that takes advantage of the human element of security systems.

Accepted Answer

A) disk mirroring 
B) weblogging 
C) voice recognition 
D) social engineering 
A) disk mirroring 
B) weblogging 
C) voice recognition 
D) social engineering

Question 20

The Committee on National Security Systems (CNSS)proposed a model known as the _____ for evaluating information security.

Accepted Answer

A) McCumber cube 
B) Six Sigma model 
C) Bohr model 
D) SWOT analysis 
A) McCumber cube 
B) Six Sigma model 
C) Bohr model 
D) SWOT analysis

_____ is a method of access control that prevents unauthorized users from using an unattended computer to access the network and data.

Viruses can be transmitted through a network or through e-mail attachments.

Briefly explain an intrusion detection system (IDS).

John downloaded Alten Cleaner,a program that poses as a computer registry cleaner,on his computer.Once he installed the program on his computer,the program illegitimately gained access to John's passwords and credit card information.In this scenario,it is evident that John was a victim of _____.

Briefly discuss the process of data encryption.

Briefly discuss dumpster diving and shoulder surfing,two commonly used social-engineering techniques.

When planning a comprehensive security system,the first step is designing _____,which use a combination of hardware and software for improving reliability,a way of ensuring availability in case of a system failure.

In the context of e-commerce transaction security measures,authentication is a critical factor because it ensures that:

An intrusion detection system (IDS)can protect networks against both external and internal access.

Briefly explain the McCumber cube.

_____ is a type of data encryption that enables users of the Internet to securely and privately exchange data through the use of a pair of keys that is obtained from a trusted authority and shared through that authority.

List several different types of intentional computer and network security threats.

A(n)_____contains code intended to disrupt a computer,network,or Web site and is usually hidden inside a popular program.

The main function of Cyber Incident Response Capability (CIRC)is to _____.

In the context of intentional computer and network threats,a _____ is a programming routine built into a system by its designer or programmer to bypass system security and sneak back into the system later to access programs or files.

Which type of access control is used to protect systems from unauthorized access?

Which of the following intentional computer and network threats is a type of Trojan program used to release a virus,worm,or other destructive code?

In the context of the CIA triangle,confidentiality means that computers and networks are operating and authorized users can access the information they need.

In the context of security,_____ is an attack that takes advantage of the human element of security systems.

The Committee on National Security Systems (CNSS)proposed a model known as the _____ for evaluating information security.

Information Systems: An Overview

Computers: The Machines Behind Computing

Database Systems,Data Warehouses,and Data Marts

Personal,Legal,Ethical,and Organizational Issues of Information Systems

Data Communication: Delivering Information Anywhere and Anytime

The Internet,Intranets,and Extranets

E-Commerce

Global Information Systems

Building Successful Information Systems

Enterprise Systems

Management Support Systems

Intelligent Information Systems

Emerging Trends,Technologies,and Applications

Filters

Exam 5: Protecting Information Resources

_____ is a method of access control that prevents unauthorized users from using an unattended computer to access the network and data.

Viruses can be transmitted through a network or through e-mail attachments.

Briefly explain an intrusion detection system (IDS).

John downloaded Alten Cleaner,a program that poses as a computer registry cleaner,on his computer.Once he installed the program on his computer,the program illegitimately gained access to John's passwords and credit card information.In this scenario,it is evident that John was a victim of _____.

Briefly discuss the process of data encryption.

Briefly discuss dumpster diving and shoulder surfing,two commonly used social-engineering techniques.

When planning a comprehensive security system,the first step is designing _____,which use a combination of hardware and software for improving reliability,a way of ensuring availability in case of a system failure.

In the context of e-commerce transaction security measures,authentication is a critical factor because it ensures that:

An intrusion detection system (IDS)can protect networks against both external and internal access.

Briefly explain the McCumber cube.

_____ is a type of data encryption that enables users of the Internet to securely and privately exchange data through the use of a pair of keys that is obtained from a trusted authority and shared through that authority.

List several different types of intentional computer and network security threats.

A(n)_____contains code intended to disrupt a computer,network,or Web site and is usually hidden inside a popular program.

The main function of Cyber Incident Response Capability (CIRC)is to _____.

In the context of intentional computer and network threats,a _____ is a programming routine built into a system by its designer or programmer to bypass system security and sneak back into the system later to access programs or files.

Which type of access control is used to protect systems from unauthorized access?

Which of the following intentional computer and network threats is a type of Trojan program used to release a virus,worm,or other destructive code?

In the context of the CIA triangle,confidentiality means that computers and networks are operating and authorized users can access the information they need.

In the context of security,_____ is an attack that takes advantage of the human element of security systems.

The Committee on National Security Systems (CNSS)proposed a model known as the _____ for evaluating information security.

Information Systems: An Overview

Computers: The Machines Behind Computing

Database Systems,Data Warehouses,and Data Marts

Personal,Legal,Ethical,and Organizational Issues of Information Systems

Data Communication: Delivering Information Anywhere and Anytime

The Internet,Intranets,and Extranets

E-Commerce

Global Information Systems

Building Successful Information Systems

Enterprise Systems

Management Support Systems

Intelligent Information Systems

Emerging Trends,Technologies,and Applications

Filters