Question 1

Biometric identifiers refer to something the user knows, such as a user ID, password, PIN, or answer to a security question.

Accepted Answer

A) True 
 B)False  False

Question 2

Which of the following is true of the European Union's Data Protection Directive?

Accepted Answer

A) It requires fraudulent companies working for the European Union to maintain a do-not-spam list. 
B) It prohibits businesses from sending misleading or deceptive commercial emails, but denies recipients any legal recourse on their own. 
C) It establishes privacy as a fundamental human right for EU citizens. 
D) The law is less restrictive than U.S. laws. 
A) It requires fraudulent companies working for the European Union to maintain a do-not-spam list. 
B) It prohibits businesses from sending misleading or deceptive commercial emails, but denies recipients any legal recourse on their own. 
C) It establishes privacy as a fundamental human right for EU citizens. 
D) The law is less restrictive than U.S. laws. C

Question 3

Which of the following is an accurate definition of a computer virus?

Accepted Answer

A) It is a software program that can damage files or other programs. 
B) It is a software program that attracts potentially malicious attacks to study their origin. 
C) It is a software program that masks the browsing history and preferences of Internet users. 
D) It is a software program that inspects incoming or outgoing traffic to a computer network. 
A) It is a software program that can damage files or other programs. 
B) It is a software program that attracts potentially malicious attacks to study their origin. 
C) It is a software program that masks the browsing history and preferences of Internet users. 
D) It is a software program that inspects incoming or outgoing traffic to a computer network. A

Question 4

Which of the following technologies is most likely to be used by organizations as an authentication strategy?

Accepted Answer

A) intelligent character recognition 
B) optical mark recognition 
C) voice pattern recognition 
D) blood group recognition 
A) intelligent character recognition 
B) optical mark recognition 
C) voice pattern recognition 
D) blood group recognition

Question 5

When does a computer become a zombie?

Accepted Answer

A) when it becomes immune to botnets 
B) when it enters a secure site 
C) when it is infected by malware 
D) when it is hidden behind a firewall 
A) when it becomes immune to botnets 
B) when it enters a secure site 
C) when it is infected by malware 
D) when it is hidden behind a firewall

Question 6

Digital rights management offers IP holders the benefit of ________.

Accepted Answer

A) preventing loss of critical organization data 
B) collaborating online to create open source products 
C) adding visual appeal to their digital products 
D) offering technological protection for their products 
A) preventing loss of critical organization data 
B) collaborating online to create open source products 
C) adding visual appeal to their digital products 
D) offering technological protection for their products

Question 7

All ethical actions are legal, but not all legal actions are ethical.

Accepted Answer

A) True 
 B)False

Question 8

What is the purpose of using surveillance technologies in organizations? How do they help in protecting information and monitoring productivity?

Accepted Answer

Surveillance technologies to monitor ema

Question 9

Discuss any two kinds of authentication strategies used in organizations.

Accepted Answer

Technical controls for preventing unauth

Question 10

Which of the following methods is often used for phishing purposes?

Accepted Answer

A) posting harmless videos on websites 
B) monitoring a user's keystrokes 
C) soliciting personal information through emails 
D) infecting computers with self-replicating programs that slow down the systems 
A) posting harmless videos on websites 
B) monitoring a user's keystrokes 
C) soliciting personal information through emails 
D) infecting computers with self-replicating programs that slow down the systems

Question 11

Which of the following is a provision of the State Security Breach Notification Laws?

Accepted Answer

A) They require organizations to inform state residents if sensitive data are released. 
B) They require companies to provide "opt out" choices before transferring personal data to third parties. 
C) They prohibit businesses from sending misleading or deceptive commercial emails to representatives of the state. 
D) They include provisions to protect the privacy and security of individually identifiable health information. 
A) They require organizations to inform state residents if sensitive data are released. 
B) They require companies to provide "opt out" choices before transferring personal data to third parties. 
C) They prohibit businesses from sending misleading or deceptive commercial emails to representatives of the state. 
D) They include provisions to protect the privacy and security of individually identifiable health information.

Question 12

Which of the following systems are used to combat spam?

Accepted Answer

A) conversational programming systems 
B) intrusion prevention systems 
C) executive information systems 
D) expert systems 
A) conversational programming systems 
B) intrusion prevention systems 
C) executive information systems 
D) expert systems

Question 13

What is the step involved in risk management after vulnerabilities of an organization have been examined?

Accepted Answer

A) determination of the source of threats 
B) assessment of threats 
C) evaluation of controls that fill in security gaps 
D) finalization of broadly defined goals 
A) determination of the source of threats 
B) assessment of threats 
C) evaluation of controls that fill in security gaps 
D) finalization of broadly defined goals

Question 14

Organizations use a(n)________ to categorize a security threat, determine its cause, preserve any evidence, and get systems back online so they can resume business.

Accepted Answer

A) risk matrix 
B) incidence response plan 
C) vulnerability assessment scheme 
D) total quality management program 
A) risk matrix 
B) incidence response plan 
C) vulnerability assessment scheme 
D) total quality management program

Question 15

What are some of the key elements that a security awareness program should comprise?

Accepted Answer

Organizations should have robust securit

Question 16

When a person tries to judge what action would create the greatest good for the greatest number, he or she is using a utilitarian scheme.

Accepted Answer

A) True 
 B)False

Question 17

Under which of the following circumstances is information privacy most difficult to achieve?

Accepted Answer

A) when information is stored on highly interconnected systems 
B) when information is mainly on paper 
C) when information is maintained on isolated systems 
D) when information is converted to code form using mathematical equations 
A) when information is stored on highly interconnected systems 
B) when information is mainly on paper 
C) when information is maintained on isolated systems 
D) when information is converted to code form using mathematical equations

Question 18

One way to identify a threat in an incident response plan is to ________.

Accepted Answer

A) prosecute the offender for security risk 
B) improve system efficiency 
C) communicate with a crisis management team 
D) preserve evidence of security breach 
A) prosecute the offender for security risk 
B) improve system efficiency 
C) communicate with a crisis management team 
D) preserve evidence of security breach

Question 19

Which of the following statements is true of information privacy?

Accepted Answer

A) It is most easily achieved online and is impossible to maintain on paper. 
B) It is governed by laws that are universal in all countries. 
C) It refers to the protection of data about individuals. 
D) It emphasizes the importance of sharing data over protecting personally identifiable information. 
A) It is most easily achieved online and is impossible to maintain on paper. 
B) It is governed by laws that are universal in all countries. 
C) It refers to the protection of data about individuals. 
D) It emphasizes the importance of sharing data over protecting personally identifiable information.

Question 20

________ is the art of manipulating people into breaking normal security procedures or divulging confidential information.

Accepted Answer

A) Password munging 
B) Shouldersurfing 
C) Social engineering 
D) Astroturfing 
A) Password munging 
B) Shouldersurfing 
C) Social engineering 
D) Astroturfing

Biometric identifiers refer to something the user knows, such as a user ID, password, PIN, or answer to a security question.

Which of the following is true of the European Union's Data Protection Directive?

Which of the following is an accurate definition of a computer virus?

Which of the following technologies is most likely to be used by organizations as an authentication strategy?

When does a computer become a zombie?

Digital rights management offers IP holders the benefit of ________.

All ethical actions are legal, but not all legal actions are ethical.

What is the purpose of using surveillance technologies in organizations? How do they help in protecting information and monitoring productivity?

Discuss any two kinds of authentication strategies used in organizations.

Which of the following methods is often used for phishing purposes?

Which of the following is a provision of the State Security Breach Notification Laws?

Which of the following systems are used to combat spam?

What is the step involved in risk management after vulnerabilities of an organization have been examined?

Organizations use a(n)________ to categorize a security threat, determine its cause, preserve any evidence, and get systems back online so they can resume business.

What are some of the key elements that a security awareness program should comprise?

When a person tries to judge what action would create the greatest good for the greatest number, he or she is using a utilitarian scheme.

Under which of the following circumstances is information privacy most difficult to achieve?

One way to identify a threat in an incident response plan is to ________.

Which of the following statements is true of information privacy?

________ is the art of manipulating people into breaking normal security procedures or divulging confidential information.

Information Systems and People

Information Systems and Strategy

Information and Communications Technologies: The Enterprise Architecture

Databases and Datawarehouses

Information Systems for the Enterprise

The Web, E-Commerce, and M-Commerce

Business Intelligence and Decision Making

Collaborating With Technology

Knowledge Management and E-Learning

Systems Development and Procurement

Project Management and Strategic Planning

Filters

Exam 10: Ethics, Privacy, and Security

Biometric identifiers refer to something the user knows, such as a user ID, password, PIN, or answer to a security question.

Which of the following is true of the European Union's Data Protection Directive?

Which of the following is an accurate definition of a computer virus?

Which of the following technologies is most likely to be used by organizations as an authentication strategy?

When does a computer become a zombie?

Digital rights management offers IP holders the benefit of ________.

All ethical actions are legal, but not all legal actions are ethical.

What is the purpose of using surveillance technologies in organizations? How do they help in protecting information and monitoring productivity?

Discuss any two kinds of authentication strategies used in organizations.

Which of the following methods is often used for phishing purposes?

Which of the following is a provision of the State Security Breach Notification Laws?

Which of the following systems are used to combat spam?

What is the step involved in risk management after vulnerabilities of an organization have been examined?

Organizations use a(n)________ to categorize a security threat, determine its cause, preserve any evidence, and get systems back online so they can resume business.

What are some of the key elements that a security awareness program should comprise?

When a person tries to judge what action would create the greatest good for the greatest number, he or she is using a utilitarian scheme.

Under which of the following circumstances is information privacy most difficult to achieve?

One way to identify a threat in an incident response plan is to ________.

Which of the following statements is true of information privacy?

________ is the art of manipulating people into breaking normal security procedures or divulging confidential information.

Information Systems and People

Information Systems and Strategy

Information and Communications Technologies: The Enterprise Architecture

Databases and Datawarehouses

Information Systems for the Enterprise

The Web, E-Commerce, and M-Commerce

Business Intelligence and Decision Making

Collaborating With Technology

Knowledge Management and E-Learning

Systems Development and Procurement

Project Management and Strategic Planning

Filters