Question 1

The purpose of a business continuity planning session in an organization is to ________.

Accepted Answer

A) discuss how to return the organization to normal operations as quickly as possible after a data breach 
B) build plans to increase the market presence of the organization and increase its user base 
C) identify new markets that will accelerate the growth of the organization 
D) understand the type of information stored by the organization and implement relevant security measures as required by regulatory laws 
A) discuss how to return the organization to normal operations as quickly as possible after a data breach 
B) build plans to increase the market presence of the organization and increase its user base 
C) identify new markets that will accelerate the growth of the organization 
D) understand the type of information stored by the organization and implement relevant security measures as required by regulatory laws A

Question 2

A student at the MSA University hacked into the university's official Web site and stole some confidential information about the scholarship program.This incident is an example of ________.

Accepted Answer

A) a data breach 
B) asynchronous communication 
C) key escrow 
D) a sequence flow 
A) a data breach 
B) asynchronous communication 
C) key escrow 
D) a sequence flow A

Question 3

Bob, a hacker, encountered a vulnerability in a bank's firewall when he was trying to hack into its Web site.Which of the following can Bob use to take advantage of this liability?

Accepted Answer

A) exploit 
B) attack vector 
C) carding 
D) wardriver 
A) exploit 
B) attack vector 
C) carding 
D) wardriver A

Question 4

Why should organizations respond quickly to data breaches?

Accepted Answer

Organizations need to respond to data br

Question 5

________ are countermeasures designed to prevent sensitive data from being released to unauthorized persons.

Accepted Answer

A) Malware definitions 
B) Attack vectors 
C) Data loss prevention systems 
D) Data extrusion prevention systems 
A) Malware definitions 
B) Attack vectors 
C) Data loss prevention systems 
D) Data extrusion prevention systems

Question 6

Explain how hackers use information stolen from data breaches for credit card forgery.

Accepted Answer

Over 67 percent of data breaches come fr

Question 7

Direct costs of handling a data breach do not include paying for detection of the breach.

Accepted Answer

A) True 
 B)False

Question 8

Which of the following should be done by employees to protect against data breaches?

Accepted Answer

A) They should develop new exploits. 
B) They should remove existing honeypots. 
C) They should design methods for data extrusion. 
D) They should conduct a walkthrough. 
A) They should develop new exploits. 
B) They should remove existing honeypots. 
C) They should design methods for data extrusion. 
D) They should conduct a walkthrough.

Question 9

List some of the regulatory laws that govern the secure storage of data in certain industries.

Accepted Answer

Organizations need to understand the bod

Question 10

A(n)________ is used to examine traffic passing through an organization's internal network.

Accepted Answer

A) honeypot 
B) attack vector 
C) security protocols open repository 
D) network intrusion detection system 
A) honeypot 
B) attack vector 
C) security protocols open repository 
D) network intrusion detection system

Question 11

Decisions on how to respond to a data breach are most effective if they are made when the breach is happening.

Accepted Answer

A) True 
 B)False

Question 12

Data extrusion helps organizations secure their data from possible data breaches.

Accepted Answer

A) True 
 B)False

Question 13

An organization can easily stop a simple SQL injection attack on its online store by additional user training, stronger vendor authentication, or an internal network intrusion detection system.

Accepted Answer

A) True 
 B)False

Question 14

The Gramm-Leach-Bliley Act (GLBA)is a universal regulatory law that applies to all types of industries.

Accepted Answer

A) True 
 B)False

Question 15

An exploit is a type of attack vector used by hackers.

Accepted Answer

A) True 
 B)False

Question 16

Organizations need to understand the body of regulatory law relative to the type of information they store because they will be held accountable for implementing those standards.

Accepted Answer

A) True 
 B)False

Question 17

Explain how data breach occurs with an example.

Accepted Answer

Hackers are continually developing new t

Question 18

A group of hackers decide to steal credit card details of the users of Swift Shopping Inc., a leading e-commerce company.They infect the security system of the company's third-party vendor and gain access into its internal network.They compromise an internal Windows server of the company and use a malware to extract customer data.Which of the following is illustrated in this scenario?

Accepted Answer

A) hardening 
B) carding 
C) pretexting 
D) data breaching 
A) hardening 
B) carding 
C) pretexting 
D) data breaching

Question 19

Sam is a hacker who makes money by stealing and selling credit cards.He has targeted the employees of a local firm and is looking for details such as names, addresses, dates of birth, social security numbers, credit card numbers, or health records.In this case, Sam is looking for ________.

Accepted Answer

A) firewall security measures 
B) business continuity plans 
C) malware definitions 
D) personally identifiable information 
A) firewall security measures 
B) business continuity plans 
C) malware definitions 
D) personally identifiable information

Question 20

Which of the following is true of the measures to be taken by an organization in the event of a data breach?

Accepted Answer

A) The organization must delay informing its users so that the occurrence of data breach remains private. 
B) The organization must not involve additional technical or law enforcement professionals, as it may lead to further damage to its data. 
C) The organization must destroy the evidence of the breach to avoid future security problems. 
D) The organization must respond quickly to mitigate the amount of damage hackers can do with the stolen data. 
A) The organization must delay informing its users so that the occurrence of data breach remains private. 
B) The organization must not involve additional technical or law enforcement professionals, as it may lead to further damage to its data. 
C) The organization must destroy the evidence of the breach to avoid future security problems. 
D) The organization must respond quickly to mitigate the amount of damage hackers can do with the stolen data.

Exam 26: Data Breaches

The purpose of a business continuity planning session in an organization is to ________.

A student at the MSA University hacked into the university's official Web site and stole some confidential information about the scholarship program.This incident is an example of ________.

Bob, a hacker, encountered a vulnerability in a bank's firewall when he was trying to hack into its Web site.Which of the following can Bob use to take advantage of this liability?

Why should organizations respond quickly to data breaches?

________ are countermeasures designed to prevent sensitive data from being released to unauthorized persons.

Explain how hackers use information stolen from data breaches for credit card forgery.

Direct costs of handling a data breach do not include paying for detection of the breach.

Which of the following should be done by employees to protect against data breaches?

List some of the regulatory laws that govern the secure storage of data in certain industries.

A(n)________ is used to examine traffic passing through an organization's internal network.

Decisions on how to respond to a data breach are most effective if they are made when the breach is happening.

Data extrusion helps organizations secure their data from possible data breaches.

An organization can easily stop a simple SQL injection attack on its online store by additional user training, stronger vendor authentication, or an internal network intrusion detection system.

The Gramm-Leach-Bliley Act (GLBA)is a universal regulatory law that applies to all types of industries.

An exploit is a type of attack vector used by hackers.

Organizations need to understand the body of regulatory law relative to the type of information they store because they will be held accountable for implementing those standards.

Explain how data breach occurs with an example.

Sam is a hacker who makes money by stealing and selling credit cards.He has targeted the employees of a local firm and is looking for details such as names, addresses, dates of birth, social security numbers, credit card numbers, or health records.In this case, Sam is looking for ________.

Which of the following is true of the measures to be taken by an organization in the event of a data breach?

The Importance of Mis

Business Processes, Information Systems, and Information

Organizational Strategy, Information Systems

Hardware and Software

Database Processing

The Cloud

Organizations and Information Systems

Social Media Information Systems

Business Intelligence Systems

Information Systems Security

Information Systems Management

Information Systems Development

Collaboration Information Systems for Decision Making

Collaborative Information Systems for Student Projects

Mobile Systems

Introduction to Microsoft Excel 2013

Database Design

Using Microsoft Access 2013

Using Excel and Access Together

Network and Cloud Technology

Enterprise Resource Planning Erpsystems

Supply Chain Management

Enterprise Social Networks and Knowledge Management

Database Marketing

Reporting Systems and Olap

International Mis

Systems Development Project Management

Agile Development

Business Process Management

Filters