Question 1

Describe briefly a few of the physical threats posed by hackers to information security with examples for each.

Accepted Answer

A user must make it a priority to create

Question 2

A vast majority of security breaches are not preventable and happen despite the best security practices.

Accepted Answer

A) True 
 B)False

Question 3

Spear phishing attacks specifically target a given organization or group of users.

Accepted Answer

A) True 
 B)False

Question 4

In public-key encryption systems, the functions of the public and private keys are interchangeable.

Accepted Answer

A) True 
 B)False

Question 5

A protester seeking to make a political point by leveraging technology tools, often through system infiltration, defacement, or damage is called a(n) _____.

Accepted Answer

A)  activist 
B)  cyber agitator 
C)  hacktivist 
D)  ethical hacker 
E)  cybersquatter 
A)  activist 
B)  cyber agitator 
C)  hacktivist 
D)  ethical hacker 
E)  cybersquatter

Question 6

What are some of the key managerial takeaways from the Target security breach?

Accepted Answer

The Target security breach is a very imp

Question 7

The phrase ______________ refers to security where identity is proven by presenting more than one item for proof of credentials. Multiple factors often include a password and some other identifier such as a unique code sent via e-mail or mobile phone text, a biometric reading (e.g. fingerprint or iris scan), a swipe or tap card, or other form if identification

Accepted Answer

two-factor

Question 8

Briefly explain the steps one should take to ensure that their highest priority accounts are not compromised easily by hackers.

Accepted Answer

A user must make it a priority to create

Question 9

Which of the following are considered sources of information that can potentially be used by social engineers?

Accepted Answer

A)  LinkedIn 
B)  Corproate directories 
C)  Social media posts 
D)  Contests or surveys 
E)  All of the above 
A)  LinkedIn 
B)  Corproate directories 
C)  Social media posts 
D)  Contests or surveys 
E)  All of the above

Question 10

Which of the following is a valid statement on information security?

Accepted Answer

A)  Security breaches cannot be prevented despite the adoption of the best security policies. 
B)  Technology lapses are solely responsible for almost all security breaches. 
C)  Information security is everybody's responsibility. 
D)  Greater expenditure on security products is the only way to contain security breaches. 
E)  A reactive, rather than proactive, approach is better suited for dealing with security breaches. 
A)  Security breaches cannot be prevented despite the adoption of the best security policies. 
B)  Technology lapses are solely responsible for almost all security breaches. 
C)  Information security is everybody's responsibility. 
D)  Greater expenditure on security products is the only way to contain security breaches. 
E)  A reactive, rather than proactive, approach is better suited for dealing with security breaches.

Question 11

A bank customer receives a message, ostensibly from the bank's Web site, asking her to provide her login information. Assuming the message is intended to defraud the customer, what type of infiltration technique is being used here?

Accepted Answer

A)  Spyware 
B)  Malware 
C)  Social engineering 
D)  Phishing 
E)  Virus infections 
A)  Spyware 
B)  Malware 
C)  Social engineering 
D)  Phishing 
E)  Virus infections

Question 12

One of the reasons organizations delay patches to plug holes in their security applications is:

Accepted Answer

A)  the rising cost of labor. 
B)  lack of information on effectiveness of patches. 
C)  the fear that the new technology contains a change that will cause problems down the road. 
D)  redundancy of patches within a short span of time. 
E)  bureaucratic inefficiency. 
A)  the rising cost of labor. 
B)  lack of information on effectiveness of patches. 
C)  the fear that the new technology contains a change that will cause problems down the road. 
D)  redundancy of patches within a short span of time. 
E)  bureaucratic inefficiency.

Question 13

Computer systems are often infected with malware by means of exploits that sneak in masquerading as something they are not. These exploits are called:

Accepted Answer

A)  rootkits. 
B)  trojans. 
C)  viruses. 
D)  worms. 
E)  honeypots. 
A)  rootkits. 
B)  trojans. 
C)  viruses. 
D)  worms. 
E)  honeypots.

Question 14

It's bad when a firm's e-mail and password file is stolen; however the impact is minimized because user passwords set up for one system cannot be used on others.

Accepted Answer

A) True 
 B)False

Question 15

Systems that deny the entry or exit of specific IP addresses, products, Internet domains, and other communication restrictions are said to employ a(n):

Accepted Answer

A)  intrusion detection software. 
B)  access restriction software. 
C)  whitelists. 
D)  anti-virus software. 
E)  blacklists. 
A)  intrusion detection software. 
B)  access restriction software. 
C)  whitelists. 
D)  anti-virus software. 
E)  blacklists.

Question 16

Because of Moore's Law, widely-used encryption programs currently employed by banks and ecommerce sites are now easily penetrated by brute-force attacks that can be employed by hackers using just a handful of simple desktop computers.

Accepted Answer

A) True 
 B)False

Question 17

Organized crime networks now have their own R&D labs and are engaged in sophisticated development efforts to piece together methods to thwart current security measures.

Accepted Answer

A) True 
 B)False

Question 18

Updates that plug existing holes in a software are called:

Accepted Answer

A)  patches. 
B)  compliance. 
C)  maculations. 
D)  keys. 
E)  dongles. 
A)  patches. 
B)  compliance. 
C)  maculations. 
D)  keys. 
E)  dongles.

Question 19

Sifting through trash in an effort to uncover valuable data or insights that can be stolen or used to launch a security attack is known as:

Accepted Answer

A)  trash recovery. 
B)  junk exploring. 
C)  dumpster diving. 
D)  scrap sifting. 
E)  data sieving. 
A)  trash recovery. 
B)  junk exploring. 
C)  dumpster diving. 
D)  scrap sifting. 
E)  data sieving.

Question 20

What are botnets and how are criminals using this technology?

Accepted Answer

Botnets are networks of infiltrated and

Describe briefly a few of the physical threats posed by hackers to information security with examples for each.

A vast majority of security breaches are not preventable and happen despite the best security practices.

Spear phishing attacks specifically target a given organization or group of users.

In public-key encryption systems, the functions of the public and private keys are interchangeable.

A protester seeking to make a political point by leveraging technology tools, often through system infiltration, defacement, or damage is called a(n) _____.

What are some of the key managerial takeaways from the Target security breach?

Briefly explain the steps one should take to ensure that their highest priority accounts are not compromised easily by hackers.

Which of the following are considered sources of information that can potentially be used by social engineers?

Which of the following is a valid statement on information security?

A bank customer receives a message, ostensibly from the bank's Web site, asking her to provide her login information. Assuming the message is intended to defraud the customer, what type of infiltration technique is being used here?

One of the reasons organizations delay patches to plug holes in their security applications is:

Computer systems are often infected with malware by means of exploits that sneak in masquerading as something they are not. These exploits are called:

It's bad when a firm's e-mail and password file is stolen; however the impact is minimized because user passwords set up for one system cannot be used on others.

Systems that deny the entry or exit of specific IP addresses, products, Internet domains, and other communication restrictions are said to employ a(n):

Because of Moore's Law, widely-used encryption programs currently employed by banks and ecommerce sites are now easily penetrated by brute-force attacks that can be employed by hackers using just a handful of simple desktop computers.

Organized crime networks now have their own R&D labs and are engaged in sophisticated development efforts to piece together methods to thwart current security measures.

Updates that plug existing holes in a software are called:

Sifting through trash in an effort to uncover valuable data or insights that can be stolen or used to launch a security attack is known as:

What are botnets and how are criminals using this technology?

Setting the Stage: Technology and the Modern Enterprise

Strategy and Technology: Concepts and Frameworks for Understanding What Separates Winners From Losers

Zara: Fast Fashion From Savvy Systems

Netflix in Two Acts: the Making of an E-Commerce Giant and the Uncertain Future of Atoms to Bits

Moores Law and More: Fast, Cheap Computing and What This Means for the Manager

Disruptive Technologies: Understanding the Giant Killers and Considerations for Avoiding Extinction

Amazoncom: an Empire Stretching From Cardboard Box to Kindle to Cloud

Understanding Network Effects: Strategies for Competing in a Platform-Centric, Winner-Take-All World

Social Media, Peer Production, and Web 2.0

The Sharing Economy, Collaborative Consumption, and Creating More Efficient Markets Through Technology

Facebook: Building a Business From the Social Graph

Rent the Runway: Entrepreneurs Expanding an Industry by Blending Tech With Fashion, John Gallaugher - Information Systems: a Managers Guide to Harnessing Technology, Version 40

Understanding Software: a Primer for Managers

Software in Flux: Partly Cloudy and Sometimes Free

The Data Asset: Databases, Business Intelligence, Analytics, Big Data, and Competitive Advantage

A Managers Guide to the Internet and Telecommunications

Google in Three Parts: Search, Online Advertising, and Beyond

Filters

Exam 17: Information Security: Barbarians at the Gateway and Just About Everywhere Else

Describe briefly a few of the physical threats posed by hackers to information security with examples for each.

A vast majority of security breaches are not preventable and happen despite the best security practices.

Spear phishing attacks specifically target a given organization or group of users.

In public-key encryption systems, the functions of the public and private keys are interchangeable.

A protester seeking to make a political point by leveraging technology tools, often through system infiltration, defacement, or damage is called a(n) _____.

What are some of the key managerial takeaways from the Target security breach?

Briefly explain the steps one should take to ensure that their highest priority accounts are not compromised easily by hackers.

Which of the following are considered sources of information that can potentially be used by social engineers?

Which of the following is a valid statement on information security?

A bank customer receives a message, ostensibly from the bank's Web site, asking her to provide her login information. Assuming the message is intended to defraud the customer, what type of infiltration technique is being used here?

One of the reasons organizations delay patches to plug holes in their security applications is:

Computer systems are often infected with malware by means of exploits that sneak in masquerading as something they are not. These exploits are called:

It's bad when a firm's e-mail and password file is stolen; however the impact is minimized because user passwords set up for one system cannot be used on others.

Systems that deny the entry or exit of specific IP addresses, products, Internet domains, and other communication restrictions are said to employ a(n):

Because of Moore's Law, widely-used encryption programs currently employed by banks and ecommerce sites are now easily penetrated by brute-force attacks that can be employed by hackers using just a handful of simple desktop computers.

Organized crime networks now have their own R&D labs and are engaged in sophisticated development efforts to piece together methods to thwart current security measures.

Updates that plug existing holes in a software are called:

Sifting through trash in an effort to uncover valuable data or insights that can be stolen or used to launch a security attack is known as:

What are botnets and how are criminals using this technology?

Setting the Stage: Technology and the Modern Enterprise

Strategy and Technology: Concepts and Frameworks for Understanding What Separates Winners From Losers

Zara: Fast Fashion From Savvy Systems

Netflix in Two Acts: the Making of an E-Commerce Giant and the Uncertain Future of Atoms to Bits

Moores Law and More: Fast, Cheap Computing and What This Means for the Manager

Disruptive Technologies: Understanding the Giant Killers and Considerations for Avoiding Extinction

Amazoncom: an Empire Stretching From Cardboard Box to Kindle to Cloud

Understanding Network Effects: Strategies for Competing in a Platform-Centric, Winner-Take-All World

Social Media, Peer Production, and Web 2.0

The Sharing Economy, Collaborative Consumption, and Creating More Efficient Markets Through Technology

Facebook: Building a Business From the Social Graph

Rent the Runway: Entrepreneurs Expanding an Industry by Blending Tech With Fashion, John Gallaugher - Information Systems: a Managers Guide to Harnessing Technology, Version 40

Understanding Software: a Primer for Managers

Software in Flux: Partly Cloudy and Sometimes Free

The Data Asset: Databases, Business Intelligence, Analytics, Big Data, and Competitive Advantage

A Managers Guide to the Internet and Telecommunications

Google in Three Parts: Search, Online Advertising, and Beyond

Filters