Question 1

Why is software quality important to security? What specific steps can an organization take to ensure software quality?

Accepted Answer

Software errors pose a constant threat t

Question 2

Smartphones have the same security flaws as other Internet-connected devices.

Accepted Answer

A) True 
 B)False

Question 3

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

Accepted Answer

A)  high availability computing 
B)  deep packet inspection 
C)  application proxy filtering 
D)  stateful inspection 
E)  fault-tolerant computing 
A)  high availability computing 
B)  deep packet inspection 
C)  application proxy filtering 
D)  stateful inspection 
E)  fault-tolerant computing

Question 4

The distributed nature of cloud computing makes it somewhat easier to track unauthorized access.

Accepted Answer

A) True 
 B)False

Question 5

Name and describe four firewall screening technologies.

Accepted Answer

There are a number of firewall screening

Question 6

All of the following are types of information systems general controls except:

Accepted Answer

A)  application controls. 
B)  implementation controls. 
C)  physical hardware controls. 
D)  administrative controls. 
E)  data security controls. 
A)  application controls. 
B)  implementation controls. 
C)  physical hardware controls. 
D)  administrative controls. 
E)  data security controls.

Question 7

An independent computer program that copies itself from one computer to another over a network is called a:

Accepted Answer

A)  worm. 
B)  Trojan horse. 
C)  bug. 
D)  pest. 
E)  sniffer. 
A)  worm. 
B)  Trojan horse. 
C)  bug. 
D)  pest. 
E)  sniffer.

Question 8

Which of the following provides additional security by determining whether packets are part of an ongoing dialogue between a sender and receiver?

Accepted Answer

A)  NAT 
B)  Packet filtering 
C)  Deep packet inspection 
D)  Stateful inspection 
E)  Application proxy filtering 
A)  NAT 
B)  Packet filtering 
C)  Deep packet inspection 
D)  Stateful inspection 
E)  Application proxy filtering

Question 9

The most common type of electronic evidence is:

Accepted Answer

A)  voice-mail. 
B)  spreadsheets. 
C)  instant messages. 
D)  email. 
E)  e-commerce transactions over the Internet. 
A)  voice-mail. 
B)  spreadsheets. 
C)  instant messages. 
D)  email. 
E)  e-commerce transactions over the Internet.

Question 10

Which of the following is not an example of a computer used as an instrument of crime?

Accepted Answer

A)  Theft of trade secrets 
B)  Intentionally attempting to intercept electronic communication 
C)  Unauthorized copying of software 
D)  Breaching the confidentiality of protected computerized data 
E)  Illegally accessing stored electronic communications 
A)  Theft of trade secrets 
B)  Intentionally attempting to intercept electronic communication 
C)  Unauthorized copying of software 
D)  Breaching the confidentiality of protected computerized data 
E)  Illegally accessing stored electronic communications

Question 11

According to Ponemon Institute's 2014 Annual Cost of Cyber Crime Study, the average annualized cost of cybercrime for companies in the United States was approximately:

Accepted Answer

A)  $1.27 million. 
B)  $12.7 million. 
C)  $127 million. 
D)  $1.27 billion. 
E)  $12.7 billion. 
A)  $1.27 million. 
B)  $12.7 million. 
C)  $127 million. 
D)  $1.27 billion. 
E)  $12.7 billion.

Question 12

Which of the following statements about botnets is not true?

Accepted Answer

A)  Eighty percent of the world's malware is delivered by botnets. 
B)  Botnets are often used to perpetrate DDoS attacks. 
C)  Ninety percent of the world's spam is delivered by botnets. 
D)  Botnets are often used for click fraud. 
E)  It is not possible to make a smartphone part of a botnet. 
A)  Eighty percent of the world's malware is delivered by botnets. 
B)  Botnets are often used to perpetrate DDoS attacks. 
C)  Ninety percent of the world's spam is delivered by botnets. 
D)  Botnets are often used for click fraud. 
E)  It is not possible to make a smartphone part of a botnet.

Question 13

Which of the following statements about Internet security is not true?

Accepted Answer

A)  The use of P2P networks can expose a corporate computer to outsiders. 
B)  A corporate network without access to the Internet is more secure than one that provides access. 
C)  VoIP is more secure than the switched voice network. 
D)  Instant messaging can provide hackers access to an otherwise secure network. 
E)  Most VoIP traffic is not encrypted. 
A)  The use of P2P networks can expose a corporate computer to outsiders. 
B)  A corporate network without access to the Internet is more secure than one that provides access. 
C)  VoIP is more secure than the switched voice network. 
D)  Instant messaging can provide hackers access to an otherwise secure network. 
E)  Most VoIP traffic is not encrypted.

Question 14

Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.

Accepted Answer

A) True 
 B)False

Question 15

Specific security challenges that threaten the communications lines in a client/server environment include:

Accepted Answer

A)  tapping, sniffing, message alteration, and radiation. 
B)  hacking, vandalism, and denial of service attacks. 
C)  theft, copying, alteration of data, and hardware or software failure. 
D)  unauthorized access, errors, and spyware. 
E)  errors, vandalism, and malware. 
A)  tapping, sniffing, message alteration, and radiation. 
B)  hacking, vandalism, and denial of service attacks. 
C)  theft, copying, alteration of data, and hardware or software failure. 
D)  unauthorized access, errors, and spyware. 
E)  errors, vandalism, and malware.

Question 16

Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems.

Accepted Answer

A)  DPI 
B)  MSSP 
C)  NSP 
D)  UTM 
E)  SSL 
A)  DPI 
B)  MSSP 
C)  NSP 
D)  UTM 
E)  SSL

Question 17

Authorization refers to the ability to know that a person is who he or she claims to be.

Accepted Answer

A) True 
 B)False

Question 18

The term cracker is used to identify a hacker whose specialty is breaking open security systems.

Accepted Answer

A) True 
 B)False

Question 19

Public key encryption uses two keys.

Accepted Answer

A) True 
 B)False

Question 20

Is the cloud a safer and more secure computing environment than an in-house network? Why or why not?

Accepted Answer

Student evaluations will vary, but shoul

Why is software quality important to security? What specific steps can an organization take to ensure software quality?

Smartphones have the same security flaws as other Internet-connected devices.

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

The distributed nature of cloud computing makes it somewhat easier to track unauthorized access.

Name and describe four firewall screening technologies.

All of the following are types of information systems general controls except:

An independent computer program that copies itself from one computer to another over a network is called a:

Which of the following provides additional security by determining whether packets are part of an ongoing dialogue between a sender and receiver?

The most common type of electronic evidence is:

Which of the following is not an example of a computer used as an instrument of crime?

According to Ponemon Institute's 2014 Annual Cost of Cyber Crime Study, the average annualized cost of cybercrime for companies in the United States was approximately:

Which of the following statements about botnets is not true?

Which of the following statements about Internet security is not true?

Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.

Specific security challenges that threaten the communications lines in a client/server environment include:

Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems.

Authorization refers to the ability to know that a person is who he or she claims to be.

The term cracker is used to identify a hacker whose specialty is breaking open security systems.

Public key encryption uses two keys.

Is the cloud a safer and more secure computing environment than an in-house network? Why or why not?

Business Information Systems in Your Career

Global E-Business and Collaboration

Achieving Competitive Advantage With Information Systems

Ethical and Social Issues in Information Systems

It Infrastructure: Hardware and Software

Foundations of Business Intelligence: Databases and

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy:

E-Commerce: Digital Markets, Digital Goods

Improving Decision Making and Managing Knowledge

Building Information Systems and Managing Projects

Filters

Exam 8: Securing Information Systems

Why is software quality important to security? What specific steps can an organization take to ensure software quality?

Smartphones have the same security flaws as other Internet-connected devices.

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

The distributed nature of cloud computing makes it somewhat easier to track unauthorized access.

Name and describe four firewall screening technologies.

All of the following are types of information systems general controls except:

An independent computer program that copies itself from one computer to another over a network is called a:

Which of the following provides additional security by determining whether packets are part of an ongoing dialogue between a sender and receiver?

The most common type of electronic evidence is:

Which of the following is not an example of a computer used as an instrument of crime?

According to Ponemon Institute's 2014 Annual Cost of Cyber Crime Study, the average annualized cost of cybercrime for companies in the United States was approximately:

Which of the following statements about botnets is not true?

Which of the following statements about Internet security is not true?

Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.

Specific security challenges that threaten the communications lines in a client/server environment include:

Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems.

Authorization refers to the ability to know that a person is who he or she claims to be.

The term cracker is used to identify a hacker whose specialty is breaking open security systems.

Public key encryption uses two keys.

Is the cloud a safer and more secure computing environment than an in-house network? Why or why not?

Business Information Systems in Your Career

Global E-Business and Collaboration

Achieving Competitive Advantage With Information Systems

Ethical and Social Issues in Information Systems

It Infrastructure: Hardware and Software

Foundations of Business Intelligence: Databases and

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy:

E-Commerce: Digital Markets, Digital Goods

Improving Decision Making and Managing Knowledge

Building Information Systems and Managing Projects

Filters