Question 1

Updates that plug existing holes in a software are called:

Accepted Answer

A)  patches. 
B)  adware. 
C)  maculations. 
D)  keys. 
E)  cracks. 
A)  patches. 
B)  adware. 
C)  maculations. 
D)  keys. 
E)  cracks. A

Question 2

Regularly updated software lowers a system's vulnerable attack surface.

Accepted Answer

A) True 
 B)False  True

Question 3

Which of the following statements is consistent with ground realities regarding information security?

Accepted Answer

A)  Cyber-crime is not yet considered a serious enough threat to warrant the attention of law-enforcement agencies. 
B)  Law-enforcement agencies are well-resourced to fight cyber-crimes effectively. 
C)  Governments usually outmatch private industry in terms of retaining top talent with incentives and generous pay. 
D)  Law-enforcement agencies employ technically inept employees who are incapable of keeping pace with today's cyber-criminals. 
E)  Cyber-crime is not rewarding in terms of financial gain. 
A)  Cyber-crime is not yet considered a serious enough threat to warrant the attention of law-enforcement agencies. 
B)  Law-enforcement agencies are well-resourced to fight cyber-crimes effectively. 
C)  Governments usually outmatch private industry in terms of retaining top talent with incentives and generous pay. 
D)  Law-enforcement agencies employ technically inept employees who are incapable of keeping pace with today's cyber-criminals. 
E)  Cyber-crime is not rewarding in terms of financial gain. D

Question 4

Which of the following could be one of the ways firms lockdown personnel hardware?

Accepted Answer

A)  Mandate the use of industry-standard software alone on company hardware 
B)  Implement frequent overhaul of hardware 
C)  Dispose of used hardware after annual audits 
D)  Regularly initiate software auditing 
E)  Regularly reimage the hard-drives of end user PCs 
A)  Mandate the use of industry-standard software alone on company hardware 
B)  Implement frequent overhaul of hardware 
C)  Dispose of used hardware after annual audits 
D)  Regularly initiate software auditing 
E)  Regularly reimage the hard-drives of end user PCs

Question 5

The information systems of several firms have been compromised by contract employees,cleaning staff, and temporary staffers.

Accepted Answer

A) True 
 B)False

Question 6

It should be evident from the TJX example that:

Accepted Answer

A)  security breaches are not as damaging to companies as other crimes are. 
B)  industry guidelines for information security are not suitable for everyone and should be made optional. 
C)  information security must be a top organizational priority. 
D)  skimping on liability insurance to cover for financial losses from security breaches is not advisable. 
E)  with a little effort and resources, it is possible to make any security system hundred percent foolproof. 
A)  security breaches are not as damaging to companies as other crimes are. 
B)  industry guidelines for information security are not suitable for everyone and should be made optional. 
C)  information security must be a top organizational priority. 
D)  skimping on liability insurance to cover for financial losses from security breaches is not advisable. 
E)  with a little effort and resources, it is possible to make any security system hundred percent foolproof.

Question 7

Organized crime networks now have their own R&D labs and are engaged in sophisticated development efforts to piece together methods to thwart current security measures.

Accepted Answer

A) True 
 B)False

Question 8

Spyware is defined as a type of software that:

Accepted Answer

A)  clogs up network traffic and disables networks. 
B)  monitors user actions or scans for files surreptitiously. 
C)  infects other software and decreases the network speeds. 
D)  serves up unwanted advertisements after being installed without user knowledge. 
E)  scans for loopholes in other software and releases malware payloads. 
A)  clogs up network traffic and disables networks. 
B)  monitors user actions or scans for files surreptitiously. 
C)  infects other software and decreases the network speeds. 
D)  serves up unwanted advertisements after being installed without user knowledge. 
E)  scans for loopholes in other software and releases malware payloads.

Question 9

A domain name service is a collection of software that:

Accepted Answer

A)  allots domain names to different Web sites. 
B)  assigns IP addresses to different systems. 
C)  directs the flow of traffic across the Internet. 
D)  maintains a registry of different IP addresses. 
E)  maps an Internet address to an IP address. 
A)  allots domain names to different Web sites. 
B)  assigns IP addresses to different systems. 
C)  directs the flow of traffic across the Internet. 
D)  maintains a registry of different IP addresses. 
E)  maps an Internet address to an IP address.

Question 10

Conforming to industry-standard guidelines and frameworks for organizational security ensures continued immunity from attacks on an organization's information.

Accepted Answer

A) True 
 B)False

Question 11

Dumpster diving refers to physically trawling through trash to mine any valuable data or insights that can be stolen or used in a security attack.

Accepted Answer

A) True 
 B)False

Question 12

Technologies that measure and analyze human body characteristics for identification or authentication are known as _____.

Accepted Answer

A)  overlamination processes 
B)  biometrics 
C)  smart tags 
D)  bio-embedded systems 
E)  holographs 
A)  overlamination processes 
B)  biometrics 
C)  smart tags 
D)  bio-embedded systems 
E)  holographs

Question 13

Even the best implemented encryption programs have not been immune to brute-force attacks by hackers.

Accepted Answer

A) True 
 B)False

Question 14

One of the reasons organizations delay patches to plug holes in their security applications is:

Accepted Answer

A)  the rising cost of labor. 
B)  lack of information on effectiveness of patches. 
C)  the fear that the new technology contains a change that will cause problems down the road. 
D)  redundancy of patches within a short span of time. 
E)  bureaucratic inefficiency. 
A)  the rising cost of labor. 
B)  lack of information on effectiveness of patches. 
C)  the fear that the new technology contains a change that will cause problems down the road. 
D)  redundancy of patches within a short span of time. 
E)  bureaucratic inefficiency.

Question 15

An organization's partner firms that should be regularly audited to ensure that they are compliant with security frameworks include:

Accepted Answer

A)  clients. 
B)  technology providers and contract firms. 
C)  law-enforcement agencies. 
D)  government regulatory bodies. 
E)  international standards organizations. 
A)  clients. 
B)  technology providers and contract firms. 
C)  law-enforcement agencies. 
D)  government regulatory bodies. 
E)  international standards organizations.

Question 16

A vast majority of security breaches are not preventable and happen despite the best security practices.

Accepted Answer

A) True 
 B)False

Question 17

In public-key encryption systems, the functions of the public and private keys are interchangeable.

Accepted Answer

A) True 
 B)False

Question 18

Describe briefly how technology can be leveraged to offset the attempts of attackers to undermine information security.

Accepted Answer

Technology plays a most important role i

Question 19

The typical Web user has 6.5 passwords, each of which is used at four sites, on average.

Accepted Answer

A) True 
 B)False

Question 20

A bank customer receives a message, ostensibly from the bank's Web site, asking her to provide her login information. Assuming the message is intended to defraud the customer, what type of infiltration technique is being used here?

Accepted Answer

A)  Spyware 
B)  Malware 
C)  Social engineering 
D)  Phishing 
E)  Virus infections 
A)  Spyware 
B)  Malware 
C)  Social engineering 
D)  Phishing 
E)  Virus infections

Updates that plug existing holes in a software are called:

Regularly updated software lowers a system's vulnerable attack surface.

Which of the following statements is consistent with ground realities regarding information security?

Which of the following could be one of the ways firms lockdown personnel hardware?

The information systems of several firms have been compromised by contract employees,cleaning staff, and temporary staffers.

It should be evident from the TJX example that:

Organized crime networks now have their own R&D labs and are engaged in sophisticated development efforts to piece together methods to thwart current security measures.

Spyware is defined as a type of software that:

A domain name service is a collection of software that:

Conforming to industry-standard guidelines and frameworks for organizational security ensures continued immunity from attacks on an organization's information.

Dumpster diving refers to physically trawling through trash to mine any valuable data or insights that can be stolen or used in a security attack.

Technologies that measure and analyze human body characteristics for identification or authentication are known as _____.

Even the best implemented encryption programs have not been immune to brute-force attacks by hackers.

One of the reasons organizations delay patches to plug holes in their security applications is:

An organization's partner firms that should be regularly audited to ensure that they are compliant with security frameworks include:

A vast majority of security breaches are not preventable and happen despite the best security practices.

In public-key encryption systems, the functions of the public and private keys are interchangeable.

Describe briefly how technology can be leveraged to offset the attempts of attackers to undermine information security.

The typical Web user has 6.5 passwords, each of which is used at four sites, on average.

A bank customer receives a message, ostensibly from the bank's Web site, asking her to provide her login information. Assuming the message is intended to defraud the customer, what type of infiltration technique is being used here?

Setting the Stage: Technology and the Modern Enterprise

Strategy and Technology: Concepts and Frameworks for Understanding What Separates Winners From Losers

Zara: Fast Fashion From Savvy Systems

Netflix in Two Acts: the Making of an E-Commerce Giant and the Uncertain Future of Atoms to Bits

Moores Law and More: Fast, Cheap Computing, Disruptive Innovation, and What This Means for the Manager

Amazoncom: an Empire Stretching From Cardboard Box to Kindle to Cloud

Understanding Network Effects: Strategies for Competing in a Platform-Centric, Winner-Take-All World

Social Media, Peer Production, and Web 20

Facebook: Building a Business From the Social Graph

Understanding Software: a Primer for Managers

Software in Flux: Partly Cloudy and Sometimes Free

The Data Asset: Databases, Business Intelligence, Big Data, and Competitive Advantage

A Managers Guide to the Internet and Telecommunications

Google in Three Parts: Search, Online Advertising, and Beyond

Filters

Exam 14: Information Security: Barbarians at the Gateway and Just About Everywhere Else

Updates that plug existing holes in a software are called:

Regularly updated software lowers a system's vulnerable attack surface.

Which of the following statements is consistent with ground realities regarding information security?

Which of the following could be one of the ways firms lockdown personnel hardware?

The information systems of several firms have been compromised by contract employees,cleaning staff, and temporary staffers.

It should be evident from the TJX example that:

Organized crime networks now have their own R&D labs and are engaged in sophisticated development efforts to piece together methods to thwart current security measures.

Spyware is defined as a type of software that:

A domain name service is a collection of software that:

Conforming to industry-standard guidelines and frameworks for organizational security ensures continued immunity from attacks on an organization's information.

Dumpster diving refers to physically trawling through trash to mine any valuable data or insights that can be stolen or used in a security attack.

Technologies that measure and analyze human body characteristics for identification or authentication are known as _____.

Even the best implemented encryption programs have not been immune to brute-force attacks by hackers.

One of the reasons organizations delay patches to plug holes in their security applications is:

An organization's partner firms that should be regularly audited to ensure that they are compliant with security frameworks include:

A vast majority of security breaches are not preventable and happen despite the best security practices.

In public-key encryption systems, the functions of the public and private keys are interchangeable.

Describe briefly how technology can be leveraged to offset the attempts of attackers to undermine information security.

The typical Web user has 6.5 passwords, each of which is used at four sites, on average.

A bank customer receives a message, ostensibly from the bank's Web site, asking her to provide her login information. Assuming the message is intended to defraud the customer, what type of infiltration technique is being used here?

Setting the Stage: Technology and the Modern Enterprise

Strategy and Technology: Concepts and Frameworks for Understanding What Separates Winners From Losers

Zara: Fast Fashion From Savvy Systems

Netflix in Two Acts: the Making of an E-Commerce Giant and the Uncertain Future of Atoms to Bits

Moores Law and More: Fast, Cheap Computing, Disruptive Innovation, and What This Means for the Manager

Amazoncom: an Empire Stretching From Cardboard Box to Kindle to Cloud

Understanding Network Effects: Strategies for Competing in a Platform-Centric, Winner-Take-All World

Social Media, Peer Production, and Web 20

Facebook: Building a Business From the Social Graph

Understanding Software: a Primer for Managers

Software in Flux: Partly Cloudy and Sometimes Free

The Data Asset: Databases, Business Intelligence, Big Data, and Competitive Advantage

A Managers Guide to the Internet and Telecommunications

Google in Three Parts: Search, Online Advertising, and Beyond

Filters