Question 1

Logic bombs are variations of Trojan horses that can reproduce themselves to disrupt the normal functioning of a computer.

Accepted Answer

A) True 
 B)False

Question 2

RBS Publishing is a leading media company in France.The company handles sensitive information and often finds it susceptible to information threats.As a counter measure the company installs strong firewalls and protective software.These steps are a part of a ________ strategy.

Accepted Answer

A)  risk acceptance 
B)  risk reduction 
C)  risk mitigation 
D)  risk transference 
E)  risk rescheduling 
A)  risk acceptance 
B)  risk reduction 
C)  risk mitigation 
D)  risk transference 
E)  risk rescheduling

Question 3

What is risk analysis? What are the three ways in which organizations react to perceived risks?

Accepted Answer

Risk analysis is a process in which the

Question 4

What is unauthorized access? Provide a few examples of unauthorized access.

Accepted Answer

Unauthorized access occurs whenever peop

Question 5

A hacker takes an individual's Social Security number,credit card number,and other personal information for the purpose of using the victim's credit rating to run up debts that are never repaid.This practice is called ________.

Accepted Answer

A)  identity theft 
B)  cyberstalking 
C)  cyberbullying 
D)  bot herding 
E)  viral marketing 
A)  identity theft 
B)  cyberstalking 
C)  cyberbullying 
D)  bot herding 
E)  viral marketing

Question 6

In ________,an attacker accesses the network,intercepts data from it,and even uses network services and/or sends attack instructions to it without having to enter the home,office,or organization that owns the network.

Accepted Answer

A)  drive-by hacking 
B)  hacktivism 
C)  viral marketing 
D)  cybersquatting 
E)  denial-of-service 
A)  drive-by hacking 
B)  hacktivism 
C)  viral marketing 
D)  cybersquatting 
E)  denial-of-service

Question 7

Patriot hackers are independent citizens or supporters of a country that perpetrate attacks on perceived or real enemies.

Accepted Answer

A) True 
 B)False

Question 8

________ targeted at networks,is designed to spread by itself,without the need for an infected host file to be shared.

Accepted Answer

A)  Adware 
B)  Spyware 
C)  A worm 
D)  Spam 
E)  A logic bomb 
A)  Adware 
B)  Spyware 
C)  A worm 
D)  Spam 
E)  A logic bomb

Question 9

A firewall is a part of a computer system designed to detect intrusion and prevent unauthorized access to or from a private network.

Accepted Answer

A) True 
 B)False

Question 10

The Computer Fraud and Abuse Act of 1986 prohibits ________.

Accepted Answer

A)  accessing company intranet and confidential information from public computers 
B)  stealing or compromising data about national defense,foreign relations,atomic energy,or other restricted information 
C)  the use of external devices to provide access and information to companies' confidential information 
D)  contracting with consultants outside the United States to process information 
E)  access to company extranets when outsourcing work to clients overseas 
A)  accessing company intranet and confidential information from public computers 
B)  stealing or compromising data about national defense,foreign relations,atomic energy,or other restricted information 
C)  the use of external devices to provide access and information to companies' confidential information 
D)  contracting with consultants outside the United States to process information 
E)  access to company extranets when outsourcing work to clients overseas

Question 11

Ronald downloads a movie from the Internet onto his company's computer.During this process,his system gets affected by a virus.The virus spreads rapidly in the company's network and causes the server to crash.This type of virus is most likely to be ________.

Accepted Answer

A)  adware 
B)  phishing mail 
C)  spam 
D)  a worm 
E)  a Trojan horse 
A)  adware 
B)  phishing mail 
C)  spam 
D)  a worm 
E)  a Trojan horse

Question 12

A ________ is nothing more than an empty warehouse with all necessary connections for power and communication but nothing else.

Accepted Answer

A)  cold backup site 
B)  buying center 
C)  botnet 
D)  firewall 
E)  collocation facility 
A)  cold backup site 
B)  buying center 
C)  botnet 
D)  firewall 
E)  collocation facility

Question 13

________ refers to any software that covertly gathers information about a user through an Internet connection without the user's knowledge.

Accepted Answer

A)  Spyware 
B)  Spam 
C)  Web filter 
D)  Cookie 
E)  Bot herder 
A)  Spyware 
B)  Spam 
C)  Web filter 
D)  Cookie 
E)  Bot herder

Question 14

________ is an attempt to trick financial account and credit card holders into giving away their authentication information,usually by sending spam messages to literally millions of e-mail accounts.

Accepted Answer

A)  Phishing 
B)  Cyber tunneling 
C)  Viral marketing 
D)  Logic bombing 
E)  Hacking 
A)  Phishing 
B)  Cyber tunneling 
C)  Viral marketing 
D)  Logic bombing 
E)  Hacking

Question 15

Organizations periodically have an external entity review the controls so as to uncover any potential problems in the controls.This process is called ________.

Accepted Answer

A)  information systems audit 
B)  risk analysis 
C)  information modification 
D)  recovery plan objective analysis 
E)  business continuity plan 
A)  information systems audit 
B)  risk analysis 
C)  information modification 
D)  recovery plan objective analysis 
E)  business continuity plan

Question 16

Which of the following is a valid observation about encryption?

Accepted Answer

A)  Encrypted messages cannot be deciphered without the decoding key. 
B)  Encryption is used for data enhancement rather than data protection. 
C)  Encryption is performed only after the messages enter the network. 
D)  The encryption approach is not dependent on the type of data transmission. 
E)  Encryption implementation is an expensive process and needs an authentication from a relevant authority. 
A)  Encrypted messages cannot be deciphered without the decoding key. 
B)  Encryption is used for data enhancement rather than data protection. 
C)  Encryption is performed only after the messages enter the network. 
D)  The encryption approach is not dependent on the type of data transmission. 
E)  Encryption implementation is an expensive process and needs an authentication from a relevant authority.

Question 17

Recovery point objectives of a recovery plan specify ________.

Accepted Answer

A)  the maximum time allowed to recover from a catastrophic event 
B)  data structures and patterns of the data 
C)  the minimum time after which response should be allowed in a catastrophic event 
D)  how current the backup data should be 
E)  the capacity of a backup server in storing the necessary data 
A)  the maximum time allowed to recover from a catastrophic event 
B)  data structures and patterns of the data 
C)  the minimum time after which response should be allowed in a catastrophic event 
D)  how current the backup data should be 
E)  the capacity of a backup server in storing the necessary data

Question 18

Violating data belonging to banks or other financial institutions is a crime in the United States.Which of the following legislations prohibit such violations?

Accepted Answer

A)  the Foreign Intelligence Surveillance Act 
B)  the Computer Fraud and Abuse Act 
C)  the Patriot Act 
D)  the Banking Rights and Privacy Act 
E)  the Electronic Communications Privacy Act 
A)  the Foreign Intelligence Surveillance Act 
B)  the Computer Fraud and Abuse Act 
C)  the Patriot Act 
D)  the Banking Rights and Privacy Act 
E)  the Electronic Communications Privacy Act

Question 19

Employees steal time on company computers to do personal business.This is a form of unauthorized access.

Accepted Answer

A) True 
 B)False

Question 20

A cookie is a message passed to a Web browser on a user's computer by a Web server.

Accepted Answer

A) True 
 B)False

Logic bombs are variations of Trojan horses that can reproduce themselves to disrupt the normal functioning of a computer.

RBS Publishing is a leading media company in France.The company handles sensitive information and often finds it susceptible to information threats.As a counter measure the company installs strong firewalls and protective software.These steps are a part of a ________ strategy.

What is risk analysis? What are the three ways in which organizations react to perceived risks?

What is unauthorized access? Provide a few examples of unauthorized access.

A hacker takes an individual's Social Security number,credit card number,and other personal information for the purpose of using the victim's credit rating to run up debts that are never repaid.This practice is called ________.

In ________,an attacker accesses the network,intercepts data from it,and even uses network services and/or sends attack instructions to it without having to enter the home,office,or organization that owns the network.

Patriot hackers are independent citizens or supporters of a country that perpetrate attacks on perceived or real enemies.

________ targeted at networks,is designed to spread by itself,without the need for an infected host file to be shared.

A firewall is a part of a computer system designed to detect intrusion and prevent unauthorized access to or from a private network.

The Computer Fraud and Abuse Act of 1986 prohibits ________.

Ronald downloads a movie from the Internet onto his company's computer.During this process,his system gets affected by a virus.The virus spreads rapidly in the company's network and causes the server to crash.This type of virus is most likely to be ________.

A ________ is nothing more than an empty warehouse with all necessary connections for power and communication but nothing else.

________ refers to any software that covertly gathers information about a user through an Internet connection without the user's knowledge.

________ is an attempt to trick financial account and credit card holders into giving away their authentication information,usually by sending spam messages to literally millions of e-mail accounts.

Organizations periodically have an external entity review the controls so as to uncover any potential problems in the controls.This process is called ________.

Which of the following is a valid observation about encryption?

Recovery point objectives of a recovery plan specify ________.

Violating data belonging to banks or other financial institutions is a crime in the United States.Which of the following legislations prohibit such violations?

Employees steal time on company computers to do personal business.This is a form of unauthorized access.

A cookie is a message passed to a Web browser on a user's computer by a Web server.

Managing in the Digital World

Gaining Competitive Advantage Through Information Systems

Managing the Information Systems Infrastructure and Services

Enabling Business-to-Consumer Electronic Commerce

Enhancing Organizational Communication and Collaboration Using Social Media

Enhancing Business Intelligence Using Information Systems

Enhancing Business Processes Using Enterprise Information Systems

Strengthening Business-to-Business Relationships via Supply Chain and Customer Relationship

Developing and Acquiring Information Systems

Foundations of Information Systems Infrastructure

Filters

Exam 10: Securing Information Systems

Logic bombs are variations of Trojan horses that can reproduce themselves to disrupt the normal functioning of a computer.

RBS Publishing is a leading media company in France.The company handles sensitive information and often finds it susceptible to information threats.As a counter measure the company installs strong firewalls and protective software.These steps are a part of a ________ strategy.

What is risk analysis? What are the three ways in which organizations react to perceived risks?

What is unauthorized access? Provide a few examples of unauthorized access.

A hacker takes an individual's Social Security number,credit card number,and other personal information for the purpose of using the victim's credit rating to run up debts that are never repaid.This practice is called ________.

In ________,an attacker accesses the network,intercepts data from it,and even uses network services and/or sends attack instructions to it without having to enter the home,office,or organization that owns the network.

Patriot hackers are independent citizens or supporters of a country that perpetrate attacks on perceived or real enemies.

________ targeted at networks,is designed to spread by itself,without the need for an infected host file to be shared.

A firewall is a part of a computer system designed to detect intrusion and prevent unauthorized access to or from a private network.

The Computer Fraud and Abuse Act of 1986 prohibits ________.

Ronald downloads a movie from the Internet onto his company's computer.During this process,his system gets affected by a virus.The virus spreads rapidly in the company's network and causes the server to crash.This type of virus is most likely to be ________.

A ________ is nothing more than an empty warehouse with all necessary connections for power and communication but nothing else.

________ refers to any software that covertly gathers information about a user through an Internet connection without the user's knowledge.

________ is an attempt to trick financial account and credit card holders into giving away their authentication information,usually by sending spam messages to literally millions of e-mail accounts.

Organizations periodically have an external entity review the controls so as to uncover any potential problems in the controls.This process is called ________.

Which of the following is a valid observation about encryption?

Recovery point objectives of a recovery plan specify ________.

Violating data belonging to banks or other financial institutions is a crime in the United States.Which of the following legislations prohibit such violations?

Employees steal time on company computers to do personal business.This is a form of unauthorized access.

A cookie is a message passed to a Web browser on a user's computer by a Web server.

Managing in the Digital World

Gaining Competitive Advantage Through Information Systems

Managing the Information Systems Infrastructure and Services

Enabling Business-to-Consumer Electronic Commerce

Enhancing Organizational Communication and Collaboration Using Social Media

Enhancing Business Intelligence Using Information Systems

Enhancing Business Processes Using Enterprise Information Systems

Strengthening Business-to-Business Relationships via Supply Chain and Customer Relationship

Developing and Acquiring Information Systems

Foundations of Information Systems Infrastructure

Filters