Exam 3: Computer and Internet Crime

A(n) ____ works to prevent an attack by blocking viruses, malformed packets, and other threats from getting into the protected network.

The amount of resources that can guarantee a perfect security system is ____________________.

____ is a form of security incident that first registered on the CSI Computer Crime and Security Survey in 2007.

The ____________________ Act went into effect in 2004 and states that it is legal to spam provided messages meet a few basic requirements.

The concept of ____ recognizes that managers must use their judgment to ensure that the cost of control does not exceed the system's benefits or the risks involved.

Chinese hackers have repeatedly hacked into systems to intercept e-mails between U.S. and UK officials. This is an example of ____.

It is estimated that about one in ____ personal computers in the United States is part of a botnet.

A security policy outlines what needs to be done but not ____ to do it.

Spammers can defeat the registration process of free e-mail services by launching a coordinated bot attack that can sign up for thousands of e-mail accounts. A partial solution to this problem is the use of ____________________ to ensure that only humans obtain free accounts.

A software and/or hardware device that monitors system and network resources and activities, and notifies network security personnel when it identifies possible intrusions from outside the organization or misuse from within the organization is a(n) ____.

Although the necessity of security is obvious, it must often be balanced against other business needs and issues. As a result, most organizations spend 5 percent or less of their overall IT budget on information security.

A form of network used to provide more secure communication over the Internet, especially when using mobile devices, is called a ____________________.

People who test the limitations of information systems out of intellectual curiosity to see whether they can gain access and how far they can go are called ____________________.

A(n) ____ is a term for any sort of general attack on an information system that takes advantage of a particular system vulnerability.

People, motivated by the potential for monetary gain, who hack into corporate computers to steal are called ____________________.

The ____ is a nonregulatory federal agency within the U.S. Department of Commerce whose Computer Security Division develops security standards and technology against threats to the confidentiality, integrity, and availability of information and services.

A(n) ____________________ is a type of Trojan horse which executes when it is triggered by a specific event.

An employee who seeks to disrupt his firm's information systems or to use them to seek financial gain is called a(n) ____________________.

A completed risk assessment identifies the most dangerous threats to a company and helps focus security efforts on the areas of highest payoff.

The Societe Generale employee alleged to have committed fraud against the firm that resulted in a loss to the bank of some €4.9 billion was ____.