Question 1

An attack on the US power grid by terrorists or a foreign power is indicative of:

Accepted Answer

A)  DDoS attacks. 
B)  espionage. 
C)  cyberwarfare. 
D)  extortion. 
E)  phishing. 
A)  DDoS attacks. 
B)  espionage. 
C)  cyberwarfare. 
D)  extortion. 
E)  phishing. C

Question 2

Hordes of surreptitiously infiltrated computers, linked and controlled remotely, are known as zombie networks or:

Accepted Answer

A)  honeypots. 
B)  zombots. 
C)  botnets. 
D)  blacklists. 
E)  megabots. 
A)  honeypots. 
B)  zombots. 
C)  botnets. 
D)  blacklists. 
E)  megabots. C

Question 3

The use of public wireless connections can increase a user's vulnerability to monitoring and compromise. ____________ software can be used to encrypt transmissions over public networks, making it more difficult for a user's PC to be penetrated.

Accepted Answer

A)  DDos 
B)  Rootkit 
C)  Keylogging 
D)  CAPTCHa 
E)  VPN 
A)  DDos 
B)  Rootkit 
C)  Keylogging 
D)  CAPTCHa 
E)  VPN E

Question 4

Public wireless networks are often vulnerable to monitoring and attack. The use of _______ software can limit threats by encrypting network transmissions over a network.

Accepted Answer

VPN or vir

Question 5

Many U.S. technology firms believe that U.S. government surveillance techniques put them at a disadvantage relative to foreign firms because:

Accepted Answer

A)  some customers have begun seeking alternative products and services untarnished by the perception of having (complicity or unwittingly) provided private information to authorities. 
B)  the cost to include government surveillance technology inside their products is expensive and lowers profits compared to rivals. 
C)  the government-required installations of software, such as Stuxnet, that U.S. tech firms must comply with inevitably take up valuable storage space, adding cost to industrial and commercial products. 
D)  the cost to house government workers on-site is a burden private corporations should not have to shoulder. 
E)  firms in foreign governments are directly contracted to perform surveillance, and are compensated for their efforts with perks and tax breaks, while U.S. firms receive no such compensation. 
A)  some customers have begun seeking alternative products and services untarnished by the perception of having (complicity or unwittingly) provided private information to authorities. 
B)  the cost to include government surveillance technology inside their products is expensive and lowers profits compared to rivals. 
C)  the government-required installations of software, such as Stuxnet, that U.S. tech firms must comply with inevitably take up valuable storage space, adding cost to industrial and commercial products. 
D)  the cost to house government workers on-site is a burden private corporations should not have to shoulder. 
E)  firms in foreign governments are directly contracted to perform surveillance, and are compensated for their efforts with perks and tax breaks, while U.S. firms receive no such compensation.

Question 6

_____ can be either software-based or deployed via hardware, such as a recording "dongle" that is plugged in between a keyboard and a PC.

Accepted Answer

A)  Shadow-keyboards 
B)  Bootloggers 
C)  KitRoots 
D)  Keyloggers 
E)  Adwares 
A)  Shadow-keyboards 
B)  Bootloggers 
C)  KitRoots 
D)  Keyloggers 
E)  Adwares

Question 7

Cyber criminals who infiltrate systems and collect data for illegal resale are called _____.

Accepted Answer

A)  cash-out fraudsters 
B)  data harvesters 
C)  corporate spies 
D)  ethical hackers 
E)  information hoarders 
A)  cash-out fraudsters 
B)  data harvesters 
C)  corporate spies 
D)  ethical hackers 
E)  information hoarders

Question 8

Information security policies would be ineffective without _____ and _____.

Accepted Answer

A)  audit; enforcement 
B)  accountability; flexibility 
C)  compliance; subjectivity 
D)  protocols; the backing of ISO 
E)  rigidity; adaptability 
A)  audit; enforcement 
B)  accountability; flexibility 
C)  compliance; subjectivity 
D)  protocols; the backing of ISO 
E)  rigidity; adaptability

Question 9

Computer systems are often infected with malware by means of exploits that sneak in masquerading as something they are not. These exploits are called:

Accepted Answer

A)  rootkits. 
B)  trojans. 
C)  viruses. 
D)  worms. 
E)  honeypots. 
A)  rootkits. 
B)  trojans. 
C)  viruses. 
D)  worms. 
E)  honeypots.

Question 10

Several surprising findings were revealed in the wake of the Target breach, providing a cautionary tale for all executives and security professionals. Which of the following was not thought to have occurred during the Target security breach?

Accepted Answer

A)  Target had security software, but the notification alerts from the software were ignored. 
B)  Target had properly installed and configured its security software, but hackers got in, anyway. 
C)  Credit card databases were on entirely separate systems, not connected to other parts of the firm's information system, but wireless networking allowed hackers to access anything reachable from a cell phone connection. 
D)  Target regularly monitored file names and matched them to file sizes and archival copies to ensure that software was not installed on their systems using the names of legitimate products, but hackers saved files with blank file names so they wouldn't be detected. 
E)  All of the above 
A)  Target had security software, but the notification alerts from the software were ignored. 
B)  Target had properly installed and configured its security software, but hackers got in, anyway. 
C)  Credit card databases were on entirely separate systems, not connected to other parts of the firm's information system, but wireless networking allowed hackers to access anything reachable from a cell phone connection. 
D)  Target regularly monitored file names and matched them to file sizes and archival copies to ensure that software was not installed on their systems using the names of legitimate products, but hackers saved files with blank file names so they wouldn't be detected. 
E)  All of the above

Question 11

Online backup services are considered a poor choice for end-users, since this only increases the liklihood that an individual's data will be hacked.

Accepted Answer

A) True 
 B)False

Question 12

A team working on organizational security should include representatives from general counsel, audit, public relations, and human resources, in addition to those from specialized security and broader technology and infrastructure functions.

Accepted Answer

A) True 
 B)False

Question 13

_____ refers to a trusted third party that provides authentication services in public key encryption schemes.

Accepted Answer

Certificat

Question 14

What are some of the key managerial takeaways from the Target security breach?

Accepted Answer

The Target security breach is a very imp

Question 15

Updates that plug existing holes in a software are called:

Accepted Answer

A)  patches. 
B)  compliance. 
C)  maculations. 
D)  keys. 
E)  dongles. 
A)  patches. 
B)  compliance. 
C)  maculations. 
D)  keys. 
E)  dongles.

Question 16

URL-shortening services such as bit.ly limit the impact of phishing posts since the shortened URL will clearly reveal the destination arrived at when clicked on.

Accepted Answer

A) True 
 B)False

Question 17

_____ are systems that act as controls for network traffic, blocking unauthorized traffic while permitting acceptable use.

Accepted Answer

The answer of _____ are systems that act as controls...

Question 18

Dumpster diving refers to physically trawling through trash to mine any valuable data or insights that can be stolen or used in a security attack.

Accepted Answer

A) True 
 B)False

Question 19

The _____ technique zeros in on a sloppy programming practice where software developers don't validate user input.

Accepted Answer

The answer of The _____ technique zeros in on a...

Question 20

The virtual shutdown of websites by way of overloading them with seemingly legitimate requests sent simultaneously from thousands of machines is termed as _____ attacks.

Accepted Answer

distribute

An attack on the US power grid by terrorists or a foreign power is indicative of:

Hordes of surreptitiously infiltrated computers, linked and controlled remotely, are known as zombie networks or:

The use of public wireless connections can increase a user's vulnerability to monitoring and compromise. ____________ software can be used to encrypt transmissions over public networks, making it more difficult for a user's PC to be penetrated.

Public wireless networks are often vulnerable to monitoring and attack. The use of _______ software can limit threats by encrypting network transmissions over a network.

Many U.S. technology firms believe that U.S. government surveillance techniques put them at a disadvantage relative to foreign firms because:

_____ can be either software-based or deployed via hardware, such as a recording "dongle" that is plugged in between a keyboard and a PC.

Cyber criminals who infiltrate systems and collect data for illegal resale are called _____.

Information security policies would be ineffective without _ and _.

Computer systems are often infected with malware by means of exploits that sneak in masquerading as something they are not. These exploits are called:

Several surprising findings were revealed in the wake of the Target breach, providing a cautionary tale for all executives and security professionals. Which of the following was not thought to have occurred during the Target security breach?

Online backup services are considered a poor choice for end-users, since this only increases the liklihood that an individual's data will be hacked.

A team working on organizational security should include representatives from general counsel, audit, public relations, and human resources, in addition to those from specialized security and broader technology and infrastructure functions.

_____ refers to a trusted third party that provides authentication services in public key encryption schemes.

What are some of the key managerial takeaways from the Target security breach?

Updates that plug existing holes in a software are called:

URL-shortening services such as bit.ly limit the impact of phishing posts since the shortened URL will clearly reveal the destination arrived at when clicked on.

_____ are systems that act as controls for network traffic, blocking unauthorized traffic while permitting acceptable use.

Dumpster diving refers to physically trawling through trash to mine any valuable data or insights that can be stolen or used in a security attack.

The _____ technique zeros in on a sloppy programming practice where software developers don't validate user input.

The virtual shutdown of websites by way of overloading them with seemingly legitimate requests sent simultaneously from thousands of machines is termed as _____ attacks.

Setting the Stage: Technology and the Modern Enterprise

Strategy and Technology: Concepts and Frameworks for Understanding What Separates Winners From Losers

Zara: Fast Fashion From Savvy Systems

Netflix in Two Acts: the Making of an E-Commerce Giant and the Uncertain Future of Atoms to Bits

Moores Law and More: Fast, Cheap Computing and What This Means for the Manager

Disruptive Technologies: Understanding the Giant Killers and Considerations for Avoiding Extinction

Amazoncom: an Empire Stretching From Cardboard Box to Kindle to Cloud

Understanding Network Effects: Strategies for Competing in a Platform-Centric, Winner-Take-All World

Social Media, Peer Production, and Web 2.0

The Sharing Economy, Collaborative Consumption, and Creating More Efficient Markets Through Technology

Facebook: a Billion-Plus Users, the High-Stakes Move to Mobile, and Big Business From the Social Graph

Rent the Runway: Entrepreneurs Expanding an Industry by Blending Tech With Fashion, John Gallaugher - Information Systems: a Managers Guide to Harnessing Technology, Version 6.0

Understanding Software: a Primer for Managers

Software in Flux: Open Source, Cloud, Vittualized and App-Driven Shifts

The Data Asset: Databases, Business Intelligence, Analytics, Big Data, and Competitive Advantage

A Managers Guide to the Internet and Telecommunications

Google in Three Parts: Search, Online Advertising, and an Alphabet of Opportunity

Filters

Exam 17: Information Security: Barbarians at the Gateway and Just About Everywhere Else

An attack on the US power grid by terrorists or a foreign power is indicative of:

Hordes of surreptitiously infiltrated computers, linked and controlled remotely, are known as zombie networks or:

The use of public wireless connections can increase a user's vulnerability to monitoring and compromise. ____________ software can be used to encrypt transmissions over public networks, making it more difficult for a user's PC to be penetrated.

Public wireless networks are often vulnerable to monitoring and attack. The use of _______ software can limit threats by encrypting network transmissions over a network.

Many U.S. technology firms believe that U.S. government surveillance techniques put them at a disadvantage relative to foreign firms because:

_____ can be either software-based or deployed via hardware, such as a recording "dongle" that is plugged in between a keyboard and a PC.

Cyber criminals who infiltrate systems and collect data for illegal resale are called _____.

Information security policies would be ineffective without _____ and _____.

Computer systems are often infected with malware by means of exploits that sneak in masquerading as something they are not. These exploits are called:

Several surprising findings were revealed in the wake of the Target breach, providing a cautionary tale for all executives and security professionals. Which of the following was not thought to have occurred during the Target security breach?

Online backup services are considered a poor choice for end-users, since this only increases the liklihood that an individual's data will be hacked.

A team working on organizational security should include representatives from general counsel, audit, public relations, and human resources, in addition to those from specialized security and broader technology and infrastructure functions.

_____ refers to a trusted third party that provides authentication services in public key encryption schemes.

What are some of the key managerial takeaways from the Target security breach?

Updates that plug existing holes in a software are called:

URL-shortening services such as bit.ly limit the impact of phishing posts since the shortened URL will clearly reveal the destination arrived at when clicked on.

_____ are systems that act as controls for network traffic, blocking unauthorized traffic while permitting acceptable use.

Dumpster diving refers to physically trawling through trash to mine any valuable data or insights that can be stolen or used in a security attack.

The _____ technique zeros in on a sloppy programming practice where software developers don't validate user input.

The virtual shutdown of websites by way of overloading them with seemingly legitimate requests sent simultaneously from thousands of machines is termed as _____ attacks.

Setting the Stage: Technology and the Modern Enterprise

Strategy and Technology: Concepts and Frameworks for Understanding What Separates Winners From Losers

Zara: Fast Fashion From Savvy Systems

Netflix in Two Acts: the Making of an E-Commerce Giant and the Uncertain Future of Atoms to Bits

Moores Law and More: Fast, Cheap Computing and What This Means for the Manager

Disruptive Technologies: Understanding the Giant Killers and Considerations for Avoiding Extinction

Amazoncom: an Empire Stretching From Cardboard Box to Kindle to Cloud

Understanding Network Effects: Strategies for Competing in a Platform-Centric, Winner-Take-All World

Social Media, Peer Production, and Web 2.0

The Sharing Economy, Collaborative Consumption, and Creating More Efficient Markets Through Technology

Facebook: a Billion-Plus Users, the High-Stakes Move to Mobile, and Big Business From the Social Graph

Rent the Runway: Entrepreneurs Expanding an Industry by Blending Tech With Fashion, John Gallaugher - Information Systems: a Managers Guide to Harnessing Technology, Version 6.0

Understanding Software: a Primer for Managers

Software in Flux: Open Source, Cloud, Vittualized and App-Driven Shifts

The Data Asset: Databases, Business Intelligence, Analytics, Big Data, and Competitive Advantage

A Managers Guide to the Internet and Telecommunications

Google in Three Parts: Search, Online Advertising, and an Alphabet of Opportunity

Filters

Information security policies would be ineffective without _ and _.