Question 1

Which of the following is a valid statement on information security?

Accepted Answer

A)  Security breaches cannot be prevented despite the adoption of the best security policies. 
B)  Technology lapses are solely responsible for almost all security breaches. 
C)  Information security is everybody's responsibility. 
D)  Greater expenditure on security products is the only way to contain security breaches. 
E)  A reactive, rather than proactive, approach is better suited for dealing with security breaches. 
A)  Security breaches cannot be prevented despite the adoption of the best security policies. 
B)  Technology lapses are solely responsible for almost all security breaches. 
C)  Information security is everybody's responsibility. 
D)  Greater expenditure on security products is the only way to contain security breaches. 
E)  A reactive, rather than proactive, approach is better suited for dealing with security breaches.

Question 2

A bank customer receives a message, ostensibly from the bank's Web site, asking her to provide her login information. Assuming the message is intended to defraud the customer, what type of infiltration technique is being used here?

Accepted Answer

A)  Spyware 
B)  Malware 
C)  Social engineering 
D)  Phishing 
E)  Virus infections 
A)  Spyware 
B)  Malware 
C)  Social engineering 
D)  Phishing 
E)  Virus infections

Question 3

A vast majority of security breaches are not preventable and happen despite the best security practices.

Accepted Answer

A) True 
 B)False

Question 4

The phrase __________________ refers to security schemes that automatically send one-time use representations of a credit card that can be received and processed by banking and transaction firms at the time of payment. They are in use in ApplePay and Android Wallet.

Accepted Answer

The answer of The phrase __________________ refers to security schemes...

Question 5

Attacks that exhaust all possible password combinations in order to break into an account are called _____ attacks.

Accepted Answer

A)  strong arm 
B)  permuted 
C)  brute-force 
D)  zero-day 
E)  infinity 
A)  strong arm 
B)  permuted 
C)  brute-force 
D)  zero-day 
E)  infinity

Question 6

Almost all security breaches can be traced back to technology lapses; personnel or procedural factors rarely factor in.

Accepted Answer

A) True 
 B)False

Question 7

Technologies that measure and analyze human body characteristics for identification or authentication are known as _____.

Accepted Answer

A)  overlamination processes 
B)  biometrics 
C)  smart tags 
D)  bio-embedded systems 
E)  holographs 
A)  overlamination processes 
B)  biometrics 
C)  smart tags 
D)  bio-embedded systems 
E)  holographs

Question 8

Which of the following types of infiltration techniques does one open up to by posting sensitive personal information and details about one's workplace on social networking sites?

Accepted Answer

A)  Phishing 
B)  Social engineering 
C)  Password theft 
D)  Virus infections 
E)  Physical threats 
A)  Phishing 
B)  Social engineering 
C)  Password theft 
D)  Virus infections 
E)  Physical threats

Question 9

Conforming to industry-standard guidelines and frameworks for organizational security ensures continued immunity from attacks on an organization's information.

Accepted Answer

A) True 
 B)False

Question 10

Con games that trick employees into revealing information or performing other tasks that compromise a firm are known as _____ in security circles.

Accepted Answer

The answer of Con games that trick employees into revealing...

Question 11

Sifting through trash in an effort to uncover valuable data or insights that can be stolen or used to launch a security attack is known as:

Accepted Answer

A)  trash recovery. 
B)  junk exploring. 
C)  dumpster diving. 
D)  scrap sifting. 
E)  data sieving. 
A)  trash recovery. 
B)  junk exploring. 
C)  dumpster diving. 
D)  scrap sifting. 
E)  data sieving.

Question 12

Challenge questions offered by Web sites to automate password distribution and resets are formidable in protecting the privacy of email accounts.

Accepted Answer

A) True 
 B)False

Question 13

Because of Moore's Law, widely-used encryption programs currently employed by banks and ecommerce sites are now easily penetrated by brute-force attacks that can be employed by hackers using just a handful of simple desktop computers.

Accepted Answer

A) True 
 B)False

Question 14

_____, probably the most notorious known act of cyberwarfare effort to date (one expert called it "the most sophisticated worm ever created"), is suspected to have been launched by either U.S. or Israeli intelligence (or both), and it infiltrated Iranian nuclear facilities and reprogrammed the industrial control software operating hundreds of uranium-enriching centrifuges.

Accepted Answer

The answer of _____, probably the most notorious known act...

Question 15

Regularly updated software lowers a system's vulnerable attack surface.

Accepted Answer

A) True 
 B)False

Question 16

In security circles the phrase "compliance" refers to:

Accepted Answer

A)  legal or professionally binding steps that an organization must take. 
B)  security audit practices used by the tech divisions of Big Four accounting firms. 
C)  a firm's installing software to fulfill government surveillance requirements. 
D)  the U.S. government legislation requiring organizations to share security breaches with law enforcement and industry trade organizations. 
E)  only deploying open source software that is downloaded from approved GitHub locations. 
A)  legal or professionally binding steps that an organization must take. 
B)  security audit practices used by the tech divisions of Big Four accounting firms. 
C)  a firm's installing software to fulfill government surveillance requirements. 
D)  the U.S. government legislation requiring organizations to share security breaches with law enforcement and industry trade organizations. 
E)  only deploying open source software that is downloaded from approved GitHub locations.

Question 17

The term _____ originally referred to a particularly skilled programmer.

Accepted Answer

A)  data harvester 
B)  cracke 
C)  hacker 
D)  black hat 
E)  hacktivist 
A)  data harvester 
B)  cracke 
C)  hacker 
D)  black hat 
E)  hacktivist

Question 18

Organized crime networks now have their own R&D labs and are engaged in sophisticated development efforts to piece together methods to thwart current security measures.

Accepted Answer

A) True 
 B)False

Question 19

A research scientist with a major pharmaceutical firm in New Jersey is caught passing on sensitive information, worth millions of dollars, regarding the composition and test results of his firm's latest drug to a rival company. What crime is he being held responsible for?

Accepted Answer

A)  Cyber-fraud 
B)  Corporate espionage 
C)  Carrying out technology disruptions 
D)  Extortion 
E)  Illegal funds transfer 
A)  Cyber-fraud 
B)  Corporate espionage 
C)  Carrying out technology disruptions 
D)  Extortion 
E)  Illegal funds transfer

Question 20

Which of these would be an example of a DDoS attack?

Accepted Answer

A)  An extortion attempt where hackers threaten to reveal names and social security information stolen from medical records databases 
B)  Overloading a popular social networking site with inbound messages in order to shut down access to the site 
C)  Launching a targeted phishing campaign on a department of defense or other surveilance network. 
D)  Stealing proprietary data directly from mobile phones using a distributed network of difficult-to-trace online services. 
E)  Launching tough-to-track click-fraud efforts 
A)  An extortion attempt where hackers threaten to reveal names and social security information stolen from medical records databases 
B)  Overloading a popular social networking site with inbound messages in order to shut down access to the site 
C)  Launching a targeted phishing campaign on a department of defense or other surveilance network. 
D)  Stealing proprietary data directly from mobile phones using a distributed network of difficult-to-trace online services. 
E)  Launching tough-to-track click-fraud efforts

Which of the following is a valid statement on information security?

A bank customer receives a message, ostensibly from the bank's Web site, asking her to provide her login information. Assuming the message is intended to defraud the customer, what type of infiltration technique is being used here?

A vast majority of security breaches are not preventable and happen despite the best security practices.

The phrase __________________ refers to security schemes that automatically send one-time use representations of a credit card that can be received and processed by banking and transaction firms at the time of payment. They are in use in ApplePay and Android Wallet.

Attacks that exhaust all possible password combinations in order to break into an account are called _____ attacks.

Almost all security breaches can be traced back to technology lapses; personnel or procedural factors rarely factor in.

Technologies that measure and analyze human body characteristics for identification or authentication are known as _____.

Which of the following types of infiltration techniques does one open up to by posting sensitive personal information and details about one's workplace on social networking sites?

Conforming to industry-standard guidelines and frameworks for organizational security ensures continued immunity from attacks on an organization's information.

Con games that trick employees into revealing information or performing other tasks that compromise a firm are known as _____ in security circles.

Sifting through trash in an effort to uncover valuable data or insights that can be stolen or used to launch a security attack is known as:

Challenge questions offered by Web sites to automate password distribution and resets are formidable in protecting the privacy of email accounts.

Because of Moore's Law, widely-used encryption programs currently employed by banks and ecommerce sites are now easily penetrated by brute-force attacks that can be employed by hackers using just a handful of simple desktop computers.

Regularly updated software lowers a system's vulnerable attack surface.

In security circles the phrase "compliance" refers to:

The term _____ originally referred to a particularly skilled programmer.

Organized crime networks now have their own R&D labs and are engaged in sophisticated development efforts to piece together methods to thwart current security measures.

A research scientist with a major pharmaceutical firm in New Jersey is caught passing on sensitive information, worth millions of dollars, regarding the composition and test results of his firm's latest drug to a rival company. What crime is he being held responsible for?

Which of these would be an example of a DDoS attack?

Setting the Stage: Technology and the Modern Enterprise

Strategy and Technology: Concepts and Frameworks for Understanding What Separates Winners From Losers

Zara: Fast Fashion From Savvy Systems

Netflix in Two Acts: the Making of an E-Commerce Giant and the Uncertain Future of Atoms to Bits

Moores Law and More: Fast, Cheap Computing and What This Means for the Manager

Disruptive Technologies: Understanding the Giant Killers and Considerations for Avoiding Extinction

Amazoncom: an Empire Stretching From Cardboard Box to Kindle to Cloud

Understanding Network Effects: Strategies for Competing in a Platform-Centric, Winner-Take-All World

Social Media, Peer Production, and Web 2.0

The Sharing Economy, Collaborative Consumption, and Creating More Efficient Markets Through Technology

Facebook: a Billion-Plus Users, the High-Stakes Move to Mobile, and Big Business From the Social Graph

Rent the Runway: Entrepreneurs Expanding an Industry by Blending Tech With Fashion, John Gallaugher - Information Systems: a Managers Guide to Harnessing Technology, Version 6.0

Understanding Software: a Primer for Managers

Software in Flux: Open Source, Cloud, Vittualized and App-Driven Shifts

The Data Asset: Databases, Business Intelligence, Analytics, Big Data, and Competitive Advantage

A Managers Guide to the Internet and Telecommunications

Google in Three Parts: Search, Online Advertising, and an Alphabet of Opportunity

Filters

Exam 17: Information Security: Barbarians at the Gateway and Just About Everywhere Else

Which of the following is a valid statement on information security?

A bank customer receives a message, ostensibly from the bank's Web site, asking her to provide her login information. Assuming the message is intended to defraud the customer, what type of infiltration technique is being used here?

A vast majority of security breaches are not preventable and happen despite the best security practices.

The phrase __________________ refers to security schemes that automatically send one-time use representations of a credit card that can be received and processed by banking and transaction firms at the time of payment. They are in use in ApplePay and Android Wallet.

Attacks that exhaust all possible password combinations in order to break into an account are called _____ attacks.

Almost all security breaches can be traced back to technology lapses; personnel or procedural factors rarely factor in.

Technologies that measure and analyze human body characteristics for identification or authentication are known as _____.

Which of the following types of infiltration techniques does one open up to by posting sensitive personal information and details about one's workplace on social networking sites?

Conforming to industry-standard guidelines and frameworks for organizational security ensures continued immunity from attacks on an organization's information.

Con games that trick employees into revealing information or performing other tasks that compromise a firm are known as _____ in security circles.

Sifting through trash in an effort to uncover valuable data or insights that can be stolen or used to launch a security attack is known as:

Challenge questions offered by Web sites to automate password distribution and resets are formidable in protecting the privacy of email accounts.

Because of Moore's Law, widely-used encryption programs currently employed by banks and ecommerce sites are now easily penetrated by brute-force attacks that can be employed by hackers using just a handful of simple desktop computers.

Regularly updated software lowers a system's vulnerable attack surface.

In security circles the phrase "compliance" refers to:

The term _____ originally referred to a particularly skilled programmer.

Organized crime networks now have their own R&D labs and are engaged in sophisticated development efforts to piece together methods to thwart current security measures.

A research scientist with a major pharmaceutical firm in New Jersey is caught passing on sensitive information, worth millions of dollars, regarding the composition and test results of his firm's latest drug to a rival company. What crime is he being held responsible for?

Which of these would be an example of a DDoS attack?

Setting the Stage: Technology and the Modern Enterprise

Strategy and Technology: Concepts and Frameworks for Understanding What Separates Winners From Losers

Zara: Fast Fashion From Savvy Systems

Netflix in Two Acts: the Making of an E-Commerce Giant and the Uncertain Future of Atoms to Bits

Moores Law and More: Fast, Cheap Computing and What This Means for the Manager

Disruptive Technologies: Understanding the Giant Killers and Considerations for Avoiding Extinction

Amazoncom: an Empire Stretching From Cardboard Box to Kindle to Cloud

Understanding Network Effects: Strategies for Competing in a Platform-Centric, Winner-Take-All World

Social Media, Peer Production, and Web 2.0

The Sharing Economy, Collaborative Consumption, and Creating More Efficient Markets Through Technology

Facebook: a Billion-Plus Users, the High-Stakes Move to Mobile, and Big Business From the Social Graph

Rent the Runway: Entrepreneurs Expanding an Industry by Blending Tech With Fashion, John Gallaugher - Information Systems: a Managers Guide to Harnessing Technology, Version 6.0

Understanding Software: a Primer for Managers

Software in Flux: Open Source, Cloud, Vittualized and App-Driven Shifts

The Data Asset: Databases, Business Intelligence, Analytics, Big Data, and Competitive Advantage

A Managers Guide to the Internet and Telecommunications

Google in Three Parts: Search, Online Advertising, and an Alphabet of Opportunity

Filters