Question 1

Fraud management starts with corporate governance culture and ethics __________.

Accepted Answer

A) in the accounting department 
B) in the IT department 
C) at the top levels of the organization 
D) at the lowest levels of the organization 
A) in the accounting department 
B) in the IT department 
C) at the top levels of the organization 
D) at the lowest levels of the organization

Question 2

One of the worst and most prevalent crimes is __________.

Accepted Answer

A) stolen computers 
B) identity theft 
C) network intrusion 
D) malware 
A) stolen computers 
B) identity theft 
C) network intrusion 
D) malware

Question 3

IT security is so integral to business objectives that it needs to be treated as a stand-alone function.

Accepted Answer

A) True 
 B)False

Question 4

Network security involves three types of defenses,which are referred to as layers.Those layers consist of each of the following except:

Accepted Answer

A) perimeter security layer to control access to the network. 
B) authentication layer to verify the identity of the person requesting access to the network. 
C) biometrics layer to monitor network usage. 
D) authorization layer to control what authenticated users can do once they are given access to the network. 
A) perimeter security layer to control access to the network. 
B) authentication layer to verify the identity of the person requesting access to the network. 
C) biometrics layer to monitor network usage. 
D) authorization layer to control what authenticated users can do once they are given access to the network.

Question 5

Hackers involve unsuspecting insiders in their crimes using tactics called __________ that trick insiders into revealing access codes that outsiders should not have.

Accepted Answer

A) social engineering 
B) phishing 
C) spoofing 
D) botnets 
A) social engineering 
B) phishing 
C) spoofing 
D) botnets

Question 6

A __________ is a system,or group of systems,that enforces an access-control policy between two networks.

Accepted Answer

A) firewall 
B) switch 
C) router 
D) gateway 
A) firewall 
B) switch 
C) router 
D) gateway

Question 7

There has been a steep increase in malware because of the availability of free,easy to use,powerful toolkits that even novice cyber criminals can use to develop malware.

Accepted Answer

A) True 
 B)False

Question 8

A(n)__________ is something or someone that may result in harm to an asset.

Accepted Answer

A) threat 
B) risk 
C) vulnerability 
D) exploit 
A) threat 
B) risk 
C) vulnerability 
D) exploit

Question 9

All Internet traffic,which travels as packets,should have to pass through a(n)__________ ,but that is rarely the case for instant messages and wireless traffic.

Accepted Answer

The answer of All Internet traffic,which travels as packets,should have...

Question 10

Which of the following is not a characteristic of IT security?

Accepted Answer

A) IT security is so integral to business objectives that it cannot be treated as a stand-alone function. 
B) Internal threats are not a major challenge because firewalls prevent employee malicious activity. 
C) Infosec failures have a direct impact on business performance,customers,business partners,and stakeholders. 
D) Infosec failures can lead to fines,legal action,and steep declines in stock prices as investors react to the crisis. 
A) IT security is so integral to business objectives that it cannot be treated as a stand-alone function. 
B) Internal threats are not a major challenge because firewalls prevent employee malicious activity. 
C) Infosec failures have a direct impact on business performance,customers,business partners,and stakeholders. 
D) Infosec failures can lead to fines,legal action,and steep declines in stock prices as investors react to the crisis.

Question 11

The major objective of __________ is proof of identity to identify the legitimate user and determine the action he or she is allowed to perform.

Accepted Answer

A) authorization 
B) authentication 
C) endpoint security 
D) information assurance 
A) authorization 
B) authentication 
C) endpoint security 
D) information assurance

Question 12

Sensitive data that are encrypted with wired equivalent privacy (WEP)and transmitted between two wireless devices __________.

Accepted Answer

A) is fully secured 
B) cannot be authenticated 
C) has a moderate level of security 
D) may be intercepted and disclosed 
A) is fully secured 
B) cannot be authenticated 
C) has a moderate level of security 
D) may be intercepted and disclosed

Question 13

Types of unintentional threats that organizations must defend against as part of their IT security measures are human errors,sabotage,environmental hazards,and computer system failures.

Accepted Answer

A) True 
 B)False

Question 14

The purpose of the PCI DSS is to improve customers'__________ in e-commerce,especially when it comes to online payments,and to increase the Web security of online merchants.

Accepted Answer

The answer of The purpose of the PCI DSS is...

Question 15

What is the most cost-effective approach to managing fraud?

Accepted Answer

A) prevention 
B) detection 
C) prosecution 
D) compliance 
A) prevention 
B) detection 
C) prosecution 
D) compliance

Question 16

Why do social networks and cloud computing increase IT security risks? How can those risks be reduced?

Accepted Answer

Social networks and cloud computing incr

Question 17

Which of the following is a characteristic of information security in organizations?

Accepted Answer

A) losses due to IT security breaches can destroy a company financially 
B) disruptions due to IT security breaches can seriously harm a company operationally 
C) to comply with international,federal,state,and foreign laws,companies must invest in IT security to protect their data,other assets,the ability to operate,and net income 
D) All of the above 
A) losses due to IT security breaches can destroy a company financially 
B) disruptions due to IT security breaches can seriously harm a company operationally 
C) to comply with international,federal,state,and foreign laws,companies must invest in IT security to protect their data,other assets,the ability to operate,and net income 
D) All of the above

Question 18

__________,such as AirSnort and WEPcrack,are readily available tools that can be used to gain unauthorized access to networks putting them at great risk.

Accepted Answer

A) Wireless packet analyzers 
B) Password crackers 
C) Firewall sniffers 
D) Intrusion detectors 
A) Wireless packet analyzers 
B) Password crackers 
C) Firewall sniffers 
D) Intrusion detectors

Question 19

Implementing security programs raises many ethical issues.Identify two of these ethical issues.

Accepted Answer

Answers will vary.Implementing security

Question 20

__________ is the ability of an IS to continue to operate when a failure occurs,usually operating for a limited time or at a reduced level.

Accepted Answer

A) Botnet 
B) Exposure 
C) Fault tolerance 
D) Spoofing 
A) Botnet 
B) Exposure 
C) Fault tolerance 
D) Spoofing

Fraud management starts with corporate governance culture and ethics __________.

One of the worst and most prevalent crimes is __________.

IT security is so integral to business objectives that it needs to be treated as a stand-alone function.

Network security involves three types of defenses,which are referred to as layers.Those layers consist of each of the following except:

Hackers involve unsuspecting insiders in their crimes using tactics called __________ that trick insiders into revealing access codes that outsiders should not have.

A __________ is a system,or group of systems,that enforces an access-control policy between two networks.

There has been a steep increase in malware because of the availability of free,easy to use,powerful toolkits that even novice cyber criminals can use to develop malware.

A(n)__________ is something or someone that may result in harm to an asset.

All Internet traffic,which travels as packets,should have to pass through a(n)__________ ,but that is rarely the case for instant messages and wireless traffic.

Which of the following is not a characteristic of IT security?

The major objective of __________ is proof of identity to identify the legitimate user and determine the action he or she is allowed to perform.

Sensitive data that are encrypted with wired equivalent privacy (WEP)and transmitted between two wireless devices __________.

Types of unintentional threats that organizations must defend against as part of their IT security measures are human errors,sabotage,environmental hazards,and computer system failures.

The purpose of the PCI DSS is to improve customers'__________ in e-commerce,especially when it comes to online payments,and to increase the Web security of online merchants.

What is the most cost-effective approach to managing fraud?

Why do social networks and cloud computing increase IT security risks? How can those risks be reduced?

Which of the following is a characteristic of information security in organizations?

__________,such as AirSnort and WEPcrack,are readily available tools that can be used to gain unauthorized access to networks putting them at great risk.

Implementing security programs raises many ethical issues.Identify two of these ethical issues.

__________ is the ability of an IS to continue to operate when a failure occurs,usually operating for a limited time or at a reduced level.

Information Systems in the 2010s

Infrastructure and Support Systems

Data,text,and Document Management

Network Management and Mobility

E-Business and E-Commerce

Mobile Computing and Commerce

Web 2.0 and Social Media

Operational Planning and Control Systems

Enterprise Information Systems

Business Intelligence and Decision Support

IT Strategic Planning

Business Process Management and Systems Development

Global Ecology, ethics, and Social Responsibility

Filters

Exam 5: IT Security, crime, compliance, and Continuity

Fraud management starts with corporate governance culture and ethics __________.

One of the worst and most prevalent crimes is __________.

IT security is so integral to business objectives that it needs to be treated as a stand-alone function.

Network security involves three types of defenses,which are referred to as layers.Those layers consist of each of the following except:

Hackers involve unsuspecting insiders in their crimes using tactics called __________ that trick insiders into revealing access codes that outsiders should not have.

A __________ is a system,or group of systems,that enforces an access-control policy between two networks.

There has been a steep increase in malware because of the availability of free,easy to use,powerful toolkits that even novice cyber criminals can use to develop malware.

A(n)__________ is something or someone that may result in harm to an asset.

All Internet traffic,which travels as packets,should have to pass through a(n)__________ ,but that is rarely the case for instant messages and wireless traffic.

Which of the following is not a characteristic of IT security?

The major objective of __________ is proof of identity to identify the legitimate user and determine the action he or she is allowed to perform.

Sensitive data that are encrypted with wired equivalent privacy (WEP)and transmitted between two wireless devices __________.

Types of unintentional threats that organizations must defend against as part of their IT security measures are human errors,sabotage,environmental hazards,and computer system failures.

The purpose of the PCI DSS is to improve customers'__________ in e-commerce,especially when it comes to online payments,and to increase the Web security of online merchants.

What is the most cost-effective approach to managing fraud?

Why do social networks and cloud computing increase IT security risks? How can those risks be reduced?

Which of the following is a characteristic of information security in organizations?

__________,such as AirSnort and WEPcrack,are readily available tools that can be used to gain unauthorized access to networks putting them at great risk.

Implementing security programs raises many ethical issues.Identify two of these ethical issues.

__________ is the ability of an IS to continue to operate when a failure occurs,usually operating for a limited time or at a reduced level.

Information Systems in the 2010s

Infrastructure and Support Systems

Data,text,and Document Management

Network Management and Mobility

E-Business and E-Commerce

Mobile Computing and Commerce

Web 2.0 and Social Media

Operational Planning and Control Systems

Enterprise Information Systems

Business Intelligence and Decision Support

IT Strategic Planning

Business Process Management and Systems Development

Global Ecology, ethics, and Social Responsibility

Filters