Exam 5: IT Security, crime, compliance, and Continuity

When new vulnerabilities are found in operating systems,applications,or wired and wireless networks,vendors of those products release __________ or __________ to fix the vulnerabilities.

Which of the following is not a type of administrative control for information assurance and risk management?

__________ is the word that refers to viruses,worms,trojan horses,spyware,and all other types of disruptive,destructive,or unwanted programs.

A fiduciary responsibility is both a legal and an ethical obligation.

An estimated __________ of companies that suffer a significant data loss often go out of business within five years.

__________ is the elapsed time between when vulnerability is discovered and when it's exploited and has shrunk from months to __________.

Before the people who are responsible for security make any decisions about infosec defenses,they must understand __________.

Bernard Madoff is in jail after pleading guilty in 2009 to the biggest fraud in Wall Street history.Madoff carried out his fraud over four decades by relying on __________.

Corporate and government secrets are currently being stolen by a serious threat called advanced persistent threat (APT),which are designed for long-term espionage.Once installed on a network,ATPs transmit copies of documents,such as Microsoft Office files and PDFs,in stealth mode.

From an infosec perspective,__________ has been used by criminals or corporate spies to trick insiders into revealing information or access codes that outsiders should not have

__________ is a security technology for wireless networks that improves on the authentication and encryption features of WEP.

The theft of confidential account data from HSBC Private Bank in Switzerland in 2007 had been done by hackers because of inadequate security controls.

Physical security includes several controls.Which of the following is not a type of physical control?

A __________ control is an automated method of verifying the identity of a person,based on physical or behavioral characteristics,such as a fingerprint or voice scan.

The __________ environment is the work atmosphere that a company sets for its employees in order to achieve reliable financial reporting and compliance with laws,regulations,and policies.

When dealing with consumer-facing applications,such as online banking and e-commerce,strong authentication must be balanced with __________.

Which of the following is not a characteristic of money laundering and terrorist financing?

Fraud is nonviolent crime that is carried out using __________.

An important element in any security system is the __________ plan,also known as the disaster recovery plan,which outlines the process by which businesses should recover from a major disaster.

Facebook,YouTube,Twitter,LinkedIn,and other social networks are making IT security dangers worse.Why?