Question 1

Which of the following is not a characteristic of money laundering and terrorist financing?

Accepted Answer

A) Transnational organized crime groups use money laundering to fund their operations,which creates international and national security threats. 
B) Cybercrime is safer and easier than selling drugs,dealing in black market diamonds,or robbing banks. 
C) Funds used to finance terrorist operations are easy to track,which provides evidence to identify and locate leaders of terrorist organizations and cells. 
D) Online gambling offers easy fronts for international money-laundering operations. 
A) Transnational organized crime groups use money laundering to fund their operations,which creates international and national security threats. 
B) Cybercrime is safer and easier than selling drugs,dealing in black market diamonds,or robbing banks. 
C) Funds used to finance terrorist operations are easy to track,which provides evidence to identify and locate leaders of terrorist organizations and cells. 
D) Online gambling offers easy fronts for international money-laundering operations.

Question 2

Protecting data and business operations involves all of the following efforts except:

Accepted Answer

A) making data and documents available and accessible 24x7 while also restricting access. 
B) implementing and enforcing procedures and acceptable use policies for company-owned data,hardware,software,and networks. 
C) storing and archiving all databases and data warehouses on-site protected by firewalls. 
D) recovering from business disasters and disruptions quickly. 
A) making data and documents available and accessible 24x7 while also restricting access. 
B) implementing and enforcing procedures and acceptable use policies for company-owned data,hardware,software,and networks. 
C) storing and archiving all databases and data warehouses on-site protected by firewalls. 
D) recovering from business disasters and disruptions quickly.

Question 3

Crime can be divided into two categories depending on the tactics used to carry out the crime.What are those two categories?

Accepted Answer

A) personal and non-personal 
B) felonies and misdemeanors 
C) insider and outsider 
D) violent and nonviolent 
A) personal and non-personal 
B) felonies and misdemeanors 
C) insider and outsider 
D) violent and nonviolent

Question 4

The purpose of the PCI DSS is to improve customers'__________ in e-commerce,especially when it comes to online payments,and to increase the Web security of online merchants.

Accepted Answer

The answer of The purpose of the PCI DSS is...

Question 5

A majority of data breaches involve:

Accepted Answer

A) insider error or action that is either intentional or unintentional. 
B) insider action that is intentional. 
C) former employees and IT staff. 
D) hackers. 
A) insider error or action that is either intentional or unintentional. 
B) insider action that is intentional. 
C) former employees and IT staff. 
D) hackers.

Question 6

Before the people who are responsible for security make any decisions about infosec defenses,they must understand __________.

Accepted Answer

A) the requirements and operations of the business 
B) how firewalls,anti-virus software,and other technology function 
C) tactics of hackers,fraudsters,botnets,and identity thieves 
D) how much to invest in risk management 
A) the requirements and operations of the business 
B) how firewalls,anti-virus software,and other technology function 
C) tactics of hackers,fraudsters,botnets,and identity thieves 
D) how much to invest in risk management

Question 7

Which of the following is not a characteristic of IT security?

Accepted Answer

A) IT security is so integral to business objectives that it cannot be treated as a stand-alone function. 
B) Internal threats are not a major challenge because firewalls prevent employee malicious activity. 
C) Infosec failures have a direct impact on business performance,customers,business partners,and stakeholders. 
D) Infosec failures can lead to fines,legal action,and steep declines in stock prices as investors react to the crisis. 
A) IT security is so integral to business objectives that it cannot be treated as a stand-alone function. 
B) Internal threats are not a major challenge because firewalls prevent employee malicious activity. 
C) Infosec failures have a direct impact on business performance,customers,business partners,and stakeholders. 
D) Infosec failures can lead to fines,legal action,and steep declines in stock prices as investors react to the crisis.

Question 8

There has been a steep increase in malware because of the availability of free,easy to use,powerful toolkits that even novice cyber criminals can use to develop malware.

Accepted Answer

A) True 
 B)False

Question 9

Who stole account data from HSBC's Private Bank in Switzerland and how did HSBC learn about the data theft?

Accepted Answer

A) Account data was stolen by a former HSBC IT specialist;HSBC learned about the theft from French Authorities several years after the theft. 
B) Account data was stolen by a group of hackers who cracked passwords;HSBC detected the data theft from their IT staff within a few days. 
C) Malware was used to steal the account data;network intrusion detection systems detected the theft as it was happening. 
D) Competitors stole the account data;HSBC learned about the theft months later when customers complained about identity theft. 
A) Account data was stolen by a former HSBC IT specialist;HSBC learned about the theft from French Authorities several years after the theft. 
B) Account data was stolen by a group of hackers who cracked passwords;HSBC detected the data theft from their IT staff within a few days. 
C) Malware was used to steal the account data;network intrusion detection systems detected the theft as it was happening. 
D) Competitors stole the account data;HSBC learned about the theft months later when customers complained about identity theft.

Question 10

Why do social networks and cloud computing increase IT security risks? How can those risks be reduced?

Accepted Answer

Social networks and cloud computing incr

Question 11

A __________ attack occurs when a server or Web site receives a flood of traffic-much more traffic or requests for service than it can handle,causing it to crash.

Accepted Answer

denial of

Question 12

When dealing with consumer-facing applications,such as online banking and e-commerce,strong authentication must be balanced with __________.

Accepted Answer

A) convenience 
B) encryption 
C) authorization 
D) all of the above 
A) convenience 
B) encryption 
C) authorization 
D) all of the above

Question 13

Fraud is nonviolent crime that is carried out using __________.

Accepted Answer

A) a gun,knife,or other small weapon 
B) deception,confidence,and trickery 
C) embezzlement and electronic transfers of money 
D) bribery and threats 
A) a gun,knife,or other small weapon 
B) deception,confidence,and trickery 
C) embezzlement and electronic transfers of money 
D) bribery and threats

Question 14

A majority of data breaches involve some sort of insider error or action either intentional or unintentional.That is,the greatest infosec risks are employees and managers.

Accepted Answer

A) True 
 B)False

Question 15

__________ is a security technology for wireless networks that improves on the authentication and encryption features of WEP.

Accepted Answer

A) Network access control (NA
C)  
B) Security exchange commission (SE
C)  
C) Wi-Fi protected access (WP
A)  
D) Intrusion detection system (IDS) 
A) Network access control (NA
C)  
B) Security exchange commission (SE
C)  
C) Wi-Fi protected access (WP
A)  
D) Intrusion detection system (IDS)

Question 16

From an infosec perspective,__________ has been used by criminals or corporate spies to trick insiders into revealing information or access codes that outsiders should not have

Accepted Answer

The answer of From an infosec perspective,__________ has been used...

Question 17

A(n)__________ occurs when a server or Web site receives a flood of traffic-much more traffic or requests for service than it can handle,causing it to crash.

Accepted Answer

A) advanced persistent threat (APT) 
B) spoofing attack 
C) malware intrusion 
D) denial of service (DoS)attack 
A) advanced persistent threat (APT) 
B) spoofing attack 
C) malware intrusion 
D) denial of service (DoS)attack

Question 18

Which of the following is a characteristic of information security in organizations?

Accepted Answer

A) losses due to IT security breaches can destroy a company financially 
B) disruptions due to IT security breaches can seriously harm a company operationally 
C) to comply with international,federal,state,and foreign laws,companies must invest in IT security to protect their data,other assets,the ability to operate,and net income 
D) All of the above 
A) losses due to IT security breaches can destroy a company financially 
B) disruptions due to IT security breaches can seriously harm a company operationally 
C) to comply with international,federal,state,and foreign laws,companies must invest in IT security to protect their data,other assets,the ability to operate,and net income 
D) All of the above

Question 19

An estimated __________ of companies that suffer a significant data loss often go out of business within five years.

Accepted Answer

A) 23% 
B) 43% 
C) 73% 
D) 93% 
A) 23% 
B) 43% 
C) 73% 
D) 93%

Question 20

A(n)__________ is the probability of a threat exploiting a vulnerability.

Accepted Answer

A) threat 
B) risk 
C) vulnerability 
D) exploit 
A) threat 
B) risk 
C) vulnerability 
D) exploit

Which of the following is not a characteristic of money laundering and terrorist financing?

Protecting data and business operations involves all of the following efforts except:

Crime can be divided into two categories depending on the tactics used to carry out the crime.What are those two categories?

The purpose of the PCI DSS is to improve customers'__________ in e-commerce,especially when it comes to online payments,and to increase the Web security of online merchants.

A majority of data breaches involve:

Before the people who are responsible for security make any decisions about infosec defenses,they must understand __________.

Which of the following is not a characteristic of IT security?

There has been a steep increase in malware because of the availability of free,easy to use,powerful toolkits that even novice cyber criminals can use to develop malware.

Who stole account data from HSBC's Private Bank in Switzerland and how did HSBC learn about the data theft?

Why do social networks and cloud computing increase IT security risks? How can those risks be reduced?

A __________ attack occurs when a server or Web site receives a flood of traffic-much more traffic or requests for service than it can handle,causing it to crash.

When dealing with consumer-facing applications,such as online banking and e-commerce,strong authentication must be balanced with __________.

Fraud is nonviolent crime that is carried out using __________.

A majority of data breaches involve some sort of insider error or action either intentional or unintentional.That is,the greatest infosec risks are employees and managers.

__________ is a security technology for wireless networks that improves on the authentication and encryption features of WEP.

From an infosec perspective,__________ has been used by criminals or corporate spies to trick insiders into revealing information or access codes that outsiders should not have

A(n)__________ occurs when a server or Web site receives a flood of traffic-much more traffic or requests for service than it can handle,causing it to crash.

Which of the following is a characteristic of information security in organizations?

An estimated __________ of companies that suffer a significant data loss often go out of business within five years.

A(n)__________ is the probability of a threat exploiting a vulnerability.

Information Systems in the 2010s

Infrastructure and Support Systems

Data,text,and Document Management

Network Management and Mobility

E-Business and E-Commerce

Mobile Computing and Commerce

Web 2.0 and Social Media

Operational Planning and Control Systems

Enterprise Information Systems

Business Intelligence and Decision Support

IT Strategic Planning

Business Process Management and Systems Development

Global Ecology, Ethics, and Social Responsibility

Filters

Exam 5: IT Security,crime,compliance,and Continuity

Which of the following is not a characteristic of money laundering and terrorist financing?

Protecting data and business operations involves all of the following efforts except:

Crime can be divided into two categories depending on the tactics used to carry out the crime.What are those two categories?

The purpose of the PCI DSS is to improve customers'__________ in e-commerce,especially when it comes to online payments,and to increase the Web security of online merchants.

A majority of data breaches involve:

Before the people who are responsible for security make any decisions about infosec defenses,they must understand __________.

Which of the following is not a characteristic of IT security?

There has been a steep increase in malware because of the availability of free,easy to use,powerful toolkits that even novice cyber criminals can use to develop malware.

Who stole account data from HSBC's Private Bank in Switzerland and how did HSBC learn about the data theft?

Why do social networks and cloud computing increase IT security risks? How can those risks be reduced?

A __________ attack occurs when a server or Web site receives a flood of traffic-much more traffic or requests for service than it can handle,causing it to crash.

When dealing with consumer-facing applications,such as online banking and e-commerce,strong authentication must be balanced with __________.

Fraud is nonviolent crime that is carried out using __________.

A majority of data breaches involve some sort of insider error or action either intentional or unintentional.That is,the greatest infosec risks are employees and managers.

__________ is a security technology for wireless networks that improves on the authentication and encryption features of WEP.

From an infosec perspective,__________ has been used by criminals or corporate spies to trick insiders into revealing information or access codes that outsiders should not have

A(n)__________ occurs when a server or Web site receives a flood of traffic-much more traffic or requests for service than it can handle,causing it to crash.

Which of the following is a characteristic of information security in organizations?

An estimated __________ of companies that suffer a significant data loss often go out of business within five years.

A(n)__________ is the probability of a threat exploiting a vulnerability.

Information Systems in the 2010s

Infrastructure and Support Systems

Data,text,and Document Management

Network Management and Mobility

E-Business and E-Commerce

Mobile Computing and Commerce

Web 2.0 and Social Media

Operational Planning and Control Systems

Enterprise Information Systems

Business Intelligence and Decision Support

IT Strategic Planning

Business Process Management and Systems Development

Global Ecology, Ethics, and Social Responsibility

Filters