Exam 5: IT Security,crime,compliance,and Continuity

Types of unintentional threats that organizations must defend against as part of their IT security measures are human errors,sabotage,environmental hazards,and computer system failures.

Managers have a legal and ethical obligation,which is called __________,to protect the confidential data of the people and partners that they collect,store,and share.

Fraud management starts with corporate governance culture and ethics __________.

One of the worst and most prevalent crimes is __________.

Why do fraud prevention and detection require an effective monitoring system?

Financial institutions,data processing firms,and retail businesses do not have to notify potential victims or reveal data breaches in which customers' personal financial information may have been stolen,lost,or compromised.

Facebook,YouTube,Twitter,LinkedIn,and other social networks are making IT security dangers worse.Why?

A __________ control is an automated method of verifying the identity of a person,based on physical or behavioral characteristics,such as a fingerprint or voice scan.

A(n)__________ is something or someone that may result in harm to an asset.

All of the following are characteristics of firewalls except:

What is the most cost-effective approach to managing fraud?

Under the doctrine of __________ ,senior managers and directors have a fiduciary obligation to use reasonable care to protect the company's business operations.When they fail to meet the company's legal and regulatory duties,they can face lawsuits or other legal action.

__________ is the word that refers to viruses,worms,trojan horses,spyware,and all other types of disruptive,destructive,or unwanted programs.

__________ is the ability of an IS to continue to operate when a failure occurs,usually operating for a limited time or at a reduced level.

An important element in any security system is the __________ plan,also known as the disaster recovery plan,which outlines the process by which businesses should recover from a major disaster.

Sarbanes-Oxley Act is an antifraud law.It forces more accurate business reporting and disclosure of GAAP (generally accepted accounting principles)violations,thus making it necessary to find and root out fraud.

__________ is the supervision,monitoring,and control of the organization's IT assets.COBIT is a guide to best practices in this area.

Which of the following is not one of the essential defenses against botnets and malware?

Sensitive data that are encrypted with wired equivalent privacy (WEP)and transmitted between two wireless devices __________.

__________ refers to the deliberate misuse of the assets of one's employer for personal gain.