Exam 5: IT Security,crime,compliance,and Continuity

According to a Workplace E-Mail and Instant Messaging Survey of 840 U.S.companies,approximately__________ have had employee e-mail or text messages subpoenaed as part of a lawsuit or regulatory investigation.

Today,infosec is mostly a technology issue assigned to the IT department.Incidents are handled on a case-by-case "cleanup" basis rather than by taking a preemptive approach to protect ahead of the threats.

The __________ environment is the work atmosphere that a company sets for its employees in order to achieve reliable financial reporting and compliance with laws,regulations,and policies.

Which of the following is not a type of administrative control for information assurance and risk management?

IT risk management includes all of the following except:

Hackers involve unsuspecting insiders in their crimes using tactics called __________ that trick insiders into revealing access codes that outsiders should not have.

In general,risk management is expensive to the organization,but convenient for users.

Fingerprints,retinal scans,and voice scans for user identification are examples of __________ controls.

The infosec defense strategies and controls depend on what needs to be protected and the cost-benefit analysis.That is,companies should neither under-invest nor over-invest.

The major objective of __________ is proof of identity to identify the legitimate user and determine the action he or she is allowed to perform.

Prior to 2002,what was the common perspective on infosec?

IT security is so integral to business objectives that it needs to be treated as a stand-alone function.

Newly released viruses with unidentified signatures or that are hidden in an e-mail attachment are blocked by firewalls and antivirus software from entering a company's network.

Symptoms of fraud that can be detected by internal controls include all of the following except: