Question 1

Backup and recovery procedures are recommended only to safeguard against hardware/software failures.

Accepted Answer

A) True 
 B)False  False

Question 2

Making and distributing information goods to which you do not own the ___ is referred to as ____.

Accepted Answer

A)  copyright, piracy 
B)  intellectual property, piracy 
C)  copyright, appropriation 
D)  intellectual property, theft 
A)  copyright, piracy 
B)  intellectual property, piracy 
C)  copyright, appropriation 
D)  intellectual property, theft A

Question 3

Which of the following can be classified as unintentional threats to information systems caused by human errors?

Accepted Answer

A)  Selecting a weak password 
B)  Revealing your password 
C)  Leaking company data to others 
D)  Both (a) and (b) 
E)  None of the above 
A)  Selecting a weak password 
B)  Revealing your password 
C)  Leaking company data to others 
D)  Both (a) and (b) 
E)  None of the above A

Question 4

Implementing controls to prevent threats from occurring and developing a recovery plan should the threats occur are two broad functions of

Accepted Answer

A)  Risk mitigation. 
B)  Risk acknowledgement. 
C)  Risk acceptance. 
D)  All of the above. 
A)  Risk mitigation. 
B)  Risk acknowledgement. 
C)  Risk acceptance. 
D)  All of the above.

Question 5

Whereas phishing attacks are ____ , denial of service attacks are ____.

Accepted Answer

A)  remote attacks requiring user action, remote attacks requiring no user action 
B)  remote attacks requiring no user action, attacks by a programmer developing a system 
C)  remote attacks requiring no user action, remote attacks requiring user action 
D)  Distributed remote attacks requiring user action, attacks by a programmer developing a system 
A)  remote attacks requiring user action, remote attacks requiring no user action 
B)  remote attacks requiring no user action, attacks by a programmer developing a system 
C)  remote attacks requiring no user action, remote attacks requiring user action 
D)  Distributed remote attacks requiring user action, attacks by a programmer developing a system

Question 6

An information system's ____ is the likelihood that the system or resource will be compromised by a ____ that will result in its ____ to further attacks.

Accepted Answer

A)  Vulnerability, threat, exposure 
B)  Vulnerability, security, threat 
C)  Threat, vulnerability, liability 
D)  Threat, vulnerability, exposure 
A)  Vulnerability, threat, exposure 
B)  Vulnerability, security, threat 
C)  Threat, vulnerability, liability 
D)  Threat, vulnerability, exposure

Question 7

_____ can be used to create strong passwords that are easy to remember.

Accepted Answer

A)  Mnemonics 
B)  Passphrases 
C)  Birthdates 
D)  Numbers 
A)  Mnemonics 
B)  Passphrases 
C)  Birthdates 
D)  Numbers

Question 8

Computer programs like CAPTCHA are used to counter

Accepted Answer

A)  Hackers using key loggers. 
B)  Malware. 
C)  Hackers using screen scrappers. 
D)  Websites leaving cookies on the local machine. 
A)  Hackers using key loggers. 
B)  Malware. 
C)  Hackers using screen scrappers. 
D)  Websites leaving cookies on the local machine.

Question 9

An unintentional attack in which the perpetrator uses social skills to trick or manipulate a legitimate employee into providing confidential company information is known as:

Accepted Answer

A)  Trespass. 
B)  Social engineering. 
C)  Identity theft. 
D)  Information extortion. 
A)  Trespass. 
B)  Social engineering. 
C)  Identity theft. 
D)  Information extortion.

Question 10

Buying health insurance is an example of risk ____, whereas going without is an example of risk _____.

Accepted Answer

A)  transference, limitation 
B)  transference, acceptance 
C)  limitation, acceptance 
D)  limitation, transference 
A)  transference, limitation 
B)  transference, acceptance 
C)  limitation, acceptance 
D)  limitation, transference

Question 11

Access controls consist of ____, which confirms user identity, and ____, which determines user access levels.

Accepted Answer

A)  access, privileges 
B)  authorization, privileges 
C)  authentication, authorization 
D)  passwords, privileges 
A)  access, privileges 
B)  authorization, privileges 
C)  authentication, authorization 
D)  passwords, privileges

Backup and recovery procedures are recommended only to safeguard against hardware/software failures.

Making and distributing information goods to which you do not own the _ is referred to as __.

Which of the following can be classified as unintentional threats to information systems caused by human errors?

Implementing controls to prevent threats from occurring and developing a recovery plan should the threats occur are two broad functions of

Whereas phishing attacks are , denial of service attacks are .

An information system's is the likelihood that the system or resource will be compromised by a that will result in its to further attacks.

_____ can be used to create strong passwords that are easy to remember.

Computer programs like CAPTCHA are used to counter

An unintentional attack in which the perpetrator uses social skills to trick or manipulate a legitimate employee into providing confidential company information is known as:

Buying health insurance is an example of risk , whereas going without is an example of risk _.

Access controls consist of , which confirms user identity, and , which determines user access levels.

Introduction to Information Systems

Organizational Strategy, Competitive Advantage, and Information Systems

Ethics and Privacy

Data and Knowledge Management

Telecommunications and Networking

E-Business and E-Commerce

Wireless, Mobile Computing, and Mobile Commerce

Information Systems within the Organization

Customer Relationship Management and Supply Chain Management

Business Analytics

Acquiring Information Systems and Applications

Technology Guide 5: Protecting Your Information Assets

Filters

Exam 4: Information Security and Controls

Backup and recovery procedures are recommended only to safeguard against hardware/software failures.

Making and distributing information goods to which you do not own the ___ is referred to as ____.

Which of the following can be classified as unintentional threats to information systems caused by human errors?

Implementing controls to prevent threats from occurring and developing a recovery plan should the threats occur are two broad functions of

Whereas phishing attacks are ____ , denial of service attacks are ____.

An information system's ____ is the likelihood that the system or resource will be compromised by a ____ that will result in its ____ to further attacks.

_____ can be used to create strong passwords that are easy to remember.

Computer programs like CAPTCHA are used to counter

An unintentional attack in which the perpetrator uses social skills to trick or manipulate a legitimate employee into providing confidential company information is known as:

Buying health insurance is an example of risk ____, whereas going without is an example of risk _____.

Access controls consist of ____, which confirms user identity, and ____, which determines user access levels.

Introduction to Information Systems

Organizational Strategy, Competitive Advantage, and Information Systems

Ethics and Privacy

Data and Knowledge Management

Telecommunications and Networking

E-Business and E-Commerce

Wireless, Mobile Computing, and Mobile Commerce

Information Systems within the Organization

Customer Relationship Management and Supply Chain Management

Business Analytics

Acquiring Information Systems and Applications

Technology Guide 5: Protecting Your Information Assets

Filters

Making and distributing information goods to which you do not own the _ is referred to as __.

Whereas phishing attacks are , denial of service attacks are .

An information system's is the likelihood that the system or resource will be compromised by a that will result in its to further attacks.

Buying health insurance is an example of risk , whereas going without is an example of risk _.

Access controls consist of , which confirms user identity, and , which determines user access levels.