Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 25: Valuing and Storing Organizational Informationdatabases

Full screen (f)
exit full mode
Question
Insiders are illegitimate users who purposely or accidentally misuse their access to the environment to do business.
Use Space or
up arrow
down arrow
to flip the card.
Question
Organizations address security risks through two lines of defense. The first is people and the second is technology.
Question
Identity theft is the category of computer security that addresses the protection of data from unauthorized disclosure and confirmation of data source authenticity.
Question
A firewall scrambles information into an alternative form that requires a key or password to decrypt.
Question
Pretexting is a form of social engineering in which one individual lies to obtain confidential data about another individual.
Question
One of the most ineffective ways to set up authentication techniques is by setting up user IDs and passwords.
Question
The three primary information security areas are 1) authentication and authorization, 2) policies and rewards, and 3) detection and response.
Question
Information security policies detail how an organization will implement the information security plan.
Question
Ransomware is a form of social engineering in which one individual lies to obtain confidential data about another individual.
Question
Through pretexting, hackers use their social skills to trick people into revealing access credentials or other valuable information.
Question
Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident are called insiders.
Question
A process of providing a user with permission including access levels and abilities such as file access, hours of access, and amount of allocated storage space is called authentication.
Question
Dumpster diving is another security breach for companies and is where people not associated with the company jump into the company's outside garbage bins and try to gather and steal any valuable company products they can resell on eBay.
Question
Spear phishing is a phishing expedition in which the emails are carefully designed to target a particular person or organization.
Question
The technique to gain personal information for the purpose of identity theft, often through fraudulent emails that look as though they came from legitimate businesses, is called phishing.
Question
Tokens are small electronic devices that change user passwords automatically.
Question
Through social engineering, hackers use their social skills to trick people into revealing access credentials or other valuable information.
Question
Identity theft is the forging of someone's identity for the purpose of fraud.
Question
Biometrics is the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting.
Question
A phishing expedition is a masquerading attack that combines spam with spoofing. The perpetrator sends millions of spam emails that appear to be from a respectable company. The emails contain a link to a website that is designed to look exactly like the company's website. The victim is encouraged to enter his or her username, password, and sometimes credit card information.
Question
Single-factor authentication requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token).
Question
Multifactor authentication requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (biometric verification).
Question
A zombie is a program that secretly takes over another computer for the purpose of launching attacks on other computers.
Question
Spear phishing is a phone scam that attempts to defraud people by asking them to call a bogus telephone number to "confirm" their account information.
Question
A voiceprint is a data file that identifies individuals or organizations online and is comparable to a digital signature.
Question
The goal of multifactor authentication is to make it difficult for an unauthorized person to gain access to a system because, if one security level is broken, the attacker will still have to break through additional levels.
Question
What are the first two lines of defense a company should take when addressing security risks?

A) Technology first, customers second
B) Technology first, people second
C) Innovation first, technology second
D) People first, technology second
Question
Multifactor authentication is the traditional security process, which requires a username and password.
Question
Phishing reroutes requests for legitimate websites to false websites.
Question
Cryptography is the science that studies encryption, which is the hiding of messages so that only the sender and receiver can read them.
Question
Decrypt information is to decode it and is the opposite of encrypt.
Question
Worms are computer viruses that wait for a specific date before executing their instructions.
Question
Single-factor authentication is the traditional security process, which requires a username and password.
Question
A certificate authority is a trusted third party, such as VeriSign, that validates user identities by means of digital certificates.
Question
Two-factor authentication requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token).
Question
A certificate authority is a data file that identifies individuals or organizations online and is comparable to a digital signature.
Question
Single-factor authentication requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (biometric verification).
Question
A voiceprint is a set of measurable characteristics of a human voice that uniquely identifies an individual. These characteristics, which are based on the physical configuration of a speaker's mouth and throat, can be expressed as a mathematical formula. Unfortunately, biometric authentication such as voiceprints can be costly and intrusive.
Question
A pharming attack uses of a zombie farm, often by an organized crime association, to launch a massive phishing attack.
Question
A zombie farm is a group of computers on which a hacker has planted zombie programs.
Question
What area of information security focuses on preventing identity theft, phishing, and pharming scams?

A) Prevention and resistance
B) Detection and authorizing
C) Detection and response
D) Authentication and authorization
Question
What is an insider?

A) A form of social engineering in which one individual lies to obtain confidential data about another individual.
B) A hacker looks through your trash to find personal information.
C) Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.
D) Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Question
Which of the following represents the three areas where technology can aid in the defense against information security attacks?

A) Authentication and authorization, prevention and resistance, prevention and response
B) Authentication and authorization, prevention and response, detection and response
C) Analyzing and authenticating, prevention and repositioning, detection and response
D) Authentication and authorization, prevention and resistance, detection and response
Question
Which of the following is an example of a way to maintain information security that a company should include in their information security policies?

A) Requiring computer users to log off before leaving for lunch
B) Never sharing user or password information with anyone
C) Changing passwords every 30-60 days
D) All of these
Question
What is dumpster diving?

A) A form of social engineering in which one individual lies to obtain confidential data about another individual.
B) A hacker that looks through your trash to find personal information.
C) Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.
D) Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Question
Which of the below represents the biggest problem of information security breaches?

A) People misusing organizational information
B) Technology failures
C) Customers misusing organizational systems
D) Company departments missing sales goals
Question
What is a destructive agent?

A) A form of social engineering in which one individual lies to obtain confidential data about another individual.
B) A hacker looks through your trash to find personal information.
C) Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.
D) Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Question
Janet is a financial aid counselor at a local community college and she shares an office with her three coworkers. Janet feels safe in her office environment and frequently leaves her username and password on a sticky note next to her computer. Without realizing it Janet is creating the potential for which type of information security breach to occur?

A) Insiders to hack into the college system
B) Dumpster diving to find usernames and passwords
C) Viruses and worms to spread through the college system
D) All of these
Question
Imagine you accidently mistype the URL for your bank and you are redirected to a fake website that collects your information. What type of identity theft were you just a victim of?

A) Pharming
B) Worm holes
C) Phishing
D) Insider hacking
Question
What is forging of someone's identity for the purpose of fraud?

A) Identity crisis
B) Identity theft
C) Ediscovery
D) All of these
Question
Working at a ski resort in the mountains has its own unique security issues. Kenny is the chief information officer for Sundance Ski Resort, and he is faced with both physical and information security threats every month. Since the resort implemented a new software system, they have been having larger number of threats and breaches of company information. He suspects that this may be caused by an internal employee. He needs to clarify and establish what type of plan to help reduce further problems?

A) An information security plan
B) An ethical information policy
C) An antivirus plan
D) None of these
Question
Applications allowed to be placed on the corporate network, like IM software, and corporate computer equipment used for personal reason on personal networks are two areas that should be addressed by managers in which of the below company policies?

A) Information ethics policy
B) Information security policy
C) Information technology plan
D) All of these
Question
eBay is an example of an online company that has been faced with numerous security issues. For example, imagine you purchase a digital camera on eBay. Three months later you might receive an email asking you to log in to the system to update your credit card or PayPal information. Of course, this email is not actually from eBay and as soon as you log in your information will be stolen. What type of information security breach would you consider this to be?

A) An Insider
B) Dumpster diving
C) Social engineering
D) Phishing
Question
What is it called when a hacker looks through your trash to find personal information?

A) Striker bunny
B) Dumpster diving
C) Trash retrieval
D) Approved consent
Question
What is a form of social engineering in which one individual lies to obtain confidential data about another individual?

A) Dumpster texting
B) Dumpster diving
C) Trash retrieval
D) Pretexting
Question
What is the process that provides a user with permission including access levels and abilities such as file access, hours of access, and amount of allocated storage space?

A) Pharming
B) Authentication
C) Authorization
D) Programming
Question
What is pretexting?

A) A form of social engineering in which one individual lies to obtain confidential data about another individual.
B) A hacker looks through your trash to find personal information.
C) Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.
D) Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Question
Angela works for an identity protection company that maintains large amounts of sensitive customer information such as usernames, passwords, personal information, and social security numbers. Angela and a coworker decide to use the sensitive information to open credit cards in a few of her customer's names. This is a classic example of which of the following security breaches?

A) A social engineer
B) An insider
C) A spammer
D) A dumpster diver
Question
What is the difference between phishing and pharming?

A) Phishing is not illegal, pharming is illegal
B) Phishing is the right of the company, where pharming is the right of the individual
C) Phishing is a technique to gain personal information for the purpose of identity theft, and pharming reroutes requests for legitimate websites to false websites
D) All of these
Question
Using one's social skills to trick people into revealing access credentials or other valuable information is called ________.

A) social engineering
B) social media
C) social viruses
D) social processes
Question
How do prevention and resistance technologies stop intruders from accessing and reading sensitive information?

A) Content filtering, encryption, and firewalls
B) Calculating, locking, and firewalls
C) Content prohibiting, and cookies
D) None of these
Question
The best and most effective way to manage authentication is through ________.

A) smart technology card
B) tokens
C) biometrics
D) passwords
Question
The most secure procedures combine which of the following authentication and authorization techniques?

A) Something the user knows, such as a user ID and password
B) Something the user has, such as a smart card or token
C) Something that is part of the user, such as a fingerprint or voice signature
D) All of these
Question
What is a device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing?

A) Token
B) Password
C) Smart card
D) Biometrics
Question
What type of encryption technology uses multiple keys, one for public and one for private?

A) Private key encryption
B) Policy key encryption
C) Public key encryption
D) Protective key code
Question
Which of the following occurs when organizations use software that filters content, such as email, to prevent the accidental or malicious transmission of unauthorized information?

A) Antivirus software
B) Content filtering
C) Encryption
D) Firewalls
Question
What is a data file that identifies individuals or organizations online and is comparable to a digital signature?

A) Digital code
B) Digital sign
C) Digital certificate
D) Digital card
Question
What is a method for confirming users' identities?

A) Phishing
B) Authentication
C) Authorization
D) Programming
Question
Which of the following protection techniques scans and searches hard drives to prevent, detect, and remove known viruses, adware, and spyware?

A) Firewall
B) Digital certificate
C) Virus software
D) Antivirus software
Question
Which of the following is the main drawback of biometrics?

A) It is considered illegal
B) It is viewed as an invasion of privacy
C) It can be costly and intrusive
D) It requires constant monitoring and upgrading
Question
What prevention technique scrambles information into an alternative form that requires a key or password to decrypt?

A) Encryption
B) Content filtering
C) Firewalls
D) Antivirus software
Question
What is the most secure type of authentication?

A) Something the user knows such as a user ID and password
B) Something the user has such as a smart card or token
C) Something that is part of the user such as a fingerprint or voice signature
D) Combination of all of these
Question
A smart card is a device the size of a credit card that contains embedded technology that stores information and small amounts of software, and can act as ________.

A) identification instruments
B) a form of digital cash
C) a data storage device
D) All of these
Question
What is the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting?

A) Smart card
B) Token
C) Biometrics
D) Content filtering
Question
What must you do with antivirus software to make it protect effectively?

A) Must never upgrade or change vendors
B) Must download a portable button for it to activate
C) Must frequently update it to protect against viruses
D) All of these
Question
What is hardware or software that guards a private network by analyzing incoming and outgoing information for the correct markings?

A) Firewall
B) Certificate authority
C) Online certificate
D) Digital certificate
Question
Which of the following is not considered a form of biometrics?

A) Iris scan
B) Password
C) Fingerprint
D) Handwriting
Question
Charles Mott works for a company called VeriSign that acts a trusted third party to verify information. One of Charles' largest clients is CheckMd, which holds and authenticates customer reviews of doctors and dentists online and having a third party validating the reviews is critical to CheckMd's success. What type of authentication technique is VeriSign providing for CheckMD?

A) Firewall
B) Certificate authority
C) Online certificate
D) Digital content certificate
Question
What can encryption technology perform?

A) Switch the order of characters
B) Replace characters with other characters
C) Insert or remove characters
D) All of these
Question
Which of the following systems is designed with full-time monitoring tools that search for patterns in network traffic to identify intruders and to protect against suspicious network traffic which attempts to access files and data?

A) Interconnected data software (IDS)
B) Intrusion detection software (IDS)
C) Security Information system (SIS)
D) Internet detection scanner (IDS)
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/113
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 25: Valuing and Storing Organizational Informationdatabases
1
Insiders are illegitimate users who purposely or accidentally misuse their access to the environment to do business.
False
2
Organizations address security risks through two lines of defense. The first is people and the second is technology.
True
3
Identity theft is the category of computer security that addresses the protection of data from unauthorized disclosure and confirmation of data source authenticity.
False
4
A firewall scrambles information into an alternative form that requires a key or password to decrypt.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
5
Pretexting is a form of social engineering in which one individual lies to obtain confidential data about another individual.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
6
One of the most ineffective ways to set up authentication techniques is by setting up user IDs and passwords.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
7
The three primary information security areas are 1) authentication and authorization, 2) policies and rewards, and 3) detection and response.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
8
Information security policies detail how an organization will implement the information security plan.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
9
Ransomware is a form of social engineering in which one individual lies to obtain confidential data about another individual.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
10
Through pretexting, hackers use their social skills to trick people into revealing access credentials or other valuable information.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
11
Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident are called insiders.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
12
A process of providing a user with permission including access levels and abilities such as file access, hours of access, and amount of allocated storage space is called authentication.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
13
Dumpster diving is another security breach for companies and is where people not associated with the company jump into the company's outside garbage bins and try to gather and steal any valuable company products they can resell on eBay.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
14
Spear phishing is a phishing expedition in which the emails are carefully designed to target a particular person or organization.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
15
The technique to gain personal information for the purpose of identity theft, often through fraudulent emails that look as though they came from legitimate businesses, is called phishing.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
16
Tokens are small electronic devices that change user passwords automatically.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
17
Through social engineering, hackers use their social skills to trick people into revealing access credentials or other valuable information.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
18
Identity theft is the forging of someone's identity for the purpose of fraud.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
19
Biometrics is the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
20
A phishing expedition is a masquerading attack that combines spam with spoofing. The perpetrator sends millions of spam emails that appear to be from a respectable company. The emails contain a link to a website that is designed to look exactly like the company's website. The victim is encouraged to enter his or her username, password, and sometimes credit card information.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
21
Single-factor authentication requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token).
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
22
Multifactor authentication requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (biometric verification).
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
23
A zombie is a program that secretly takes over another computer for the purpose of launching attacks on other computers.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
24
Spear phishing is a phone scam that attempts to defraud people by asking them to call a bogus telephone number to "confirm" their account information.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
25
A voiceprint is a data file that identifies individuals or organizations online and is comparable to a digital signature.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
26
The goal of multifactor authentication is to make it difficult for an unauthorized person to gain access to a system because, if one security level is broken, the attacker will still have to break through additional levels.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
27
What are the first two lines of defense a company should take when addressing security risks?

A) Technology first, customers second
B) Technology first, people second
C) Innovation first, technology second
D) People first, technology second
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
28
Multifactor authentication is the traditional security process, which requires a username and password.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
29
Phishing reroutes requests for legitimate websites to false websites.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
30
Cryptography is the science that studies encryption, which is the hiding of messages so that only the sender and receiver can read them.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
31
Decrypt information is to decode it and is the opposite of encrypt.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
32
Worms are computer viruses that wait for a specific date before executing their instructions.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
33
Single-factor authentication is the traditional security process, which requires a username and password.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
34
A certificate authority is a trusted third party, such as VeriSign, that validates user identities by means of digital certificates.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
35
Two-factor authentication requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token).
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
36
A certificate authority is a data file that identifies individuals or organizations online and is comparable to a digital signature.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
37
Single-factor authentication requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (biometric verification).
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
38
A voiceprint is a set of measurable characteristics of a human voice that uniquely identifies an individual. These characteristics, which are based on the physical configuration of a speaker's mouth and throat, can be expressed as a mathematical formula. Unfortunately, biometric authentication such as voiceprints can be costly and intrusive.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
39
A pharming attack uses of a zombie farm, often by an organized crime association, to launch a massive phishing attack.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
40
A zombie farm is a group of computers on which a hacker has planted zombie programs.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
41
What area of information security focuses on preventing identity theft, phishing, and pharming scams?

A) Prevention and resistance
B) Detection and authorizing
C) Detection and response
D) Authentication and authorization
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
42
What is an insider?

A) A form of social engineering in which one individual lies to obtain confidential data about another individual.
B) A hacker looks through your trash to find personal information.
C) Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.
D) Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
43
Which of the following represents the three areas where technology can aid in the defense against information security attacks?

A) Authentication and authorization, prevention and resistance, prevention and response
B) Authentication and authorization, prevention and response, detection and response
C) Analyzing and authenticating, prevention and repositioning, detection and response
D) Authentication and authorization, prevention and resistance, detection and response
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
44
Which of the following is an example of a way to maintain information security that a company should include in their information security policies?

A) Requiring computer users to log off before leaving for lunch
B) Never sharing user or password information with anyone
C) Changing passwords every 30-60 days
D) All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
45
What is dumpster diving?

A) A form of social engineering in which one individual lies to obtain confidential data about another individual.
B) A hacker that looks through your trash to find personal information.
C) Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.
D) Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
46
Which of the below represents the biggest problem of information security breaches?

A) People misusing organizational information
B) Technology failures
C) Customers misusing organizational systems
D) Company departments missing sales goals
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
47
What is a destructive agent?

A) A form of social engineering in which one individual lies to obtain confidential data about another individual.
B) A hacker looks through your trash to find personal information.
C) Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.
D) Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
48
Janet is a financial aid counselor at a local community college and she shares an office with her three coworkers. Janet feels safe in her office environment and frequently leaves her username and password on a sticky note next to her computer. Without realizing it Janet is creating the potential for which type of information security breach to occur?

A) Insiders to hack into the college system
B) Dumpster diving to find usernames and passwords
C) Viruses and worms to spread through the college system
D) All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
49
Imagine you accidently mistype the URL for your bank and you are redirected to a fake website that collects your information. What type of identity theft were you just a victim of?

A) Pharming
B) Worm holes
C) Phishing
D) Insider hacking
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
50
What is forging of someone's identity for the purpose of fraud?

A) Identity crisis
B) Identity theft
C) Ediscovery
D) All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
51
Working at a ski resort in the mountains has its own unique security issues. Kenny is the chief information officer for Sundance Ski Resort, and he is faced with both physical and information security threats every month. Since the resort implemented a new software system, they have been having larger number of threats and breaches of company information. He suspects that this may be caused by an internal employee. He needs to clarify and establish what type of plan to help reduce further problems?

A) An information security plan
B) An ethical information policy
C) An antivirus plan
D) None of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
52
Applications allowed to be placed on the corporate network, like IM software, and corporate computer equipment used for personal reason on personal networks are two areas that should be addressed by managers in which of the below company policies?

A) Information ethics policy
B) Information security policy
C) Information technology plan
D) All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
53
eBay is an example of an online company that has been faced with numerous security issues. For example, imagine you purchase a digital camera on eBay. Three months later you might receive an email asking you to log in to the system to update your credit card or PayPal information. Of course, this email is not actually from eBay and as soon as you log in your information will be stolen. What type of information security breach would you consider this to be?

A) An Insider
B) Dumpster diving
C) Social engineering
D) Phishing
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
54
What is it called when a hacker looks through your trash to find personal information?

A) Striker bunny
B) Dumpster diving
C) Trash retrieval
D) Approved consent
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
55
What is a form of social engineering in which one individual lies to obtain confidential data about another individual?

A) Dumpster texting
B) Dumpster diving
C) Trash retrieval
D) Pretexting
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
56
What is the process that provides a user with permission including access levels and abilities such as file access, hours of access, and amount of allocated storage space?

A) Pharming
B) Authentication
C) Authorization
D) Programming
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
57
What is pretexting?

A) A form of social engineering in which one individual lies to obtain confidential data about another individual.
B) A hacker looks through your trash to find personal information.
C) Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.
D) Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
58
Angela works for an identity protection company that maintains large amounts of sensitive customer information such as usernames, passwords, personal information, and social security numbers. Angela and a coworker decide to use the sensitive information to open credit cards in a few of her customer's names. This is a classic example of which of the following security breaches?

A) A social engineer
B) An insider
C) A spammer
D) A dumpster diver
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
59
What is the difference between phishing and pharming?

A) Phishing is not illegal, pharming is illegal
B) Phishing is the right of the company, where pharming is the right of the individual
C) Phishing is a technique to gain personal information for the purpose of identity theft, and pharming reroutes requests for legitimate websites to false websites
D) All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
60
Using one's social skills to trick people into revealing access credentials or other valuable information is called ________.

A) social engineering
B) social media
C) social viruses
D) social processes
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
61
How do prevention and resistance technologies stop intruders from accessing and reading sensitive information?

A) Content filtering, encryption, and firewalls
B) Calculating, locking, and firewalls
C) Content prohibiting, and cookies
D) None of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
62
The best and most effective way to manage authentication is through ________.

A) smart technology card
B) tokens
C) biometrics
D) passwords
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
63
The most secure procedures combine which of the following authentication and authorization techniques?

A) Something the user knows, such as a user ID and password
B) Something the user has, such as a smart card or token
C) Something that is part of the user, such as a fingerprint or voice signature
D) All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
64
What is a device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing?

A) Token
B) Password
C) Smart card
D) Biometrics
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
65
What type of encryption technology uses multiple keys, one for public and one for private?

A) Private key encryption
B) Policy key encryption
C) Public key encryption
D) Protective key code
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
66
Which of the following occurs when organizations use software that filters content, such as email, to prevent the accidental or malicious transmission of unauthorized information?

A) Antivirus software
B) Content filtering
C) Encryption
D) Firewalls
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
67
What is a data file that identifies individuals or organizations online and is comparable to a digital signature?

A) Digital code
B) Digital sign
C) Digital certificate
D) Digital card
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
68
What is a method for confirming users' identities?

A) Phishing
B) Authentication
C) Authorization
D) Programming
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
69
Which of the following protection techniques scans and searches hard drives to prevent, detect, and remove known viruses, adware, and spyware?

A) Firewall
B) Digital certificate
C) Virus software
D) Antivirus software
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
70
Which of the following is the main drawback of biometrics?

A) It is considered illegal
B) It is viewed as an invasion of privacy
C) It can be costly and intrusive
D) It requires constant monitoring and upgrading
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
71
What prevention technique scrambles information into an alternative form that requires a key or password to decrypt?

A) Encryption
B) Content filtering
C) Firewalls
D) Antivirus software
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
72
What is the most secure type of authentication?

A) Something the user knows such as a user ID and password
B) Something the user has such as a smart card or token
C) Something that is part of the user such as a fingerprint or voice signature
D) Combination of all of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
73
A smart card is a device the size of a credit card that contains embedded technology that stores information and small amounts of software, and can act as ________.

A) identification instruments
B) a form of digital cash
C) a data storage device
D) All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
74
What is the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting?

A) Smart card
B) Token
C) Biometrics
D) Content filtering
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
75
What must you do with antivirus software to make it protect effectively?

A) Must never upgrade or change vendors
B) Must download a portable button for it to activate
C) Must frequently update it to protect against viruses
D) All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
76
What is hardware or software that guards a private network by analyzing incoming and outgoing information for the correct markings?

A) Firewall
B) Certificate authority
C) Online certificate
D) Digital certificate
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
77
Which of the following is not considered a form of biometrics?

A) Iris scan
B) Password
C) Fingerprint
D) Handwriting
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
78
Charles Mott works for a company called VeriSign that acts a trusted third party to verify information. One of Charles' largest clients is CheckMd, which holds and authenticates customer reviews of doctors and dentists online and having a third party validating the reviews is critical to CheckMd's success. What type of authentication technique is VeriSign providing for CheckMD?

A) Firewall
B) Certificate authority
C) Online certificate
D) Digital content certificate
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
79
What can encryption technology perform?

A) Switch the order of characters
B) Replace characters with other characters
C) Insert or remove characters
D) All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
80
Which of the following systems is designed with full-time monitoring tools that search for patterns in network traffic to identify intruders and to protect against suspicious network traffic which attempts to access files and data?

A) Interconnected data software (IDS)
B) Intrusion detection software (IDS)
C) Security Information system (SIS)
D) Internet detection scanner (IDS)
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree