Chat with AI
Deck 13: Security, Privacy, and Ethics
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/29
Play
Full screen (f)
Deck 13: Security, Privacy, and Ethics
1
Risk Audit provides the basis for:
A) Risk Reduction
B) Risk Transference
C) Risk Analysis
D) Reward Mechanism
E) Risk increase
A) Risk Reduction
B) Risk Transference
C) Risk Analysis
D) Reward Mechanism
E) Risk increase
Risk Analysis
2
Security should be on managers' radar screens because of peculiar characteristics that run the risk of leaving it what?
A) Underfunded
B) Overfunded
C) Overstaffed
D) Irrelevant
E) Neutralized
A) Underfunded
B) Overfunded
C) Overstaffed
D) Irrelevant
E) Neutralized
Underfunded
3
Why is security considered a negative deliverable?
A) It costs money
B) It produces only tangible benefits
C) It does not affect profits whether it is done well or poorly
D) It is largely ignored
E) It produces no revenue or efficiency
A) It costs money
B) It produces only tangible benefits
C) It does not affect profits whether it is done well or poorly
D) It is largely ignored
E) It produces no revenue or efficiency
It produces no revenue or efficiency
4
Risk mitigation allows the organization to do what?
A) Devise optimal strategies
B) Prevent security issues from every happening in the first place
C) Keep both costs and risks at minimum levels
D) Maximize failure costs
E) Reward IT workers when no issues arise
A) Devise optimal strategies
B) Prevent security issues from every happening in the first place
C) Keep both costs and risks at minimum levels
D) Maximize failure costs
E) Reward IT workers when no issues arise
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
5
When a company is faced with a security threat, they have which three strategies available to them?
A) Acceptance, avoidance, and transference
B) Acceptance, reduction, and transference
C) Avoidance, reduction, and transference
D) Acceptance, avoidance, and reduction
E) All of the above
A) Acceptance, avoidance, and transference
B) Acceptance, reduction, and transference
C) Avoidance, reduction, and transference
D) Acceptance, avoidance, and reduction
E) All of the above
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
6
Which of the following strategies is associated with increased potential for failure?
A) Acceptance
B) Avoidance
C) Reduction
D) Transference
E) Analysis
A) Acceptance
B) Avoidance
C) Reduction
D) Transference
E) Analysis
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
7
Insurance costs are most directly associated with which risk strategy?
A) Acceptance
B) Avoidance
C) Reduction
D) Transference
E) Analysis
A) Acceptance
B) Avoidance
C) Reduction
D) Transference
E) Analysis
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
8
Increased anticipation costs are most directly associated with which risk strategy?
A) Acceptance
B) Avoidance
C) Reduction
D) Transference
E) Analysis
A) Acceptance
B) Avoidance
C) Reduction
D) Transference
E) Analysis
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
9
Which of the following is an example of an internal threat?
A) Viruses
B) Intrusions
C) Social Engineering
D) Backdoors
E) Angry Employees
A) Viruses
B) Intrusions
C) Social Engineering
D) Backdoors
E) Angry Employees
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
10
Which of the following refers to code built into a program to allow the programmer a way to bypass password protection?
A) Password Spoofing
B) Bugs
C) Viruses
D) Phishing
E) Backdoors
A) Password Spoofing
B) Bugs
C) Viruses
D) Phishing
E) Backdoors
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
11
Which of the following is an automated method of seeking passwords?
A) Phishing
B) Social Engineering
C) Software bugs
D) Backdoors
E) Careless behavior
A) Phishing
B) Social Engineering
C) Software bugs
D) Backdoors
E) Careless behavior
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
12
Which of the following is not a form of malware?
A) Viruses
B) Spyware
C) Sniffers
D) Keyloggers
E) Worms
A) Viruses
B) Spyware
C) Sniffers
D) Keyloggers
E) Worms
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
13
Why is a Trojan horse not a virus?
A) It does not have a payload
B) It does not have a trigger event
C) It does not replicate
D) It is a legitimate form of security protection
E) It does not do anything harmful
A) It does not have a payload
B) It does not have a trigger event
C) It does not replicate
D) It is a legitimate form of security protection
E) It does not do anything harmful
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
14
Why is spyware usually not considered a virus?
A) It does not replicate
B) It does not have a payload
C) It does not do anything other than watch what the user does
D) It only shows advertisements
E) None of the above. They are always viruses
A) It does not replicate
B) It does not have a payload
C) It does not do anything other than watch what the user does
D) It only shows advertisements
E) None of the above. They are always viruses
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
15
Which of the following is a viable method of dealing with internal security threats?
A) Antivirus software
B) Policies regarding what computing resources are accessible to whom
C) Firewalls
D) Policies that mandate frequent updates to programs and such
E) Not immediately deleting terminated employees
A) Antivirus software
B) Policies regarding what computing resources are accessible to whom
C) Firewalls
D) Policies that mandate frequent updates to programs and such
E) Not immediately deleting terminated employees
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
16
IT Risk Management is the process of identifying and measuring information systems security risks to devise the optimal mitigation strategy.
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
17
Creating security policies that spell out the behaviors that should be follow in order to minimize security risks and auditing the policies to ensure compliance will mitigate security risks.
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
18
Function Creep, when used in terms of privacy risks, refers to new technological advances and devices that generate more data than ever.
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
19
Malicious cyberactivity is decreasing due to improvements in software protection systems.
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
20
Biometrics refers to the use of a measurement of some biological parameter to uniquely identify users.
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
21
Security is generally considered to be a responsibility of the IT department, why should security not be considered an IT problem?
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
22
Define and describe Risk Mitigation
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
23
List and describe the three Risk Mitigation Strategies available to an organization
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
24
There are both external and internal threats that can compromise a firm's security. What are two of the potential internal security threats?
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
25
There are many types of malicious code that intruders can use to compromise a firm's IT assets. List and describe three of them.
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
26
What are some characteristics of an Information Systems Ethics Code of Conduct?
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
27
What are firewalls and where are they typically utilized in an organization?
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
28
What is encryption and where is it often used in an organization? Provide several differing examples.
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
29
What are the principal challenges associated with information system ethics? Provide examples of each.
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 29 flashcards in this deck.
