Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 10: Information Systems Security

Full screen (f)
exit full mode
Question
Human error cannot cause unauthorized data disclosure.
Use Space or
up arrow
down arrow
to flip the card.
Question
A ________ is a person or an organization that seeks to obtain or alter data or other IS assets illegally, without the owner's permission and often without the owner's knowledge.

A) target
B) vulnerability
C) threat
D) key escrow
E) cipher
Question
Spoofing occurs when someone pretends to be someone else.
Question
Sally has been working really hard lately and asks her manager for a raise. Her manager tells her that she is already the highest paid employee on the floor. Sally doesn't believe her manager, and illegally accesses the employee database to look at salary data. Sally's act can be termed as ________.

A) pretexting
B) phishing
C) hacking
D) spoofing
E) skimming
Question
Email spoofing is a synonym for ________.

A) hacking
B) phishing
C) usurping
D) sniffing
E) baiting
Question
________ present(s) the largest risk for an organization's infrastructure loss.

A) Employees' dissatisfaction
B) Natural disasters
C) Hackers
D) Competitors
E) Electromagnetic pulse weapons
Question
Which of the following usually happens in a malicious denial-of-service attack?

A) A hacker monitors and intercepts wireless traffic at will.
B) A hacker floods a Web server with many millions of bogus service requests.
C) An intruder uses another site's IP address to masquerade as that other site.
D) A phisher pretends to be a legitimate company and requests confidential data.
E) A hacker identifies vulnerabilities in network hosts.
Question
Which of the following is most likely to be a result of hacking?

A) certain Web sites being censored for hurting sentiments
B) small amounts of spam in a user's inbox
C) an unauthorized transaction from a user's credit card
D) pop-up ads appearing frequently
E) slowing of network speed
Question
Which of the following is considered a computer crime?

A) accidental deletion of important records
B) poorly written programs resulting in information loss
C) loss of data as a result of flooding
D) hacking of information systems
E) failure to correctly back up customer data
Question
Which of the following is a sniffing technique?

A) IP spoofing
B) caches
C) denial of service
D) adware
E) port scanner
Question
In the context of security threats, pretexting, sniffing, spoofing, and phishing are all examples of ________.

A) unauthorized data disclosure
B) incorrect data modification
C) faulty services
D) loss of infrastructure
E) SQL injection
Question
________ take computers with wireless connections through an area and search for unprotected wireless networks, and then monitor and intercept wireless traffic on unsecured wireless networks.

A) Keyloggers
B) Pretexters
C) Wardrivers
D) Phishers
E) Tibutors
Question
________ occurs through human error when employees do not follow proper procedures or when procedures have not been well designed.

A) Unauthorized data disclosure
B) Incorrect data modification
C) Denial of service
D) Loss of infrastructure
E) Unauthorized data encryption
Question
Stan loves collecting stamps. He receives an email that appears to come from a well-known stamp auction site asking him to reset his username and password. He clicks on the link and it takes him to a site that looks similar to the auction site, but the Web address is "scrambled" and unreadable. He emails the customer service desk at the auction site and discovers they never sent the email. This scenario is an example of attempted ________.

A) hacking
B) phishing
C) sniffing
D) wardriving
E) stack smashing
Question
________ is a sophisticated, possibly long-running computer hack that is perpetrated by large, well-funded organizations such as governments.

A) State sponsored threat
B) Lengthy collective
C) Poisoned pool
D) Hacker collective
E) Advanced persistent threat
Question
Which of the following is considered a threat caused by human error?

A) an employee inadvertently installing an old database on top of the current one
B) an employee intentionally destroying data and system components
C) a virus and worm writer infecting computer systems
D) a hacker breaking into a system to steal for financial gain
E) a tsunami floods a data center causing total data loss
Question
A person claiming to be from central IT called Chris and asked him to participate in a password reset audit. The person had Chris change his password to the word "123456", and then again to a secret passphrase only Chris knew. Later that day Chris noticed odd system behavior, and then the system crashed. Chris was a victim of ________.

A) hacking
B) usurping
C) sniffing
D) pretexting
E) appropriating
Question
________ occurs when computer criminals invade a computer system and replace legitimate programs with their own, unauthorized ones that shut down legitimate applications.

A) Encryption
B) Spoofing
C) Phishing
D) Usurpation
E) Spear Phishing
Question
________ is a technique for intercepting computer communications through a physical connection to a network or without a physical connection in the case of wireless networks.

A) Spoofing
B) Phishing
C) Sniffing
D) Pretexting
E) Port scanning
Question
A computer crime is committed if an employee inadvertently installs an old database on top of the current one.
Question
Most emails and IMs are protected by encryption.
Question
Email spoofing is a synonym for phishing.
Question
Which of the following is a personal security safeguard?

A) sending valuable data only via email or IM
B) using single password for all the sites
C) removing high-value assets from computers
D) storing browsing history, temporary files, and cookies
E) disabling operating system updates
Question
One of the personal security safeguards is to use https at trusted, reputable vendors.
Question
IP spoofing occurs when an intruder uses another site's IP address to masquerade as that other site.
Question
Cookies enable an individual to access Web sites without having to sign in every time.
Question
Which of the following statements is True about losses due to computer security threats?

A) Surveys on computer crimes provide accurate results since they use standard parameters to measure and tally computer crime costs.
B) Surveys suggest that some organizations do not report all their computer crime losses, and some will not report such losses at all.
C) Losses due to natural disasters can be measured accurately.
D) Losses due to human error are insignificant.
E) Losses due to hacking may be overstated.
Question
Faulty service excludes problems that result due to incorrect data modification.
Question
________ are small files that enables a browser to access Web sites without having to sign in every time.

A) Cookies
B) Botnets
C) Payloads
D) Public keys
E) Web bugs
Question
Define threat, vulnerability, safeguard, and target.
Question
Describe the magnitude of security problems in the present day.
Question
Nonword passwords are vulnerable to a ________ attack in which the password cracker tries every possible combination of characters.

A) denial-of-service
B) sniffing
C) brute force
D) phishing
E) nuanced
Question
What is meant by denial of service?
Question
Phishing is a technique for obtaining unauthorized data that uses pretexting via email.
Question
Define pretexting, phishing, spoofing, and sniffing.
Question
Natural disasters present the largest risk for infrastructure loss.
Question
Removing and disabling ________ that may contain sensitive security data presents an excellent example of the trade-off between improved security and cost.

A) bookmarks
B) pop-ups
C) cookies
D) toolbars
E) key loggers
Question
The losses due to human error are minimal, and hence, organizations tend to ignore these losses.
Question
What are the three general sources of security threats?
Question
A denial-of-service attack is launched when a hacker takes computers with wireless connections through an area and searches for unprotected wireless networks.
Question
Which of the following statements is True about the Secure Sockets Layer (SSL)?

A) It uses asymmetric encryption exclusively.
B) It is used to send sensitive data such as credit card numbers.
C) It uses one set of encryption keys for multiple sessions.
D) It is a stronger version of https.
E) It is used in wireless encryption suites.
Question
A(n) ________ has a microchip in it to hold data.

A) ATM card
B) smart card
C) cookie
D) key escrow
E) dropper
Question
A ________ examines each part of a message and determines whether to let that part pass.

A) packet-filtering firewall
B) private key
C) mail server
D) wardriver
E) nmap
Question
In the context of malware protection, the program code that causes the unwanted actions is called the ________.

A) payload
B) kernel
C) bot herder
D) key escrow
E) bundler
Question
A ________ is a string of bits used to encrypt data.

A) key
B) honeypot
C) cookie
D) cache
E) cipher
Question
Layla is purchasing a new laptop from an online vendor. Which of the following will be displayed in the address bar of his browser that will let her know that the online retailer is using the Secure Sockets Layer (SSL) protocol?

A) ftp
B) www
C) https
D) )com
E) smtp
Question
List various personal security safeguards.
Question
Which of the following is classified as a technical safeguard?

A) cookies
B) firewalls
C) key escrow
D) passwords
E) training
Question
In information security, which of the following is True about managing risk?

A) All organizations except financial institutions should invest heavily in security safeguards.
B) Organizations should implement safeguards that balance the trade-off between risk and cost.
C) Passwords are classified as technical safeguards.
D) Physical security is classified as human safeguards.
E) All risks should be eliminated.
Question
With ________, the sender and receiver transmit a message using different keys.

A) asymmetric encryption
B) a block cipher
C) symmetric encryption
D) a stream cipher
E) a Caesar shift
Question
What is the basic information that a security policy must stipulate?
Question
Packet-filtering firewalls ________.

A) can filter both inbound and outbound traffic
B) examine the destination address but not the source address
C) are the most complex type of firewall
D) seldom examine the data or the addresses of the message
E) can examine the contents of VPN packets
Question
Which of the following is a critical security function that should be addressed by the senior management of an organization?

A) sharing the private key with all systems connected to the network
B) creating IS security software programs
C) establishing the security policy
D) avoiding the use of perimeter firewalls
E) reducing internal systems auditing
Question
Which of the following is used for biometric authentication?

A) smart cards
B) facial features
C) passwords
D) personal identification numbers
E) MD5 hashes
Question
________ is a broad category of software that includes viruses, spyware, and adware.

A) Malware
B) Cookie
C) Firewall
D) Spam
E) Crackers
Question
In asymmetric encryption, each site has a ________ for encoding messages.

A) botnet
B) private key
C) public key
D) cookie
E) cipher
Question
Secure Sockets Layer is also known as ________.

A) Advanced Persistent Threat Layer
B) Transport Layer Security
C) Presentation Interface Layer
D) Network Interface Layer Security
E) Media Access Security
Question
Which of the following was passed to give individuals the right to access their own health data created by doctors and other healthcare providers?

A) the Privacy Act of 1974
B) the Sarbanes-Oxley Act
C) the HIPAA of 1996
D) the Gramm-Leach-Bliley Act
E) the Computer Privacy Act of 2014
Question
Which of the following statements is True about biometric identification?

A) It involves the use of a personal identification number (PIN) for authentication.
B) It provides weak authentication.
C) It is a relatively inexpensive mode of authentication.
D) It often faces resistance from users for its invasive nature.
E) It will decline in usage in the future.
Question
Users of smart cards are required to enter a ________ to be authenticated.

A) Social Security number
B) public key
C) personal identification number
D) private key
E) passphrase
Question
Sarah was browsing an online shopping site when a program got downloaded onto her system without her knowledge. The next day she found that her search engine had been changed, and she received pop-up advertisements of the shopping site she had visited the previous day. The program on Sarah's system is ________.

A) a cookie
B) adware
C) a payload
D) a Trojan horse
E) a stack smasher
Question
Symmetric encryption is simpler and much faster than asymmetric encryption.
Question
Define encryption and explain symmetric and asymmetric encryption for computer systems.
Question
________ refers to an organization-wide function that is in charge of developing data policies and enforcing data standards.

A) Data administration
B) Authentication
C) Usurpation
D) Data encryption
E) Access Control
Question
Describe the difference between a perimeter firewall and an internal firewall?
Question
Technical safeguards involve the hardware and software components of an information system.
Question
Biometric authentication uses physical characteristics such as retinal scans to authenticate users.
Question
Which of the following statements is True about data administration?

A) It is a line function to the chief information officer.
B) It merely involves developing data policies.
C) It applies to individuals and not to the entire organization.
D) It is involved in establishing data safeguards.
E) It defines standards for the use of cryptographic suites.
Question
Describe six malware safeguards.
Question
What are spyware and adware programs?
Question
Improper data disclosure and data damage and loss are possible consequences of an SQL injection attack.
Question
Secure Sockets Layer (SSL) is a protocol that is restricted to asymmetric encryption.
Question
What is a virus? Differentiate between Trojan horses and worms.
Question
A ________ is a type of virus that self-propagates using the Internet or other computer network.

A) worm
B) sniffer
C) Trojan horse
D) phisher
E) mole
Question
________ is a function pertaining to a particular database that develops procedures and practices to control and protect the database.

A) Data encryption
B) Database administration
C) Data authentication
D) Database normalization
E) Data access control
Question
________ are viruses that masquerade as useful programs or files.

A) Adware programs
B) Spyware programs
C) Trojan horses
D) Worms
E) Hydras
Question
Which of the following is likely to be accepted by a poorly designed application thereby leading to improper disclosure of data?

A) public key
B) asymmetric encryption
C) key escrow
D) SQL injection
E) SHA1 hash
Question
A Trojan horse is a virus that masquerades as a useful program or file.
Question
Most spyware programs are benign in that they do not perform malicious acts or steal data.
Question
A magnetic strip holds far more data than a microchip.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/102
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 10: Information Systems Security
1
Human error cannot cause unauthorized data disclosure.
False
2
A ________ is a person or an organization that seeks to obtain or alter data or other IS assets illegally, without the owner's permission and often without the owner's knowledge.

A) target
B) vulnerability
C) threat
D) key escrow
E) cipher
C
3
Spoofing occurs when someone pretends to be someone else.
True
4
Sally has been working really hard lately and asks her manager for a raise. Her manager tells her that she is already the highest paid employee on the floor. Sally doesn't believe her manager, and illegally accesses the employee database to look at salary data. Sally's act can be termed as ________.

A) pretexting
B) phishing
C) hacking
D) spoofing
E) skimming
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
5
Email spoofing is a synonym for ________.

A) hacking
B) phishing
C) usurping
D) sniffing
E) baiting
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
6
________ present(s) the largest risk for an organization's infrastructure loss.

A) Employees' dissatisfaction
B) Natural disasters
C) Hackers
D) Competitors
E) Electromagnetic pulse weapons
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
7
Which of the following usually happens in a malicious denial-of-service attack?

A) A hacker monitors and intercepts wireless traffic at will.
B) A hacker floods a Web server with many millions of bogus service requests.
C) An intruder uses another site's IP address to masquerade as that other site.
D) A phisher pretends to be a legitimate company and requests confidential data.
E) A hacker identifies vulnerabilities in network hosts.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
8
Which of the following is most likely to be a result of hacking?

A) certain Web sites being censored for hurting sentiments
B) small amounts of spam in a user's inbox
C) an unauthorized transaction from a user's credit card
D) pop-up ads appearing frequently
E) slowing of network speed
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
9
Which of the following is considered a computer crime?

A) accidental deletion of important records
B) poorly written programs resulting in information loss
C) loss of data as a result of flooding
D) hacking of information systems
E) failure to correctly back up customer data
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
10
Which of the following is a sniffing technique?

A) IP spoofing
B) caches
C) denial of service
D) adware
E) port scanner
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
11
In the context of security threats, pretexting, sniffing, spoofing, and phishing are all examples of ________.

A) unauthorized data disclosure
B) incorrect data modification
C) faulty services
D) loss of infrastructure
E) SQL injection
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
12
________ take computers with wireless connections through an area and search for unprotected wireless networks, and then monitor and intercept wireless traffic on unsecured wireless networks.

A) Keyloggers
B) Pretexters
C) Wardrivers
D) Phishers
E) Tibutors
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
13
________ occurs through human error when employees do not follow proper procedures or when procedures have not been well designed.

A) Unauthorized data disclosure
B) Incorrect data modification
C) Denial of service
D) Loss of infrastructure
E) Unauthorized data encryption
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
14
Stan loves collecting stamps. He receives an email that appears to come from a well-known stamp auction site asking him to reset his username and password. He clicks on the link and it takes him to a site that looks similar to the auction site, but the Web address is "scrambled" and unreadable. He emails the customer service desk at the auction site and discovers they never sent the email. This scenario is an example of attempted ________.

A) hacking
B) phishing
C) sniffing
D) wardriving
E) stack smashing
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
15
________ is a sophisticated, possibly long-running computer hack that is perpetrated by large, well-funded organizations such as governments.

A) State sponsored threat
B) Lengthy collective
C) Poisoned pool
D) Hacker collective
E) Advanced persistent threat
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
16
Which of the following is considered a threat caused by human error?

A) an employee inadvertently installing an old database on top of the current one
B) an employee intentionally destroying data and system components
C) a virus and worm writer infecting computer systems
D) a hacker breaking into a system to steal for financial gain
E) a tsunami floods a data center causing total data loss
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
17
A person claiming to be from central IT called Chris and asked him to participate in a password reset audit. The person had Chris change his password to the word "123456", and then again to a secret passphrase only Chris knew. Later that day Chris noticed odd system behavior, and then the system crashed. Chris was a victim of ________.

A) hacking
B) usurping
C) sniffing
D) pretexting
E) appropriating
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
18
________ occurs when computer criminals invade a computer system and replace legitimate programs with their own, unauthorized ones that shut down legitimate applications.

A) Encryption
B) Spoofing
C) Phishing
D) Usurpation
E) Spear Phishing
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
19
________ is a technique for intercepting computer communications through a physical connection to a network or without a physical connection in the case of wireless networks.

A) Spoofing
B) Phishing
C) Sniffing
D) Pretexting
E) Port scanning
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
20
A computer crime is committed if an employee inadvertently installs an old database on top of the current one.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
21
Most emails and IMs are protected by encryption.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
22
Email spoofing is a synonym for phishing.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
23
Which of the following is a personal security safeguard?

A) sending valuable data only via email or IM
B) using single password for all the sites
C) removing high-value assets from computers
D) storing browsing history, temporary files, and cookies
E) disabling operating system updates
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
24
One of the personal security safeguards is to use https at trusted, reputable vendors.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
25
IP spoofing occurs when an intruder uses another site's IP address to masquerade as that other site.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
26
Cookies enable an individual to access Web sites without having to sign in every time.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
27
Which of the following statements is True about losses due to computer security threats?

A) Surveys on computer crimes provide accurate results since they use standard parameters to measure and tally computer crime costs.
B) Surveys suggest that some organizations do not report all their computer crime losses, and some will not report such losses at all.
C) Losses due to natural disasters can be measured accurately.
D) Losses due to human error are insignificant.
E) Losses due to hacking may be overstated.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
28
Faulty service excludes problems that result due to incorrect data modification.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
29
________ are small files that enables a browser to access Web sites without having to sign in every time.

A) Cookies
B) Botnets
C) Payloads
D) Public keys
E) Web bugs
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
30
Define threat, vulnerability, safeguard, and target.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
31
Describe the magnitude of security problems in the present day.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
32
Nonword passwords are vulnerable to a ________ attack in which the password cracker tries every possible combination of characters.

A) denial-of-service
B) sniffing
C) brute force
D) phishing
E) nuanced
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
33
What is meant by denial of service?
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
34
Phishing is a technique for obtaining unauthorized data that uses pretexting via email.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
35
Define pretexting, phishing, spoofing, and sniffing.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
36
Natural disasters present the largest risk for infrastructure loss.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
37
Removing and disabling ________ that may contain sensitive security data presents an excellent example of the trade-off between improved security and cost.

A) bookmarks
B) pop-ups
C) cookies
D) toolbars
E) key loggers
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
38
The losses due to human error are minimal, and hence, organizations tend to ignore these losses.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
39
What are the three general sources of security threats?
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
40
A denial-of-service attack is launched when a hacker takes computers with wireless connections through an area and searches for unprotected wireless networks.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
41
Which of the following statements is True about the Secure Sockets Layer (SSL)?

A) It uses asymmetric encryption exclusively.
B) It is used to send sensitive data such as credit card numbers.
C) It uses one set of encryption keys for multiple sessions.
D) It is a stronger version of https.
E) It is used in wireless encryption suites.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
42
A(n) ________ has a microchip in it to hold data.

A) ATM card
B) smart card
C) cookie
D) key escrow
E) dropper
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
43
A ________ examines each part of a message and determines whether to let that part pass.

A) packet-filtering firewall
B) private key
C) mail server
D) wardriver
E) nmap
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
44
In the context of malware protection, the program code that causes the unwanted actions is called the ________.

A) payload
B) kernel
C) bot herder
D) key escrow
E) bundler
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
45
A ________ is a string of bits used to encrypt data.

A) key
B) honeypot
C) cookie
D) cache
E) cipher
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
46
Layla is purchasing a new laptop from an online vendor. Which of the following will be displayed in the address bar of his browser that will let her know that the online retailer is using the Secure Sockets Layer (SSL) protocol?

A) ftp
B) www
C) https
D) )com
E) smtp
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
47
List various personal security safeguards.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
48
Which of the following is classified as a technical safeguard?

A) cookies
B) firewalls
C) key escrow
D) passwords
E) training
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
49
In information security, which of the following is True about managing risk?

A) All organizations except financial institutions should invest heavily in security safeguards.
B) Organizations should implement safeguards that balance the trade-off between risk and cost.
C) Passwords are classified as technical safeguards.
D) Physical security is classified as human safeguards.
E) All risks should be eliminated.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
50
With ________, the sender and receiver transmit a message using different keys.

A) asymmetric encryption
B) a block cipher
C) symmetric encryption
D) a stream cipher
E) a Caesar shift
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
51
What is the basic information that a security policy must stipulate?
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
52
Packet-filtering firewalls ________.

A) can filter both inbound and outbound traffic
B) examine the destination address but not the source address
C) are the most complex type of firewall
D) seldom examine the data or the addresses of the message
E) can examine the contents of VPN packets
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
53
Which of the following is a critical security function that should be addressed by the senior management of an organization?

A) sharing the private key with all systems connected to the network
B) creating IS security software programs
C) establishing the security policy
D) avoiding the use of perimeter firewalls
E) reducing internal systems auditing
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
54
Which of the following is used for biometric authentication?

A) smart cards
B) facial features
C) passwords
D) personal identification numbers
E) MD5 hashes
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
55
________ is a broad category of software that includes viruses, spyware, and adware.

A) Malware
B) Cookie
C) Firewall
D) Spam
E) Crackers
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
56
In asymmetric encryption, each site has a ________ for encoding messages.

A) botnet
B) private key
C) public key
D) cookie
E) cipher
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
57
Secure Sockets Layer is also known as ________.

A) Advanced Persistent Threat Layer
B) Transport Layer Security
C) Presentation Interface Layer
D) Network Interface Layer Security
E) Media Access Security
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
58
Which of the following was passed to give individuals the right to access their own health data created by doctors and other healthcare providers?

A) the Privacy Act of 1974
B) the Sarbanes-Oxley Act
C) the HIPAA of 1996
D) the Gramm-Leach-Bliley Act
E) the Computer Privacy Act of 2014
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
59
Which of the following statements is True about biometric identification?

A) It involves the use of a personal identification number (PIN) for authentication.
B) It provides weak authentication.
C) It is a relatively inexpensive mode of authentication.
D) It often faces resistance from users for its invasive nature.
E) It will decline in usage in the future.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
60
Users of smart cards are required to enter a ________ to be authenticated.

A) Social Security number
B) public key
C) personal identification number
D) private key
E) passphrase
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
61
Sarah was browsing an online shopping site when a program got downloaded onto her system without her knowledge. The next day she found that her search engine had been changed, and she received pop-up advertisements of the shopping site she had visited the previous day. The program on Sarah's system is ________.

A) a cookie
B) adware
C) a payload
D) a Trojan horse
E) a stack smasher
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
62
Symmetric encryption is simpler and much faster than asymmetric encryption.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
63
Define encryption and explain symmetric and asymmetric encryption for computer systems.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
64
________ refers to an organization-wide function that is in charge of developing data policies and enforcing data standards.

A) Data administration
B) Authentication
C) Usurpation
D) Data encryption
E) Access Control
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
65
Describe the difference between a perimeter firewall and an internal firewall?
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
66
Technical safeguards involve the hardware and software components of an information system.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
67
Biometric authentication uses physical characteristics such as retinal scans to authenticate users.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
68
Which of the following statements is True about data administration?

A) It is a line function to the chief information officer.
B) It merely involves developing data policies.
C) It applies to individuals and not to the entire organization.
D) It is involved in establishing data safeguards.
E) It defines standards for the use of cryptographic suites.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
69
Describe six malware safeguards.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
70
What are spyware and adware programs?
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
71
Improper data disclosure and data damage and loss are possible consequences of an SQL injection attack.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
72
Secure Sockets Layer (SSL) is a protocol that is restricted to asymmetric encryption.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
73
What is a virus? Differentiate between Trojan horses and worms.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
74
A ________ is a type of virus that self-propagates using the Internet or other computer network.

A) worm
B) sniffer
C) Trojan horse
D) phisher
E) mole
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
75
________ is a function pertaining to a particular database that develops procedures and practices to control and protect the database.

A) Data encryption
B) Database administration
C) Data authentication
D) Database normalization
E) Data access control
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
76
________ are viruses that masquerade as useful programs or files.

A) Adware programs
B) Spyware programs
C) Trojan horses
D) Worms
E) Hydras
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
77
Which of the following is likely to be accepted by a poorly designed application thereby leading to improper disclosure of data?

A) public key
B) asymmetric encryption
C) key escrow
D) SQL injection
E) SHA1 hash
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
78
A Trojan horse is a virus that masquerades as a useful program or file.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
79
Most spyware programs are benign in that they do not perform malicious acts or steal data.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
80
A magnetic strip holds far more data than a microchip.
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 102 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree