Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 11: Ethics, Privacy-Information Security

Full screen (f)
exit full mode
Question
The technique to gain personal information for the purpose of identity theft,often through fraudulent emails that look as though they came from legitimate businesses,is called phishing.
Use Space or
up arrow
down arrow
to flip the card.
Question
Information security policies detail how an organisation is going to implement the information security plan.
Question
Downtime refers to a period of time when a system is unavailable and unplanned downtime can strike at any time for various reasons.
Question
e-Policies are policies and procedures that address information management along with the ethical use of computers and the internet in the business environment.
Question
An acceptable use policy (AUP)requires a user to agree to follow the policy to be provided access to corporate email,information systems and the internet.
Question
Insiders are illegitimate users who purposely or accidentally misuse their access to the environment to do business.
Question
Companies do not need a privacy policy for email because an employee's work email is private and cannot be viewed by the company.
Question
The Trojan-horse virus hides inside other software,usually as an attachment or a downloadable file.
Question
Through social engineering,hackers use their social skills to trick people into revealing access credentials or other valuable information.
Question
Ethics,privacy and security are fundamental building blocks for all organisations.
Question
Information governance is a method or system of government for information management or control.
Question
Two of the common forms of viruses discussed in the book include the Trojan-horse virus and the acceptance-of-service attack.
Question
A social media policy outlines the corporate guidelines or principles governing employee online communications.
Question
The three primary information security areas are: (1)authentication and authorisation; (2)policies and rewards; and (3)detection and response.
Question
Confidentiality is the right to be left alone when you want to be,to have control over your own personal possessions,and not to be observed without your consent.
Question
Spyware is software which,while purporting to serve some useful function and often fulfilling that function,also allows internet advertisers to display advertisements without the consent of the computer user.
Question
An ethical computer use policy contains general principles to guide computer user behaviour.
Question
A hacker weapon called a splog (spam blog)is a fake blog created solely to raise the search engine rank of affiliated websites.
Question
Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident are called insiders.
Question
Privacy is the legal protection afforded an expression of an idea,such as a song,book or video game.
Question
Which of the below is not one of the eight e-policies that a company should implement for information protection as discussed in the text?

A) Information privacy policy
B) Workplace monitoring policy
C) Acceptable use policy
D) Downtime monitoring policy
Question
Which company policy did Visa create the program 'Inovant' to handle?

A) Information governance
B) Information privacy policy
C) Ethical computer use policy
D) Acceptable use policy
Question
A firewall scrambles information into an alternative form that requires a key or password to decrypt.
Question
Sophie Black works as a computer programmer for a software company.Her boss,Mike Jones,is responsible for developing a new software game for the Wii.After completion of the project,Mike gives all of the team members a free copy of the game without consent from the company.Sophie is a little hesitant and unsure about accepting the game because legally it would be considered ________.

A) Counterfeit software
B) Pirated software
C) Ethical software
D) Governance software
Question
According to the ethical computer use policy,users should be ______________ of the rules and,by agreeing to use the system on that basis,_______________ to abide by the rules.

A) Informed,collaborate
B) Consent,informed
C) Informed,consent
D) Consent,information
Question
Which of the below would not be found in a typical acceptable use policy?

A) Not using the service as part of violating any law
B) Not posting commercial messages to groups where the employee has received user consent
C) Not performing any non-repudiation
D) Not attempting to break the security of any computer network
Question
What is the legal protection afforded an expression of an idea,such as a song,book or video game?

A) Privacy
B) Confidentiality
C) Intellectual property
D) Copyright
Question
Determining what is ethical can sometimes be difficult because certain actions can be justified or condemned depending on how you view the relationship between ___ and _______.

A) Legal and confidential
B) Legal and ethical
C) Legal and technical
D) Confidential and open
Question
What is the method or system of government for information management or control?

A) Information management
B) Information compliance
C) Information governance
D) Information ethics
Question
As the president of a local trade company,Kristin is faced with leadership,ethical and operational decisions on a daily basis.Kristen's responsibilities include examining the organisational resource of information and regulating its definitions,uses,value and distribution ensuring it has the types of data/information required to function and grow effectively.What is Kristin overseeing for the company?

A) Information codes
B) Information management
C) Information deployment
D) Information security
Question
Jackie is the head teller at ABC Bank and her responsibilities include overseeing and managing the tellers,resolving customer issues,and developing and implementing systems for an optimal and efficient team.She notices a steady increase in customer complaints and tracks back to find that the complaints started right around the time ABC Bank provided internet access to all employees.Jackie watched the tellers closely and found that they were spending significant amounts of time playing internet games and posting on Facebook.Which policy should the company implement to help eliminate this problem?

A) An information privacy policy
B) An email privacy policy
C) An internet use policy
D) A workplace monitoring policy
Question
Personal information is information that identifies,or could be used to identify,an individual.
Question
Information privacy concerns the legal right or general expectation of individuals,groups or institutions to determine for themselves when and to what extent information about them is communicated to others.
Question
Biometrics is the identification of a user based on a physical characteristic,such as a fingerprint,iris,face,voice or handwriting.
Question
Which of the following statement is correct?

A) Personal information on the internet can have unexpected spectators.
B) Personal information is information that identifies,or could be used to identify,an individual.
C) The obligation of an organisation to balance the commercial use of personal information with ensuring such use is ethical is one affecting many businesses today.
D) All of the answers are correct
Question
Which policy contains general principles regarding information privacy?

A) Information privacy policy
B) Acceptable use policy
C) Internet use policy
D) Anti-spam policy
Question
Which of the following contains general principles to guide computer user behaviour?

A) Information technology code
B) Techie policy
C) Ethical computer use policy
D) Information systems
Question
Which Act protects investors by improving the accuracy and reliability of corporate disclosures?

A) Sarbanes-Oxley Act
B) Identity Theft and Assumption Deterrence Act
C) CAN-Spam Act
D) None of the answers is correct
Question
Which of the following clauses is typically contained in an acceptable use policy?

A) A non-repudiation clause
B) A repudiation clause
C) A confidentiality clause
D) An employee use clause
Question
In the information technology world,which of the following are examples of ethical issues that a company may have to manage?

A) Employees copying and distributing company owned software
B) Employees searching other employee's private information without consent
C) Employees intentionally creating or spreading viruses to confuse IT
D) All of the answers are correct
Question
What is the primary difference between a worm and a virus?

A) A worm must attach to something to spread; whereas,a virus does not need to attach to anything to spread and can tunnel itself into the computer
B) A virus is copied and spread by a person; whereas,a worm takes a string of tag words and deletes websites
C) A virus must attach to something to spread; whereas a worm does not need to attach to anything to spread and can tunnel itself into the computer
D) All of the answers are correct
Question
Which of the below represents the biggest problem of information security breaches?

A) People misusing organisational information
B) Technology failures
C) Customers misusing organisational systems
D) Company departments missing sales goals
Question
Which of the following is not an example of unplanned downtime?

A) Power outages
B) Tornados
C) A system upgrade
D) Network failure
Question
Angela works for an identity protection company that maintains large amounts of sensitive customer information such as usernames,passwords and personal information numbers.Angela and a co-worker decide to use the sensitive information to open credit cards in a few of her customers' names.This is a classic example of which of the following security breaches?

A) A social engineer
B) An insider
C) A spammer
D) A dumpster diver
Question
What are the first two lines of defence a company should take when addressing security risks?

A) Technology first,customers second
B) Technology first,people second
C) Innovation first,technology second
D) People first,technology second
Question
Which of the following are all common forms of viruses?

A) Packet tampering,worms,cakes and Trojan viruses
B) Polymorphic,sniffer,splogs and Denial-of-service viruses
C) Backdoor program,worm and Trojan-horse viruses
D) All of the answers are correct
Question
Who/what are experts in technology who use their knowledge to break into computers and networks,for profit or just as a challenge known as?

A) Elevation of privilege
B) Virus
C) Hacker
D) Worm
Question
What is it called when a hacker looks through your rubbish to find personal information?

A) Striker bunny
B) Dumpster diving
C) Rubbish retrieval
D) Approved consent
Question
Which of the following issues need to be taken into account when considering using a cloud computing solution to store personal information?

A) Is your data protected even in foreign jurisdictions?
B) What kinds of security measures are provided?
C) For how long will the cloud service provider hold the data of your business,and what protocols have been established to back up or destroy your data?
D) All of the answers are correct
Question
Which of the following is a cost of downtime in addition to lost revenue?

A) Legal expenses
B) Loss in financial performance
C) Damage to reputation
D) All of the answers are correct
Question
Jensen is a senior developer for HackersRUs,a company that helps secure management information systems.Jensen's new task is to break into the computer system of one of HackersRUs' top clients to identify system vulnerabilities and plug the holes.What type of hacker is Jensen?

A) Cracker
B) White-hat hacker
C) Script bunnies
D) Black-hat hacker
Question
What are critical questions that managers should ask when determining the cost of downtime?

A) What is the productivity cost associated with each hour of downtime?
B) How many transactions can the company afford to lose without significantly harming business?
C) All of the answers are correct
D) None of the answers is correct
Question
Which of the below is not included as a common stipulation an organisation would follow when creating an employee monitoring policy?

A) Be as specific as possible stating when and what will be monitored
B) Do not state the consequences of violating the policy
C) Always enforce the policy the same for everyone
D) Expressly communicate that the company reserves the right to monitor all employees
Question
Which of the following is an example of a way to maintain information security that a company should include in its information security policy?

A) Requiring computer users to log off before leaving for lunch
B) Never sharing user or password information with anyone
C) Changing passwords every 60 days
D) All of the answers are correct
Question
What type of internet monitoring technique records information about a customer during a web surfing session such as what websites were visited and how long the visit was,what ads were viewed and what was purchased?

A) Key logger
B) Stealthware
C) Clickstream
D) Web log
Question
Which of the following refers to a period of time when a system is unavailable?

A) Downtime
B) MIS down
C) Direct data loss
D) Downtown
Question
eBay is an example of an online company that has been faced with numerous security issues.For example,imagine you purchase a digital camera on eBay.Three months later you might receive an email asking you to log in to the system to update your credit card or PayPal information.Of course,this email is not actually from eBay and,as soon as you log,in your information is set to be stolen.What type of information security breach would you consider this to be?

A) An insider
B) Dumpster diving
C) Social engineering
D) Phishing
Question
Which of the below should be included in a company email privacy policy?

A) Defines who legitimate email users are
B) Explains what happens if the user severs his or her connection with the organisation
C) Informs users that the organisation has no control over email once it is transmitted outside the organisation
D) All of the answers are correct
Question
Which of the following is the correct list of the six different types of hackers listed in your text?

A) Black-hat,cracker,cyberterrorist,hactivist,script kiddy and white-hat hacker
B) Black-top,cookie,script kid,environment,Web 3.0 and white-top hacker
C) Black-hat,script kiddy,script bat,spider crawler,Ad spiders and white-hat hacker
D) None of the answers is correct
Question
What sends massive amounts of email to a specific person or system that can cause that user's server to stop functioning?

A) Mail bomb
B) Spam
C) Intellectual spam
D) Junk mail
Question
Applications allowed to be placed on the corporate network (like IM software)and corporate computer equipment used for personal reason on personal networks are two areas that should be addressed by managers in which of the below company policy?

A) Information ethics policy
B) Information security policy
C) Information technology plan
D) All of the answers are correct
Question
Explain the ethical issues in the use of information technology.
Question
Through social ___________,hackers use their social skills to trick people into revealing access credentials or other valuable information.
Question
What is the difference between phishing and pharming?

A) Phishing is not illegal,pharming is illegal
B) Phishing is the right of the company,where pharming is the right of the individual
C) Phishing is a technique to gain personal information for the purpose of identity theft,and pharming reroutes requests for legitimate websites to false websites
D) All of the answers are correct
Question
Describe the relationship between information security policies and an information security plan.
Question
____________ concerns the interest of a person to protect their life from unwanted intrusion and public scrutiny.
Question
Which of the following systems is designed with full-time monitoring tools that search for patterns in network traffic to identify intruders and to protect against suspicious network traffic that attempts to access files and data?

A) Interconnected data software (IDS)
B) Intrusion-detection software (IDS)
C) Security Information system (SIS)
D) Internet detection scanner (IDS)
Question
___________ attack computer systems by transmitting a virus hoax,with a real virus attached.
Question
What is the most secure type of authentication?

A) Something the user knows such as a user ID and password
B) Something the user has such as a smart card or token
C) Something that is part of the user such as a fingerprint or voice signature
D) Combination of all of the answers is correct
Question
Which of the following represents the three areas where technology can aid in the defence against information security attacks?

A) Authentication and authorisation,prevention and resistance,prevention and response
B) Authentication and authorisation,prevention and response,detection and response
C) Analysing and authenticating,prevention and repositioning,detection and response
D) Authentication and authorisation,prevention and resistance,detection and response
Question
_________ occur when business data flows across international boundaries over the telecommunications networks of global information systems.
Question
What is forging of someone's identity for the purpose of fraud?

A) Identity crisis
B) Identity theft
C) e-Discovery
D) All of the answers are correct
Question
Provide an example of each of the three primary information security areas: (1)authentication and authorisation; (2)prevention and resistance; and (3)detection and response.
Question
Companies vary in how they expect employees to use computers; however,the overriding principle that needs to be included with these policies should include informed _________.
Question
The best and most effective way to manage authentication is through __________.

A) Smart technology card
B) Tokens
C) Biometrics
D) Passwords
Question
A digital _____________ is a data file that identifies individuals or organisations online and is comparable to a digital signature.
Question
Janet is a financial aid counsellor at a local community TAFE,and she shares an office with her three co-workers.Janet feels safe in her office environment and frequently leaves her username and password on a sticky note next to her computer.Without realising it,Janet is creating the potential for which type of information security breach to occur?

A) Insiders to hack into the TAFE system
B) Dumpster diving to find usernames and passwords
C) Viruses and worms to spread through the college system
D) All of the answers are correct
Question
Intellectual property is ________________ creative work that is embodied in physical form and includes copyrights,trademarks and patents.
Question
Which of the following is not considered a form of biometrics?

A) Iris scan
B) Password
C) Fingerprint
D) Handwriting
Question
Crackers,cyberterrorists,hactivists and script bunnies are all types of _________.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/80
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 11: Ethics, Privacy-Information Security
1
The technique to gain personal information for the purpose of identity theft,often through fraudulent emails that look as though they came from legitimate businesses,is called phishing.
True
2
Information security policies detail how an organisation is going to implement the information security plan.
False
3
Downtime refers to a period of time when a system is unavailable and unplanned downtime can strike at any time for various reasons.
True
4
e-Policies are policies and procedures that address information management along with the ethical use of computers and the internet in the business environment.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
5
An acceptable use policy (AUP)requires a user to agree to follow the policy to be provided access to corporate email,information systems and the internet.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
6
Insiders are illegitimate users who purposely or accidentally misuse their access to the environment to do business.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
7
Companies do not need a privacy policy for email because an employee's work email is private and cannot be viewed by the company.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
8
The Trojan-horse virus hides inside other software,usually as an attachment or a downloadable file.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
9
Through social engineering,hackers use their social skills to trick people into revealing access credentials or other valuable information.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
10
Ethics,privacy and security are fundamental building blocks for all organisations.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
11
Information governance is a method or system of government for information management or control.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
12
Two of the common forms of viruses discussed in the book include the Trojan-horse virus and the acceptance-of-service attack.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
13
A social media policy outlines the corporate guidelines or principles governing employee online communications.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
14
The three primary information security areas are: (1)authentication and authorisation; (2)policies and rewards; and (3)detection and response.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
15
Confidentiality is the right to be left alone when you want to be,to have control over your own personal possessions,and not to be observed without your consent.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
16
Spyware is software which,while purporting to serve some useful function and often fulfilling that function,also allows internet advertisers to display advertisements without the consent of the computer user.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
17
An ethical computer use policy contains general principles to guide computer user behaviour.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
18
A hacker weapon called a splog (spam blog)is a fake blog created solely to raise the search engine rank of affiliated websites.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
19
Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident are called insiders.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
20
Privacy is the legal protection afforded an expression of an idea,such as a song,book or video game.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
21
Which of the below is not one of the eight e-policies that a company should implement for information protection as discussed in the text?

A) Information privacy policy
B) Workplace monitoring policy
C) Acceptable use policy
D) Downtime monitoring policy
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
22
Which company policy did Visa create the program 'Inovant' to handle?

A) Information governance
B) Information privacy policy
C) Ethical computer use policy
D) Acceptable use policy
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
23
A firewall scrambles information into an alternative form that requires a key or password to decrypt.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
24
Sophie Black works as a computer programmer for a software company.Her boss,Mike Jones,is responsible for developing a new software game for the Wii.After completion of the project,Mike gives all of the team members a free copy of the game without consent from the company.Sophie is a little hesitant and unsure about accepting the game because legally it would be considered ________.

A) Counterfeit software
B) Pirated software
C) Ethical software
D) Governance software
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
25
According to the ethical computer use policy,users should be ______________ of the rules and,by agreeing to use the system on that basis,_______________ to abide by the rules.

A) Informed,collaborate
B) Consent,informed
C) Informed,consent
D) Consent,information
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
26
Which of the below would not be found in a typical acceptable use policy?

A) Not using the service as part of violating any law
B) Not posting commercial messages to groups where the employee has received user consent
C) Not performing any non-repudiation
D) Not attempting to break the security of any computer network
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
27
What is the legal protection afforded an expression of an idea,such as a song,book or video game?

A) Privacy
B) Confidentiality
C) Intellectual property
D) Copyright
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
28
Determining what is ethical can sometimes be difficult because certain actions can be justified or condemned depending on how you view the relationship between ___ and _______.

A) Legal and confidential
B) Legal and ethical
C) Legal and technical
D) Confidential and open
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
29
What is the method or system of government for information management or control?

A) Information management
B) Information compliance
C) Information governance
D) Information ethics
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
30
As the president of a local trade company,Kristin is faced with leadership,ethical and operational decisions on a daily basis.Kristen's responsibilities include examining the organisational resource of information and regulating its definitions,uses,value and distribution ensuring it has the types of data/information required to function and grow effectively.What is Kristin overseeing for the company?

A) Information codes
B) Information management
C) Information deployment
D) Information security
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
31
Jackie is the head teller at ABC Bank and her responsibilities include overseeing and managing the tellers,resolving customer issues,and developing and implementing systems for an optimal and efficient team.She notices a steady increase in customer complaints and tracks back to find that the complaints started right around the time ABC Bank provided internet access to all employees.Jackie watched the tellers closely and found that they were spending significant amounts of time playing internet games and posting on Facebook.Which policy should the company implement to help eliminate this problem?

A) An information privacy policy
B) An email privacy policy
C) An internet use policy
D) A workplace monitoring policy
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
32
Personal information is information that identifies,or could be used to identify,an individual.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
33
Information privacy concerns the legal right or general expectation of individuals,groups or institutions to determine for themselves when and to what extent information about them is communicated to others.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
34
Biometrics is the identification of a user based on a physical characteristic,such as a fingerprint,iris,face,voice or handwriting.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
35
Which of the following statement is correct?

A) Personal information on the internet can have unexpected spectators.
B) Personal information is information that identifies,or could be used to identify,an individual.
C) The obligation of an organisation to balance the commercial use of personal information with ensuring such use is ethical is one affecting many businesses today.
D) All of the answers are correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
36
Which policy contains general principles regarding information privacy?

A) Information privacy policy
B) Acceptable use policy
C) Internet use policy
D) Anti-spam policy
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
37
Which of the following contains general principles to guide computer user behaviour?

A) Information technology code
B) Techie policy
C) Ethical computer use policy
D) Information systems
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
38
Which Act protects investors by improving the accuracy and reliability of corporate disclosures?

A) Sarbanes-Oxley Act
B) Identity Theft and Assumption Deterrence Act
C) CAN-Spam Act
D) None of the answers is correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
39
Which of the following clauses is typically contained in an acceptable use policy?

A) A non-repudiation clause
B) A repudiation clause
C) A confidentiality clause
D) An employee use clause
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
40
In the information technology world,which of the following are examples of ethical issues that a company may have to manage?

A) Employees copying and distributing company owned software
B) Employees searching other employee's private information without consent
C) Employees intentionally creating or spreading viruses to confuse IT
D) All of the answers are correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
41
What is the primary difference between a worm and a virus?

A) A worm must attach to something to spread; whereas,a virus does not need to attach to anything to spread and can tunnel itself into the computer
B) A virus is copied and spread by a person; whereas,a worm takes a string of tag words and deletes websites
C) A virus must attach to something to spread; whereas a worm does not need to attach to anything to spread and can tunnel itself into the computer
D) All of the answers are correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
42
Which of the below represents the biggest problem of information security breaches?

A) People misusing organisational information
B) Technology failures
C) Customers misusing organisational systems
D) Company departments missing sales goals
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
43
Which of the following is not an example of unplanned downtime?

A) Power outages
B) Tornados
C) A system upgrade
D) Network failure
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
44
Angela works for an identity protection company that maintains large amounts of sensitive customer information such as usernames,passwords and personal information numbers.Angela and a co-worker decide to use the sensitive information to open credit cards in a few of her customers' names.This is a classic example of which of the following security breaches?

A) A social engineer
B) An insider
C) A spammer
D) A dumpster diver
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
45
What are the first two lines of defence a company should take when addressing security risks?

A) Technology first,customers second
B) Technology first,people second
C) Innovation first,technology second
D) People first,technology second
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
46
Which of the following are all common forms of viruses?

A) Packet tampering,worms,cakes and Trojan viruses
B) Polymorphic,sniffer,splogs and Denial-of-service viruses
C) Backdoor program,worm and Trojan-horse viruses
D) All of the answers are correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
47
Who/what are experts in technology who use their knowledge to break into computers and networks,for profit or just as a challenge known as?

A) Elevation of privilege
B) Virus
C) Hacker
D) Worm
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
48
What is it called when a hacker looks through your rubbish to find personal information?

A) Striker bunny
B) Dumpster diving
C) Rubbish retrieval
D) Approved consent
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
49
Which of the following issues need to be taken into account when considering using a cloud computing solution to store personal information?

A) Is your data protected even in foreign jurisdictions?
B) What kinds of security measures are provided?
C) For how long will the cloud service provider hold the data of your business,and what protocols have been established to back up or destroy your data?
D) All of the answers are correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
50
Which of the following is a cost of downtime in addition to lost revenue?

A) Legal expenses
B) Loss in financial performance
C) Damage to reputation
D) All of the answers are correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
51
Jensen is a senior developer for HackersRUs,a company that helps secure management information systems.Jensen's new task is to break into the computer system of one of HackersRUs' top clients to identify system vulnerabilities and plug the holes.What type of hacker is Jensen?

A) Cracker
B) White-hat hacker
C) Script bunnies
D) Black-hat hacker
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
52
What are critical questions that managers should ask when determining the cost of downtime?

A) What is the productivity cost associated with each hour of downtime?
B) How many transactions can the company afford to lose without significantly harming business?
C) All of the answers are correct
D) None of the answers is correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
53
Which of the below is not included as a common stipulation an organisation would follow when creating an employee monitoring policy?

A) Be as specific as possible stating when and what will be monitored
B) Do not state the consequences of violating the policy
C) Always enforce the policy the same for everyone
D) Expressly communicate that the company reserves the right to monitor all employees
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
54
Which of the following is an example of a way to maintain information security that a company should include in its information security policy?

A) Requiring computer users to log off before leaving for lunch
B) Never sharing user or password information with anyone
C) Changing passwords every 60 days
D) All of the answers are correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
55
What type of internet monitoring technique records information about a customer during a web surfing session such as what websites were visited and how long the visit was,what ads were viewed and what was purchased?

A) Key logger
B) Stealthware
C) Clickstream
D) Web log
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
56
Which of the following refers to a period of time when a system is unavailable?

A) Downtime
B) MIS down
C) Direct data loss
D) Downtown
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
57
eBay is an example of an online company that has been faced with numerous security issues.For example,imagine you purchase a digital camera on eBay.Three months later you might receive an email asking you to log in to the system to update your credit card or PayPal information.Of course,this email is not actually from eBay and,as soon as you log,in your information is set to be stolen.What type of information security breach would you consider this to be?

A) An insider
B) Dumpster diving
C) Social engineering
D) Phishing
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
58
Which of the below should be included in a company email privacy policy?

A) Defines who legitimate email users are
B) Explains what happens if the user severs his or her connection with the organisation
C) Informs users that the organisation has no control over email once it is transmitted outside the organisation
D) All of the answers are correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
59
Which of the following is the correct list of the six different types of hackers listed in your text?

A) Black-hat,cracker,cyberterrorist,hactivist,script kiddy and white-hat hacker
B) Black-top,cookie,script kid,environment,Web 3.0 and white-top hacker
C) Black-hat,script kiddy,script bat,spider crawler,Ad spiders and white-hat hacker
D) None of the answers is correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
60
What sends massive amounts of email to a specific person or system that can cause that user's server to stop functioning?

A) Mail bomb
B) Spam
C) Intellectual spam
D) Junk mail
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
61
Applications allowed to be placed on the corporate network (like IM software)and corporate computer equipment used for personal reason on personal networks are two areas that should be addressed by managers in which of the below company policy?

A) Information ethics policy
B) Information security policy
C) Information technology plan
D) All of the answers are correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
62
Explain the ethical issues in the use of information technology.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
63
Through social ___________,hackers use their social skills to trick people into revealing access credentials or other valuable information.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
64
What is the difference between phishing and pharming?

A) Phishing is not illegal,pharming is illegal
B) Phishing is the right of the company,where pharming is the right of the individual
C) Phishing is a technique to gain personal information for the purpose of identity theft,and pharming reroutes requests for legitimate websites to false websites
D) All of the answers are correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
65
Describe the relationship between information security policies and an information security plan.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
66
____________ concerns the interest of a person to protect their life from unwanted intrusion and public scrutiny.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
67
Which of the following systems is designed with full-time monitoring tools that search for patterns in network traffic to identify intruders and to protect against suspicious network traffic that attempts to access files and data?

A) Interconnected data software (IDS)
B) Intrusion-detection software (IDS)
C) Security Information system (SIS)
D) Internet detection scanner (IDS)
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
68
___________ attack computer systems by transmitting a virus hoax,with a real virus attached.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
69
What is the most secure type of authentication?

A) Something the user knows such as a user ID and password
B) Something the user has such as a smart card or token
C) Something that is part of the user such as a fingerprint or voice signature
D) Combination of all of the answers is correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
70
Which of the following represents the three areas where technology can aid in the defence against information security attacks?

A) Authentication and authorisation,prevention and resistance,prevention and response
B) Authentication and authorisation,prevention and response,detection and response
C) Analysing and authenticating,prevention and repositioning,detection and response
D) Authentication and authorisation,prevention and resistance,detection and response
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
71
_________ occur when business data flows across international boundaries over the telecommunications networks of global information systems.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
72
What is forging of someone's identity for the purpose of fraud?

A) Identity crisis
B) Identity theft
C) e-Discovery
D) All of the answers are correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
73
Provide an example of each of the three primary information security areas: (1)authentication and authorisation; (2)prevention and resistance; and (3)detection and response.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
74
Companies vary in how they expect employees to use computers; however,the overriding principle that needs to be included with these policies should include informed _________.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
75
The best and most effective way to manage authentication is through __________.

A) Smart technology card
B) Tokens
C) Biometrics
D) Passwords
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
76
A digital _____________ is a data file that identifies individuals or organisations online and is comparable to a digital signature.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
77
Janet is a financial aid counsellor at a local community TAFE,and she shares an office with her three co-workers.Janet feels safe in her office environment and frequently leaves her username and password on a sticky note next to her computer.Without realising it,Janet is creating the potential for which type of information security breach to occur?

A) Insiders to hack into the TAFE system
B) Dumpster diving to find usernames and passwords
C) Viruses and worms to spread through the college system
D) All of the answers are correct
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
78
Intellectual property is ________________ creative work that is embodied in physical form and includes copyrights,trademarks and patents.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
79
Which of the following is not considered a form of biometrics?

A) Iris scan
B) Password
C) Fingerprint
D) Handwriting
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
80
Crackers,cyberterrorists,hactivists and script bunnies are all types of _________.
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 80 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree