Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 25: B: Extension: A Information Security

Full screen (f)
exit full mode
Question
The three primary information security areas are (1) authentication and authorization, (2) policies and rewards, and (3) detection and response.
Use Space or
up arrow
down arrow
to flip the card.
Question
Through social engineering, hackers use their social skills to trick people into revealing access credentials or other valuable information.
Question
Pretexting is a form of social engineering in which one individual lies to obtain confidential data about another individual.
Question
The technique to gain personal information for the purpose of identity theft, often through fraudulent emails that look as though they came from legitimate businesses, is called phishing.
Question
Ransomware is a form of social engineering in which one individual lies to obtain confidential data about another individual.
Question
A phishing expedition is a masquerading attack that combines spam with spoofing.The perpetrator sends millions of spam emails that appear to be from a respectable company.The emails contain a link to a website that is designed to look exactly like the company's website.The victim is encouraged to enter his or her username, password, and sometimes credit card information.
Question
Information security policies detail how an organization will implement the information security plan.
Question
One of the most ineffective ways to set up authentication techniques is by setting up user IDs and passwords.
Question
Identity theft is the forging of someone's identity for the purpose of fraud.
Question
Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident are called insiders.
Question
Tokens are small electronic devices that change user passwords automatically.
Question
Insiders are illegitimate users who purposely or accidentally misuse their access to the environment to do business.
Question
Organizations address security risks through two lines of defense.The first is people and the second is technology.
Question
Spear phishing is a phishing expedition in which the emails are carefully designed to target a particular person or organization.
Question
Dumpster diving, another security breach for companies, occurs when people not associated with the company jump into the company's outside garbage bins and try to gather and steal any valuable company products they can resell on eBay.
Question
Identity theft is the category of computer security that addresses the protection of data from unauthorized disclosure and confirmation of data source authenticity.
Question
Through pretexting, hackers use their social skills to trick people into revealing access credentials or other valuable information.
Question
A firewall scrambles information into an alternative form that requires a key or password to decrypt.
Question
Biometrics is the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting.
Question
A process of providing a user with permission including access levels and abilities such as file access, hours of access, and amount of allocated storage space is called authentication.
Question
Cryptography is the science that studies encryption, which is the hiding of messages so that only the sender and receiver can read them.
Question
Spear phishing is a phone scam that attempts to defraud people by asking them to call a bogus telephone number to "confirm" their account information.
Question
Worms are computer viruses that wait for a specific date before executing their instructions.
Question
What are the first two lines of defense a company should take when addressing security risks?

A)Technology first, customers second.
B)Technology first, people second.
C)Innovation first, technology second.
D)People first, technology second.
Question
The goal of multifactor authentication is to make it difficult for an unauthorized person to gain access to a system because, if one security level is broken, the attacker will still have to break through additional levels.
Question
A certificate authority is a data file that identifies individuals or organizations online and is comparable to a digital signature.
Question
Multifactor authentication is the traditional security process, which requires a user name and password.
Question
Single-factor authentication requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (biometric verification).
Question
A zombie farm is a group of computers on which a hacker has planted zombie programs.
Question
A voiceprint is a data file that identifies individuals or organizations online and is comparable to a digital signature.
Question
Two-factor authentication requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token).
Question
A voiceprint is a set of measurable characteristics of a human voice that uniquely identifies an individual.These characteristics, which are based on the physical configuration of a speaker's mouth and throat, can be expressed as a mathematical formula.Unfortunately, biometric authentication such as voiceprints can be costly and intrusive.
Question
A certificate authority is a trusted third party, such as VeriSign, that validates user identities by means of digital certificates.
Question
A zombie is a program that secretly takes over another computer for the purpose of launching attacks on other computers.
Question
A pharming attack uses a zombie farm, often by an organized crime association, to launch a massive phishing attack.
Question
Single-factor authentication is the traditional security process, which requires a user name and password.
Question
Single-factor authentication requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token).
Question
Multifactor authentication requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (biometric verification).
Question
Phishing reroutes requests for legitimate websites to false websites.
Question
To decrypt information is to decode it and is the opposite of encrypt.
Question
What is dumpster diving?

A)A form of social engineering in which one individual lies to obtain confidential data about another individual.
B)A hacker looking through your trash to find personal information.
C)Legitimate users purposely or accidentally misusing their access to the environment and causing some kind of business-affecting incident.
D)Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Question
Which of the following represents the three areas where technology can aid in the defense against information security attacks?

A)Authentication and authorization, prevention and resistance, prevention and response
B)Authentication and authorization, prevention and response, detection and response
C)Analyzing and authenticating, prevention and repositioning, detection and response
D)Authentication and authorization, prevention and resistance, detection and response
Question
Imagine you accidently mistype the URL for your bank and you are redirected to a fake website that collects your information.What type of identity theft were you just a victim of?

A)Pharming
B)Worm holes
C)Phishing
D)Insider hacking
Question
What is the difference between phishing and pharming?

A)Phishing is not illegal, pharming is illegal.
B)Phishing is the right of the company, where pharming is the right of the individual.
C)Phishing is a technique to gain personal information for the purpose of identity theft, and pharming reroutes requests for legitimate websites to false websites.
D)All of these.
Question
What is forging of someone's identity for the purpose of fraud?

A)Identity crisis
B)Identity theft
C)Ediscovery
D)All of these
Question
Janet is a financial aid counselor at a local community college and she shares an office with her three coworkers.Janet feels safe in her office environment and frequently leaves her username and password on a sticky note next to her computer.Without realizing it Janet is creating the potential for which type of information security breach to occur?

A)Insiders to hack into the college system.
B)Dumpster diving to find usernames and passwords.
C)Viruses and worms to spread through the college system.
D)All of these.
Question
Which of the following represents the biggest problem of information security breaches?

A)People misusing organizational information.
B)Technology failures.
C)Customers misusing organizational systems.
D)Company departments missing sales goals.
Question
eBay is an example of an online company that has been faced with numerous security issues.For example, imagine you purchase a digital camera on eBay.Three months later you might receive an email asking you to log in to the system to update your credit card or PayPal information.Of course, this email is not actually from eBay and as soon as you log in your information will be stolen.What type of information security breach would you consider this to be?

A)An Insider
B)Dumpster diving
C)Social engineering
D)Phishing
Question
What is the process that provides a user with permission including access levels and abilities such as file access, hours of access, and amount of allocated storage space?

A)Pharming
B)Authentication
C)Authorization
D)Programming
Question
What is it called when a hacker looks through your trash to find personal information?

A)Striker bunny
B)Dumpster diving
C)Trash retrieval
D)Approved consent
Question
What is an insider?

A)A form of social engineering in which one individual lies to obtain confidential data about another individual.
B)A hacker looking through your trash to find personal information.
C)Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.
D)Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Question
What is pretexting?

A)A form of social engineering in which one individual lies to obtain confidential data about another individual.
B)A hacker looks through your trash to find personal information.
C)Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.
D)Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Question
Applications allowed to be placed on the corporate network, like IM software, and corporate computer equipment used for personal reason on personal networks are two areas that should be addressed by managers in which of the following company policies?

A)Information ethics policy
B)Information security policies
C)Information technology plan
D)All of these
Question
Using one's social skills to trick people into revealing access credentials or other valuable information is called ______________.

A)Social engineering
B)Social media
C)Social viruses
D)Social processes
Question
What area of information security focuses on preventing identity theft, phishing, and pharming scams?

A)Prevention and resistance
B)Detection and authorizing
C)Detection and response
D)Authentication and authorization
Question
What is a form of social engineering in which one individual lies to obtain confidential data about another individual?

A)Dumpster texting
B)Dumpster diving
C)Trash retrieval
D)Pretexting
Question
What is a destructive agent?

A)A form of social engineering in which one individual lies to obtain confidential data about another individual.
B)Hackers looking through your trash to find personal information.
C)Legitimate users who purposely or accidentally misuses their access to the environment and cause some kind of business-affecting incident.
D)Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Question
Which of the following is an example of a way to maintain information security that a company should include in its information security policies?

A)Requiring computer users to log off before leaving for lunch
B)Never sharing user or password information with anyone
C)Changing passwords every 30 to 60 days
D)All of these
Question
Working at a ski resort in the mountains has its own unique security issues.Kenny is the chief information officer for Sundance Ski Resort, and he is faced with both physical and information security threats every month.Since the resort implemented a new software system, they have been having larger number of threats and breaches of company information.He suspects that this may be the cause of an internal employee.He needs to clarify and establish what type of plan to help reduce further problems?

A)An information security plan
B)An ethical information policy
C)An anti-virus plan
D)None of these
Question
Angela works for an identity protection company that maintains large amounts of sensitive customer information such as usernames, passwords, personal information, and social security numbers.Angela and a coworker decide to use the sensitive information to open credit cards in a few of her customer's names.This is a classic example of which of the following security breaches?

A)A social engineer
B)An insider
C)A spammer
D)A dumpster diver
Question
What is a method for confirming users' identities?

A)Phishing
B)Authentication
C)Authorization
D)Programming
Question
What is a data file that identifies individuals or organizations online and is comparable to a digital signature?

A)Digital code
B)Digital sign
C)Digital certificate
D)Digital card
Question
What is the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting?

A)Smart card
B)Token
C)Biometrics
D)Content filtering
Question
What type of encryption technology uses multiple keys, one for public and one for private?

A)Private key encryption
B)Policy key encryption
C)Public key encryption
D)Protective key code
Question
What is the most secure type of authentication?

A)Something the user knows such as a user ID and password
B)Something the user has such as a smart card or token
C)Something that is part of the user such as a fingerprint or voice signature
D)Combination of all of these
Question
A smart card is a device, the size of a credit card that contains embedded technology that stores information and small amounts of software, and can act as __________________.

A)Identification instruments
B)A form of digital cash
C)A data storage device
D)All of these
Question
Which of the following systems is designed with full-time monitoring tools that search for patterns in network traffic to identify intruders and to protect against suspicious network traffic which attempts to access files and data?

A)Interconnected data software (IDS)
B)Intrusion detection software (IDS)
C)Security Information system (SIS)
D)Internet detection scanner (IDS)
Question
Which of the following protection techniques scans and searches hard drives to prevent, detect, and remove known viruses, adware, and spyware?

A)Firewall
B)Digital certificate
C)Virus software
D)Antivirus software
Question
What must you do with antivirus software to make it protect effectively?

A)Must never upgrade or change vendors.
B)Must download a portable button for it to activate.
C)Must frequently update it to protect against viruses.
D)All of these.
Question
Which of the following occurs when organizations use software that filters content, such as email, to prevent the accidental or malicious transmission of unauthorized information?

A)Antivirus software
B)Content filtering
C)Encryption
D)Firewalls
Question
Charles Mott works for a company called VeriSign that acts a trusted third party to verify information.One of Charles's largest clients is CheckMd, which holds and authenticates customer reviews of doctors and dentists online.Having a third party validating the reviews is critical to CheckMd's success.What type of authentication technique is VeriSign providing for CheckMd?

A)Firewall
B)Certificate authority
C)Online certificate
D)Digital content certificate
Question
What prevention technique scrambles information into an alternative form that requires a key or password to decrypt?

A)Encryption
B)Content filtering
C)Firewalls
D)Antivirus software
Question
The best and most effective way to manage authentication is through ___________.

A)Smart technology card
B)Tokens
C)Biometrics
D)Passwords
Question
What is a device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing?

A)Token
B)Password
C)Smart card
D)Biometrics
Question
What is hardware or software that guards a private network by analyzing incoming and outgoing information for the correct markings?

A)Firewall
B)Certificate authority
C)Online certificate
D)Digital certificate
Question
The most secure procedures combine which of the following authentication and authorization techniques?

A)Something the user knows, such as a user ID and password
B)Something the user has, such as a smart card or token
C)Something that is part of the user, such as a fingerprint or voice signature
D)All of these
Question
Which of the following is the main drawback of biometrics?

A)It is considered illegal.
B)It is viewed as an invasion of privacy.
C)It can be costly and intrusive.
D)It requires constant monitoring and upgrading.
Question
What can encryption technology perform?

A)Switch the order of characters.
B)Replace characters with other characters.
C)Insert or remove characters.
D)All of these.
Question
How do prevention and resistance technologies stop intruders from accessing and reading sensitive information?

A)Content filtering, encryption, and firewalls
B)Calculating, locking, and firewalls
C)Content prohibiting, and cookies
D)None of these
Question
Which of the following is not considered a form of biometrics?

A)Iris scan
B)Password
C)Fingerprint
D)Handwriting
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/113
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 25: B: Extension: A Information Security
1
The three primary information security areas are (1) authentication and authorization, (2) policies and rewards, and (3) detection and response.
False
2
Through social engineering, hackers use their social skills to trick people into revealing access credentials or other valuable information.
True
3
Pretexting is a form of social engineering in which one individual lies to obtain confidential data about another individual.
True
4
The technique to gain personal information for the purpose of identity theft, often through fraudulent emails that look as though they came from legitimate businesses, is called phishing.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
5
Ransomware is a form of social engineering in which one individual lies to obtain confidential data about another individual.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
6
A phishing expedition is a masquerading attack that combines spam with spoofing.The perpetrator sends millions of spam emails that appear to be from a respectable company.The emails contain a link to a website that is designed to look exactly like the company's website.The victim is encouraged to enter his or her username, password, and sometimes credit card information.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
7
Information security policies detail how an organization will implement the information security plan.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
8
One of the most ineffective ways to set up authentication techniques is by setting up user IDs and passwords.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
9
Identity theft is the forging of someone's identity for the purpose of fraud.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
10
Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident are called insiders.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
11
Tokens are small electronic devices that change user passwords automatically.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
12
Insiders are illegitimate users who purposely or accidentally misuse their access to the environment to do business.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
13
Organizations address security risks through two lines of defense.The first is people and the second is technology.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
14
Spear phishing is a phishing expedition in which the emails are carefully designed to target a particular person or organization.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
15
Dumpster diving, another security breach for companies, occurs when people not associated with the company jump into the company's outside garbage bins and try to gather and steal any valuable company products they can resell on eBay.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
16
Identity theft is the category of computer security that addresses the protection of data from unauthorized disclosure and confirmation of data source authenticity.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
17
Through pretexting, hackers use their social skills to trick people into revealing access credentials or other valuable information.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
18
A firewall scrambles information into an alternative form that requires a key or password to decrypt.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
19
Biometrics is the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
20
A process of providing a user with permission including access levels and abilities such as file access, hours of access, and amount of allocated storage space is called authentication.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
21
Cryptography is the science that studies encryption, which is the hiding of messages so that only the sender and receiver can read them.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
22
Spear phishing is a phone scam that attempts to defraud people by asking them to call a bogus telephone number to "confirm" their account information.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
23
Worms are computer viruses that wait for a specific date before executing their instructions.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
24
What are the first two lines of defense a company should take when addressing security risks?

A)Technology first, customers second.
B)Technology first, people second.
C)Innovation first, technology second.
D)People first, technology second.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
25
The goal of multifactor authentication is to make it difficult for an unauthorized person to gain access to a system because, if one security level is broken, the attacker will still have to break through additional levels.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
26
A certificate authority is a data file that identifies individuals or organizations online and is comparable to a digital signature.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
27
Multifactor authentication is the traditional security process, which requires a user name and password.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
28
Single-factor authentication requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (biometric verification).
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
29
A zombie farm is a group of computers on which a hacker has planted zombie programs.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
30
A voiceprint is a data file that identifies individuals or organizations online and is comparable to a digital signature.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
31
Two-factor authentication requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token).
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
32
A voiceprint is a set of measurable characteristics of a human voice that uniquely identifies an individual.These characteristics, which are based on the physical configuration of a speaker's mouth and throat, can be expressed as a mathematical formula.Unfortunately, biometric authentication such as voiceprints can be costly and intrusive.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
33
A certificate authority is a trusted third party, such as VeriSign, that validates user identities by means of digital certificates.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
34
A zombie is a program that secretly takes over another computer for the purpose of launching attacks on other computers.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
35
A pharming attack uses a zombie farm, often by an organized crime association, to launch a massive phishing attack.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
36
Single-factor authentication is the traditional security process, which requires a user name and password.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
37
Single-factor authentication requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token).
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
38
Multifactor authentication requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (biometric verification).
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
39
Phishing reroutes requests for legitimate websites to false websites.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
40
To decrypt information is to decode it and is the opposite of encrypt.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
41
What is dumpster diving?

A)A form of social engineering in which one individual lies to obtain confidential data about another individual.
B)A hacker looking through your trash to find personal information.
C)Legitimate users purposely or accidentally misusing their access to the environment and causing some kind of business-affecting incident.
D)Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
42
Which of the following represents the three areas where technology can aid in the defense against information security attacks?

A)Authentication and authorization, prevention and resistance, prevention and response
B)Authentication and authorization, prevention and response, detection and response
C)Analyzing and authenticating, prevention and repositioning, detection and response
D)Authentication and authorization, prevention and resistance, detection and response
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
43
Imagine you accidently mistype the URL for your bank and you are redirected to a fake website that collects your information.What type of identity theft were you just a victim of?

A)Pharming
B)Worm holes
C)Phishing
D)Insider hacking
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
44
What is the difference between phishing and pharming?

A)Phishing is not illegal, pharming is illegal.
B)Phishing is the right of the company, where pharming is the right of the individual.
C)Phishing is a technique to gain personal information for the purpose of identity theft, and pharming reroutes requests for legitimate websites to false websites.
D)All of these.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
45
What is forging of someone's identity for the purpose of fraud?

A)Identity crisis
B)Identity theft
C)Ediscovery
D)All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
46
Janet is a financial aid counselor at a local community college and she shares an office with her three coworkers.Janet feels safe in her office environment and frequently leaves her username and password on a sticky note next to her computer.Without realizing it Janet is creating the potential for which type of information security breach to occur?

A)Insiders to hack into the college system.
B)Dumpster diving to find usernames and passwords.
C)Viruses and worms to spread through the college system.
D)All of these.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
47
Which of the following represents the biggest problem of information security breaches?

A)People misusing organizational information.
B)Technology failures.
C)Customers misusing organizational systems.
D)Company departments missing sales goals.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
48
eBay is an example of an online company that has been faced with numerous security issues.For example, imagine you purchase a digital camera on eBay.Three months later you might receive an email asking you to log in to the system to update your credit card or PayPal information.Of course, this email is not actually from eBay and as soon as you log in your information will be stolen.What type of information security breach would you consider this to be?

A)An Insider
B)Dumpster diving
C)Social engineering
D)Phishing
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
49
What is the process that provides a user with permission including access levels and abilities such as file access, hours of access, and amount of allocated storage space?

A)Pharming
B)Authentication
C)Authorization
D)Programming
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
50
What is it called when a hacker looks through your trash to find personal information?

A)Striker bunny
B)Dumpster diving
C)Trash retrieval
D)Approved consent
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
51
What is an insider?

A)A form of social engineering in which one individual lies to obtain confidential data about another individual.
B)A hacker looking through your trash to find personal information.
C)Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.
D)Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
52
What is pretexting?

A)A form of social engineering in which one individual lies to obtain confidential data about another individual.
B)A hacker looks through your trash to find personal information.
C)Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.
D)Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
53
Applications allowed to be placed on the corporate network, like IM software, and corporate computer equipment used for personal reason on personal networks are two areas that should be addressed by managers in which of the following company policies?

A)Information ethics policy
B)Information security policies
C)Information technology plan
D)All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
54
Using one's social skills to trick people into revealing access credentials or other valuable information is called ______________.

A)Social engineering
B)Social media
C)Social viruses
D)Social processes
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
55
What area of information security focuses on preventing identity theft, phishing, and pharming scams?

A)Prevention and resistance
B)Detection and authorizing
C)Detection and response
D)Authentication and authorization
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
56
What is a form of social engineering in which one individual lies to obtain confidential data about another individual?

A)Dumpster texting
B)Dumpster diving
C)Trash retrieval
D)Pretexting
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
57
What is a destructive agent?

A)A form of social engineering in which one individual lies to obtain confidential data about another individual.
B)Hackers looking through your trash to find personal information.
C)Legitimate users who purposely or accidentally misuses their access to the environment and cause some kind of business-affecting incident.
D)Malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
58
Which of the following is an example of a way to maintain information security that a company should include in its information security policies?

A)Requiring computer users to log off before leaving for lunch
B)Never sharing user or password information with anyone
C)Changing passwords every 30 to 60 days
D)All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
59
Working at a ski resort in the mountains has its own unique security issues.Kenny is the chief information officer for Sundance Ski Resort, and he is faced with both physical and information security threats every month.Since the resort implemented a new software system, they have been having larger number of threats and breaches of company information.He suspects that this may be the cause of an internal employee.He needs to clarify and establish what type of plan to help reduce further problems?

A)An information security plan
B)An ethical information policy
C)An anti-virus plan
D)None of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
60
Angela works for an identity protection company that maintains large amounts of sensitive customer information such as usernames, passwords, personal information, and social security numbers.Angela and a coworker decide to use the sensitive information to open credit cards in a few of her customer's names.This is a classic example of which of the following security breaches?

A)A social engineer
B)An insider
C)A spammer
D)A dumpster diver
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
61
What is a method for confirming users' identities?

A)Phishing
B)Authentication
C)Authorization
D)Programming
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
62
What is a data file that identifies individuals or organizations online and is comparable to a digital signature?

A)Digital code
B)Digital sign
C)Digital certificate
D)Digital card
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
63
What is the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting?

A)Smart card
B)Token
C)Biometrics
D)Content filtering
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
64
What type of encryption technology uses multiple keys, one for public and one for private?

A)Private key encryption
B)Policy key encryption
C)Public key encryption
D)Protective key code
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
65
What is the most secure type of authentication?

A)Something the user knows such as a user ID and password
B)Something the user has such as a smart card or token
C)Something that is part of the user such as a fingerprint or voice signature
D)Combination of all of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
66
A smart card is a device, the size of a credit card that contains embedded technology that stores information and small amounts of software, and can act as __________________.

A)Identification instruments
B)A form of digital cash
C)A data storage device
D)All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
67
Which of the following systems is designed with full-time monitoring tools that search for patterns in network traffic to identify intruders and to protect against suspicious network traffic which attempts to access files and data?

A)Interconnected data software (IDS)
B)Intrusion detection software (IDS)
C)Security Information system (SIS)
D)Internet detection scanner (IDS)
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
68
Which of the following protection techniques scans and searches hard drives to prevent, detect, and remove known viruses, adware, and spyware?

A)Firewall
B)Digital certificate
C)Virus software
D)Antivirus software
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
69
What must you do with antivirus software to make it protect effectively?

A)Must never upgrade or change vendors.
B)Must download a portable button for it to activate.
C)Must frequently update it to protect against viruses.
D)All of these.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
70
Which of the following occurs when organizations use software that filters content, such as email, to prevent the accidental or malicious transmission of unauthorized information?

A)Antivirus software
B)Content filtering
C)Encryption
D)Firewalls
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
71
Charles Mott works for a company called VeriSign that acts a trusted third party to verify information.One of Charles's largest clients is CheckMd, which holds and authenticates customer reviews of doctors and dentists online.Having a third party validating the reviews is critical to CheckMd's success.What type of authentication technique is VeriSign providing for CheckMd?

A)Firewall
B)Certificate authority
C)Online certificate
D)Digital content certificate
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
72
What prevention technique scrambles information into an alternative form that requires a key or password to decrypt?

A)Encryption
B)Content filtering
C)Firewalls
D)Antivirus software
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
73
The best and most effective way to manage authentication is through ___________.

A)Smart technology card
B)Tokens
C)Biometrics
D)Passwords
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
74
What is a device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing?

A)Token
B)Password
C)Smart card
D)Biometrics
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
75
What is hardware or software that guards a private network by analyzing incoming and outgoing information for the correct markings?

A)Firewall
B)Certificate authority
C)Online certificate
D)Digital certificate
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
76
The most secure procedures combine which of the following authentication and authorization techniques?

A)Something the user knows, such as a user ID and password
B)Something the user has, such as a smart card or token
C)Something that is part of the user, such as a fingerprint or voice signature
D)All of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
77
Which of the following is the main drawback of biometrics?

A)It is considered illegal.
B)It is viewed as an invasion of privacy.
C)It can be costly and intrusive.
D)It requires constant monitoring and upgrading.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
78
What can encryption technology perform?

A)Switch the order of characters.
B)Replace characters with other characters.
C)Insert or remove characters.
D)All of these.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
79
How do prevention and resistance technologies stop intruders from accessing and reading sensitive information?

A)Content filtering, encryption, and firewalls
B)Calculating, locking, and firewalls
C)Content prohibiting, and cookies
D)None of these
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
80
Which of the following is not considered a form of biometrics?

A)Iris scan
B)Password
C)Fingerprint
D)Handwriting
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree