Professional Documents
Culture Documents
1/4
MIS Chapter 8 Quiz
https://quizlet.com/_cw4ptjÐ (|x<\ YµX0
redirecting users to a fraudulent website even when the user has
Pharming involves:
typed in the correct address in the web browser.
________ is a crime in which an imposter obtains key pieces of
Identity theft
personal information to impersonate someone else.
Comprehensive security management products, with tools for
firewalls, VPNs, intrusion detection systems, and more, are called
________ systems.
A) DPI
UTM (unified threat management)
B) MSSP
C) NSP
D) PKI
E) UTM
________ identify the access points in a Wi-Fi network. SSIDs
Which of the following refers to policies, procedures, and technical
measures used to prevent unauthorized access, alteration, theft, Security
or physical damage to information systems?
________ is malware that hijacks a user's computer and demands
Ransomware
payment in return for giving back access.
A salesperson clicks repeatedly on the online ads of a competitor
in order to drive the competitor's advertising costs up. This is an
example of:
A) phishing.
E) click fraud.
B) pharming.
C) spoofing.
D) evil twins.
E) click fraud
Tricking employees into revealing their passwords by pretending
social engineering.
to be a legitimate member of a company is called:
Computer forensics tasks include all of the following except: collecting physical evidence on the computer.
Biometric authentication is the use of personal, biographic details
such as the high school you attended and the first street you lived False
on to provide identification.
A firewall allows the organization to:
A) prevent unauthorized communication into and out of its net-
work.
B) check the accuracy of all transactions between its network and
A) prevent unauthorized communication into and out of its net-
the Internet.
work.
C) create an enterprise system on the Internet.
D) check the content of all incoming and outgoing email mes-
sages.
E) create access rules for a network.
A foreign country attempting to access government networks in
cyberwarfare
order to disable a national power grid is an example of:
Which of the following statements about Internet security is not
VoIP is more secure than the switched voice network
true?
Authentication refers to verifying that a person is who he or she
True
claims to be.
All of the following are types of information systems general
controls except:
A) application controls
B) computer operations controls. A) application controls.
C) hardware controls.
D) software controls.
E) administrative controls.
Viruses can be spread through e-mail. True
A digital certificate system: uses third-party CAs to validate a user's identity.
2/4
MIS Chapter 8 Quiz
https://quizlet.com/_cw4ptjÐ (|x<\ YµX0
Sniffers enable hackers to steal proprietary information from any-
where on a network, including e-mail messages, company files, True
and confidential reports.
Your company, an online discount pet supply store, has calculated
that a loss of Internet connectivity for 3 hours results in a potential
loss of $2,000 to $3,000 and that there is a 50% chance of this $1,250
occurring each year. What is the annual expected loss from this
exposure?
T/F: S-HTTP is a protocol used to establish a secure connection
False (SSL and TLS)
between two computers.
T/F: Mobile devices typically feature state-of-the-art encryption
and security features, making them highly secure tools for busi- False
nesses, and therefore do not require any special protections.
Which of the following statements about passwords is not true?
A) Authentication cannot be established by the use of a password.
B) Password systems that are too rigorous may hinder employee
productivity.
C) Passwords can be stolen through social engineering. A) Authentication cannot be established by the use of a password
D) A user's actions with respect to passwords can compromise
security.
E) Passwords can be sniffed when being transmitted over a net-
work.
The Gramm-Leach-Bliley Act:
A) requires financial institutions to ensure the security of customer
data.
B) specifies best practices in information systems security and
control. A) requires financial institutions to ensure the security of customer
C) imposes responsibility on companies and management to data.
safeguard the accuracy of financial information.
D) outlines medical security and privacy rules.
E) identifies computer abuse as a crime and defines abusive
activities.
An analysis of an information system that rates the likelihood of a
security incident occurring and its cost would be included in which
of the following?
A) Security policy
C) Risk assessment
B) AUP
C) Risk assessment
D) Business impact analysis
E) Business continuity plan
T/F: Apple's iOS is the mobile platform targeted by most hackers. False (Android)
Which of the following is a type of ambient data?
A) Computer log containing recent system errors
B) A file deleted from a hard disk
B) A file deleted from a hard disk
C) A file that contains an application's user settings
D) A set of raw data from an environmental sensor
E) Data stored on a portable storage device
Which of the following statements about blockchain is not true?
A) Once recorded, a blockchain transaction cannot be changed.
B) The data represented in a blockchain is maintained in a central
database.
B) The data represented in a blockchain is maintained in a central
C) The records in a blockchain are secured through cryptography.
database.
D) Each block in a blockchain is connected to all the blocks before
and after it.
E) Blockchain is vulnerable in some of the same ways as conven-
tional, centralized record-keeping systems.
Which of the following specifically makes malware distribution and
hacker attacks to disable websites a federal crime?
3/4
MIS Chapter 8 Quiz
https://quizlet.com/_cw4ptjÐ (|x<\ YµX0
A) Computer Fraud and Abuse Act
B) Economic Espionage Act
C) Electronic Communications Privacy Act E) National Information Infrastructure Protection Act
D) Data Security and Breach Notification Act
E) National Information Infrastructure Protection Act
T/F: Phishing is a form of spoofing. True
Which of the following techniques stops data packets originating
outside the organization, inspects them, and uses a proxy to pass
packet information to the other side of an organization's firewall?
A) NAT
E) Application proxy filtering
B) Packet filtering
C) Two-factor authentication
D) Stateful inspection
E) Application proxy filtering
Most computer viruses deliver a:
A) worm.
B) Trojan horse.
E) payload
C) drive-by download.
D) keylogger.
E) payload.
4/4