MIS Chapter 8 Quiz

https://quizlet.com/_cw4ptjÐ (|x<\ YµX0

All of the following have contributed to an increase in software
flaws except:
A) the growing complexity of software programs.
B) the growing size of software programs. E) the increase in the number of computer hackers in the world.
C) demands for timely delivery to markets.
D) the inability to fully test programs.
E) the increase in the number of computer hackers in the world.
T/F: A computer virus replicates more quickly than a computer
False
worm.
An authentication system in which a user must provide two types
two-factor authentication.
of identification, such as a bank card and PIN, is called:
DoS attacks are used to destroy information and access restricted
False
areas of a company's information system.
T/F: Malicious software programs referred to as spyware include
a variety of threats such as computer viruses, worms, and Trojan False
horses.
T/F: An acceptable use policy defines the acceptable level of
False
access to information assets for different users.
Which of the following is an example of a keylogger? Zeus
All of the following are specific security challenges that threaten
sniffing
corporate servers in a client/server environment except:
imposes responsibility on companies and management to safe-
The Sarbanes-Oxley Act:
guard the accuracy of financial information.
Which of the following is the single greatest cause of network
User lack of knowledge
security breaches?
Which of the following focuses primarily on the technical issues
Disaster recovery planning
of keeping systems up and running?
An authentication token is a(n): gadget that displays passcodes
Which of the following statements about wireless security is not
true?
A) LANs using the 802.11 standard can be easily penetrated by
outsiders.
B) Wi-Fi networks are susceptible to hacking by eavesdroppers.
E) Bluetooth is the only wireless technology that is not susceptible
C) War driving involves eavesdroppers driving by buildings or
to hacking by eavesdroppers.
parking outside and trying to intercept a wireless network.
D) Intruders can force a user's NIC to associate with a rogue
access point.
E) Bluetooth is the only wireless technology that is not susceptible
to hacking by eavesdroppers.
is software that appears to be benign but does something other
A Trojan horse:
than expected.
The HIPAA Act of 1996: outlines medical security and privacy rules.
All of the following are currently being used as traits that can be
body odor.
profiled by biometric authentication except:
Smartphones have the same security flaws as other Internet-con-
True
nected devices.
________ is malware that logs and transmits everything a user
A keylogger
types.
NAT conceals the IP addresses of the organization's internal host
True
computers to deter sniffer programs.
One form of spoofing involves forging the return address on an
e-mail so that the e-mail message appears to come from some- True
one other than the sender.

1/4
 MIS Chapter 8 Quiz
https://quizlet.com/_cw4ptjÐ (|x<\ YµX0
redirecting users to a fraudulent website even when the user has
Pharming involves:
typed in the correct address in the web browser.
________ is a crime in which an imposter obtains key pieces of
Identity theft
personal information to impersonate someone else.
Comprehensive security management products, with tools for
firewalls, VPNs, intrusion detection systems, and more, are called
________ systems.
A) DPI
UTM (unified threat management)
B) MSSP
C) NSP
D) PKI
E) UTM
________ identify the access points in a Wi-Fi network. SSIDs
Which of the following refers to policies, procedures, and technical
measures used to prevent unauthorized access, alteration, theft, Security
or physical damage to information systems?
________ is malware that hijacks a user's computer and demands
Ransomware
payment in return for giving back access.
A salesperson clicks repeatedly on the online ads of a competitor
in order to drive the competitor's advertising costs up. This is an
example of:
A) phishing.
E) click fraud.
B) pharming.
C) spoofing.
D) evil twins.
E) click fraud
Tricking employees into revealing their passwords by pretending
social engineering.
to be a legitimate member of a company is called:
Computer forensics tasks include all of the following except: collecting physical evidence on the computer.
Biometric authentication is the use of personal, biographic details
such as the high school you attended and the first street you lived False
on to provide identification.
A firewall allows the organization to:
A) prevent unauthorized communication into and out of its net-
work.
B) check the accuracy of all transactions between its network and
A) prevent unauthorized communication into and out of its net-
the Internet.
work.
C) create an enterprise system on the Internet.
D) check the content of all incoming and outgoing email mes-
sages.
E) create access rules for a network.
A foreign country attempting to access government networks in
cyberwarfare
order to disable a national power grid is an example of:
Which of the following statements about Internet security is not
VoIP is more secure than the switched voice network
true?
Authentication refers to verifying that a person is who he or she
True
claims to be.
All of the following are types of information systems general
controls except:
A) application controls
B) computer operations controls. A) application controls.
C) hardware controls.
D) software controls.
E) administrative controls.
Viruses can be spread through e-mail. True
A digital certificate system: uses third-party CAs to validate a user's identity.
2/4
 MIS Chapter 8 Quiz
https://quizlet.com/_cw4ptjÐ (|x<\ YµX0
Sniffers enable hackers to steal proprietary information from any-
where on a network, including e-mail messages, company files, True
and confidential reports.
Your company, an online discount pet supply store, has calculated
that a loss of Internet connectivity for 3 hours results in a potential
loss of $2,000 to $3,000 and that there is a 50% chance of this $1,250
occurring each year. What is the annual expected loss from this
exposure?
T/F: S-HTTP is a protocol used to establish a secure connection
False (SSL and TLS)
between two computers.
T/F: Mobile devices typically feature state-of-the-art encryption
and security features, making them highly secure tools for busi- False
nesses, and therefore do not require any special protections.
Which of the following statements about passwords is not true?
A) Authentication cannot be established by the use of a password.
B) Password systems that are too rigorous may hinder employee
productivity.
C) Passwords can be stolen through social engineering. A) Authentication cannot be established by the use of a password
D) A user's actions with respect to passwords can compromise
security.
E) Passwords can be sniffed when being transmitted over a net-
work.
The Gramm-Leach-Bliley Act:
A) requires financial institutions to ensure the security of customer
data.
B) specifies best practices in information systems security and
control. A) requires financial institutions to ensure the security of customer
C) imposes responsibility on companies and management to data.
safeguard the accuracy of financial information.
D) outlines medical security and privacy rules.
E) identifies computer abuse as a crime and defines abusive
activities.
An analysis of an information system that rates the likelihood of a
security incident occurring and its cost would be included in which
of the following?
A) Security policy
C) Risk assessment
B) AUP
C) Risk assessment
D) Business impact analysis
E) Business continuity plan
T/F: Apple's iOS is the mobile platform targeted by most hackers. False (Android)
Which of the following is a type of ambient data?
A) Computer log containing recent system errors
B) A file deleted from a hard disk
B) A file deleted from a hard disk
C) A file that contains an application's user settings
D) A set of raw data from an environmental sensor
E) Data stored on a portable storage device
Which of the following statements about blockchain is not true?
A) Once recorded, a blockchain transaction cannot be changed.
B) The data represented in a blockchain is maintained in a central
database.
B) The data represented in a blockchain is maintained in a central
C) The records in a blockchain are secured through cryptography.
database.
D) Each block in a blockchain is connected to all the blocks before
and after it.
E) Blockchain is vulnerable in some of the same ways as conven-
tional, centralized record-keeping systems.
Which of the following specifically makes malware distribution and
hacker attacks to disable websites a federal crime?

3/4
 MIS Chapter 8 Quiz
https://quizlet.com/_cw4ptjÐ (|x<\ YµX0
A) Computer Fraud and Abuse Act
B) Economic Espionage Act
C) Electronic Communications Privacy Act E) National Information Infrastructure Protection Act
D) Data Security and Breach Notification Act
E) National Information Infrastructure Protection Act
T/F: Phishing is a form of spoofing. True
Which of the following techniques stops data packets originating
outside the organization, inspects them, and uses a proxy to pass
packet information to the other side of an organization's firewall?
A) NAT
E) Application proxy filtering
B) Packet filtering
C) Two-factor authentication
D) Stateful inspection
E) Application proxy filtering
Most computer viruses deliver a:
A) worm.
B) Trojan horse.
E) payload
C) drive-by download.
D) keylogger.
E) payload.

4/4