Chapter 8 Flashcards

(16 cards)

1
Q

When thinking about​ security, controls​ ________.

A. refer to policies and procedures that ensure the safety of an​ organization’s assets.
B. control all secure access to an​ organization’s network
C. reside only on client machines
D. refer to referential integrity constraints placed on a database
E. refer to the policies in place to prevent unauthorized access to an​ organization’s network

A

A. refer to policies and procedures that ensure the safety of an​ organization’s assets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Independent computer programs that copy themselves from one computer to others over a network are called​ ________.

A. Storm
B. worms
C. Trojan horses
D. macro viruses
E. viruses

A

B. worms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A type of malware that takes advantage of poorly coded web applications is called​ ________.

A. Storm
B. Ransomware
C. Conficker
D. spyware
E. SQL injection attacks

A

E. SQL injection attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Hackers flooding a network server with many thousands of false communication requests is called​ ________.

A. a​ denial-of-service attack
B. a​ drive-by download
C. an SQL injection attack
D. pharming
E. spoofing

A

A. a​ denial-of-service attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The law that requires financial institutions to ensure confidentiality of customer data is called the​ ________.

A. CAN-SPAM Act
B. ​Children’s Online Privacy Protection Act​ (COPPA)
C. Health Insurance Portability and Accountability Act​ (HIPAA)
D. Gramm-Leach-Bliley Act
E. ​Sarbanes-Oxley Act

A

D. Gramm-Leach-Bliley Act

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The career field that deals with collection and examination of computer data for legal evidence is called​ ________.

A. data mining
B. computer forensics
C. information assurance
D. computer security
E. data warehousing

A

B. computer forensics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Data which are not visible to the average user are called​ ________.

A. meta-data
B. information
C. status data
D. ambient data
E. transient data

A

D. ambient data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The law that applies to publicly traded companies and is designed to protect investors is called the​ ________.

A. Children’s Online Privacy Protection Act​ (COPPA)
B. Sarbanes-Oxley Act
C. Gramm-Leach-Bliley Act
D. CAN-SPAM Act
E. Health Insurance Portability and Accountability Act​ (HIPAA)

A

B. Sarbanes-Oxley Act

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

All the following are general controls EXCEPT​ ________ controls.

A. implementation
B. hardware
C. data security
D. software
E. input

A

E. input

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A risk​ ________ determines the level of risk to an organization if an activity or process is not properly controlled.

A. alignment
B. profile
C. audit
D. policy
E. assessment

A

E. assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A​ firm’s ________ should include an awareness of computer forensics.

A. growth plan
B. information technology plan
C. strategic plan
D. contingency planning process
E. staffing plan

A

D. contingency planning process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Business​ managers, working with information systems​ specialists, should estimate all the following components of a risk assessment EXCEPT​ ________.

A. points of vulnerability
B. the identity of the organization that created the malware
C. the value of information assets
D. the likely frequency of a problem
E. the potential for damage

A

B. the identity of the organization that created the malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

All the following are methods of authentication EXCEPT​ ________.

A. ​two-factor authentication
B. biometric authentication
C. a token
D. TCP/IP
E. a smartcard

A

D. TCP/IP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A combination of hardware and software that prevents unauthorized users from accessing a network is called a​ ________.

A. router
B. hotspot
C. server
D. switch
E. firewall

A

E. firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

________ feature(s) monitor the network at its most vulnerable points.

A. A sensor network
B. Network address translation
C. Antivirus software
D. Unified threat management systems
E. Intrusion detection systems

A

E. Intrusion detection systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A form of encryption that uses two keys is called​ ________.

A. digital certificates
B. the Caesar cipher
C. application proxy filtering
D. public key encryption
E. symmetric key encryption

A

D. public key encryption