_____ occurs when computer criminals invade a computer system and replace legitimate programs with their own unauthorized ones.
Adware and spyware are similar to each other in that they both _______.
Reside in the background and observe a user’s behavior
In the case of public key encryption, each site has a private key to encode a message and a public key to decode it. T/F
Technical safeguards involve both software and hardware components of an information system. T/F
Risk management is a critical security function addressed by an organization’s senior management. T/F
_____ is the process of transforming clear text into coded, unintelligible text for secure storage or communication.
A ________ pretends to be a legitimate company and sends emails requesting confidential data.
Which of the following uses an individual’s personal physical characteristics such as fingerprints, facial features, and retinal scans for verification purposes?
Hiring, training, and educating employees in an organization is a technical safeguard. T/F
With https, data are encrypted using a protocol called the __________.
Secure Sockets Layer
_______ are created by companies as false targets for computer criminals to attack.
Which of the following occurs when millions of bogus service requests flood a Web server and prevent it from servicing legitimate requests?
denial of service
Mark receives an email from his bank asking him to update and verify his credit card details. He replies to the email with all the requested details. Mark later learns that the email was not actually sent by his bank and that the information he had shared has been misused. Mark is a victim of________.
As one of the safeguards against security threats, a person should preferably use the same password for different sites so as to avoid confusion. T/F
The procedure of entrusting a party with a copy of an encryption key that can be used in case the actual key is lost or destroyed is called ______.
Davian, a professional hacker, trues every possible combination of characters to crack his victim’s email password. Using this technique, he can crack a six-character password of either upper- or lowercase letters in about ten minutes. Which of the following techniques is used by Davian to obtain access to his victim’s email?
brute force attack
Most secure communications over the Internet use a protocol called_________.
The loss of encryption keys by employees is referred to as key escrow. T/F
Which of the following statements is true of the financial losses due to computer crimes?
All studies on the costs of computer crimes are based on surveys.
There are no standards for tallying costs of computer crime. T/F
______ occurs when a threat obtains data that is supposed to be protected.
Unauthorized data closure
A key is a number used with an encryption algorithm to encrypt data. T/F
_______ take computers with wireless connections through an area and search for unprotected wireless networks.
A virus is a computer program that replicates itself. T/F
Thomas is responsible for creating backup copies of information in a system. He also works along with IT personnel to ensure that the backups are valid and that effective recovery procedures exist. Thomas is involved in establishing______.
Breaking into computers, servers, or networks to steal proprietary and confidential data is referred to as __________.
Smart cards are convenient to use because they do not require a personal identification number for authentication. T/F
Malware definitions are patterns that exist in malware code. T/F
Existence of accounts that are no longer necessary does not pose a security threat. T/F
In terms of password management, when an account is created, users should ________.
immediately change the password they are given to a password of their own.
______ are all files that browsers store on users’ computers when they visit Web sites.
Which of the following is a symptom for phishing?
While making online purchases, a person should buy only from vendors who support https. T/F
Which of the following is a technical safeguard against security threats?
Which of the following is considered a personal security safeguard?
removing high-value assets from computers
Why asymmetric encryption, two different keys are used for encoding and decoding a message. T/F
Which of the following statements is true of position sensitivity?
it enables security personnel to prioritize their activities in accordance with the possible risk and loss.
Which of the following information should be provided by users of smart cards for authentication?
personal identification number
To safeguard data against security threats, every information system today requires a user name and a password. In this case, which of the following functions is performed by the user name?
________refers to an organization-wide function that is in charge of developing data policies and enforcing data standards.
Which of the following statements is true of symmetric encryption?
it uses the same key for both encoding and decoding
_______ is a technique for intercepting computer communications
Incorrectly increasing a customer’s discount is an example of incorrect data modification. T/F
Backup and recovery against computer security threats are __________.
Which of the following is a data safeguard against security threats?
Viruses, worms, and Trojan horses are types of firewalls. T/F
Packet-filtering firewalls cannot prohibit outsiders from starting a session with any user behind the firewall. T/F
Incident-response plans should provide centralized reporting of all security incidents. T/F
Which of the following is a human safeguard against threats?
Pretexting occurs when someone deceives by pretending to be someone else.T/F
Which of the following are the three independent factors that constitute the enforcement of security procedures and policies?
responsibility, accountability, and compliance
A_______ is a message that individuals or organizations take to block a threat from obtaining an asset.
A threat is a person or an organization that seeks to obtain or alter data illegally, without the owners permission or knowledge.T/F
Financial institutions must invest heavily in security safeguards because they are obvious targets for theft. T/F
A criticism of biometric authentication is that it provides weak authentication. T/F
Packet-filtering firewalls are the most sophisticated type of firewall.T/F
An_______includes how employees should react to security problems, whom they should contact, the reports they should make, and steps they can take to reduce further loss.
_______ is a broad category of software that includes viruses, worms, Trojan horses, spyware, and adware.
Technical safeguards include encryption and usage of passwords. T/F
In an organization, security sensitivity for each position should be documented. T/F
An________is a computer program that senses when another computer is attempting to scan a disk or access a computer.
intrusion detection system
A help-desk information system has answers to questions that only a true user of an account or system would know. T/F
______ a site means to take extraordinary measures to reduce a system’s vulnerability.
Malware protection is an example of a technical safeguard. T/F
A person calls the Stark residence and pretends to represent a credit card company. He asks Mrs. Stark to confirm her credit card number. this is an example of _______.
Damages to security systems caused by natural disasters are minimal when compared to the damages due to human errors.T/F
The creation of backup copies of databse contents makes the data move vulnerable to security threats. T/F
Every information system today should require users to sign on with a user name and a password. In this case, which of the following functions is performed by the user’s password?
Spoofing is a technique for intercepting computer communications. T/F
In a brute force attack, a password cracker trues every possible combination of characters. T/F
_______ are viruses that masquerade as useful programs like a computer game, an MP3 file, or some other useful innocuous program.
A _______ sits outside an organizational network and is the first device that Internet traffic encounters.
Advanced persistent threats can be a means to engage in cyber warfare and cyber espionage. T/F
IP spoofing occurs when an intruder uses another site’s IP address to masquerade as that other site. T/F
A_____ examines the source address, destination address, and other data of a message and determines whether to let that message pass.
Which of the following types of encryption is used by the secure sockets layer protocol?
public key encryption
Spyware programs are installed on a user’s computer without the user’s knowledge. T/F
Wardrives are those who engage in phishing to obtain unauthorized access to data. T/F
A user name authenticates a user, and a password identifies that user. T/F
An _______ is a sophisticated, possibly long-run computer hack that is perpetrated by large, well-funded organizations like governments.
advanced persistent threat
A______ is a plastic card that has a microchip loaded with identifying data.
Need essay sample on "MIS Chapter 10 Review"? We will write a custom essay sample specifically for you for only $ 13.90/page