logo image

MIS Chapter 10 Review

_____ occurs when computer criminals invade a computer system and replace legitimate programs with their own unauthorized ones.
Usurpation
Adware and spyware are similar to each other in that they both _______.
Reside in the background and observe a user’s behavior
In the case of public key encryption, each site has a private key to encode a message and a public key to decode it. T/F
False
Technical safeguards involve both software and hardware components of an information system. T/F
True
Risk management is a critical security function addressed by an organization’s senior management. T/F
True
_____ is the process of transforming clear text into coded, unintelligible text for secure storage or communication.
Ecryption
A ________ pretends to be a legitimate company and sends emails requesting confidential data.
Phisher
Which of the following uses an individual’s personal physical characteristics such as fingerprints, facial features, and retinal scans for verification purposes?
biometric authentication
Hiring, training, and educating employees in an organization is a technical safeguard. T/F
False
With https, data are encrypted using a protocol called the __________.
Secure Sockets Layer
_______ are created by companies as false targets for computer criminals to attack.
Honeypots
Which of the following occurs when millions of bogus service requests flood a Web server and prevent it from servicing legitimate requests?
denial of service
Mark receives an email from his bank asking him to update and verify his credit card details. He replies to the email with all the requested details. Mark later learns that the email was not actually sent by his bank and that the information he had shared has been misused. Mark is a victim of________.
phishing
As one of the safeguards against security threats, a person should preferably use the same password for different sites so as to avoid confusion. T/F
False
The procedure of entrusting a party with a copy of an encryption key that can be used in case the actual key is lost or destroyed is called ______.
key escrow
Davian, a professional hacker, trues every possible combination of characters to crack his victim’s email password. Using this technique, he can crack a six-character password of either upper- or lowercase letters in about ten minutes. Which of the following techniques is used by Davian to obtain access to his victim’s email?
brute force attack
Most secure communications over the Internet use a protocol called_________.
https
The loss of encryption keys by employees is referred to as key escrow. T/F
False
Which of the following statements is true of the financial losses due to computer crimes?
All studies on the costs of computer crimes are based on surveys.
There are no standards for tallying costs of computer crime. T/F
True
______ occurs when a threat obtains data that is supposed to be protected.
Unauthorized data closure
A key is a number used with an encryption algorithm to encrypt data. T/F
True
_______ take computers with wireless connections through an area and search for unprotected wireless networks.
Wardrivers
A virus is a computer program that replicates itself. T/F
True
Thomas is responsible for creating backup copies of information in a system. He also works along with IT personnel to ensure that the backups are valid and that effective recovery procedures exist. Thomas is involved in establishing______.
Data safeguards
Breaking into computers, servers, or networks to steal proprietary and confidential data is referred to as __________.
hacking
Smart cards are convenient to use because they do not require a personal identification number for authentication. T/F
False
Malware definitions are patterns that exist in malware code. T/F
True
Existence of accounts that are no longer necessary does not pose a security threat. T/F
False
In terms of password management, when an account is created, users should ________.
immediately change the password they are given to a password of their own.
______ are all files that browsers store on users’ computers when they visit Web sites.
Cookies
Which of the following is a symptom for phishing?
email spoofing
While making online purchases, a person should buy only from vendors who support https. T/F
True
Which of the following is a technical safeguard against security threats?
firewall
Which of the following is considered a personal security safeguard?
removing high-value assets from computers
Why asymmetric encryption, two different keys are used for encoding and decoding a message. T/F
true
Which of the following statements is true of position sensitivity?
it enables security personnel to prioritize their activities in accordance with the possible risk and loss.
Which of the following information should be provided by users of smart cards for authentication?
personal identification number
To safeguard data against security threats, every information system today requires a user name and a password. In this case, which of the following functions is performed by the user name?
Identification
________refers to an organization-wide function that is in charge of developing data policies and enforcing data standards.
Data administration
Which of the following statements is true of symmetric encryption?
it uses the same key for both encoding and decoding
_______ is a technique for intercepting computer communications
Sniffing
Incorrectly increasing a customer’s discount is an example of incorrect data modification. T/F
True
Backup and recovery against computer security threats are __________.
data safeguards
Which of the following is a data safeguard against security threats?
physical security
Viruses, worms, and Trojan horses are types of firewalls. T/F
False
Packet-filtering firewalls cannot prohibit outsiders from starting a session with any user behind the firewall. T/F
False
Incident-response plans should provide centralized reporting of all security incidents. T/F
True
Which of the following is a human safeguard against threats?
Procedure design
Pretexting occurs when someone deceives by pretending to be someone else.T/F
True
Which of the following are the three independent factors that constitute the enforcement of security procedures and policies?
responsibility, accountability, and compliance
A_______ is a message that individuals or organizations take to block a threat from obtaining an asset.
safeguard
A threat is a person or an organization that seeks to obtain or alter data illegally, without the owners permission or knowledge.T/F
True
Financial institutions must invest heavily in security safeguards because they are obvious targets for theft. T/F
True
A criticism of biometric authentication is that it provides weak authentication. T/F
False
Packet-filtering firewalls are the most sophisticated type of firewall.T/F
False
An_______includes how employees should react to security problems, whom they should contact, the reports they should make, and steps they can take to reduce further loss.
incident-response plan
_______ is a broad category of software that includes viruses, worms, Trojan horses, spyware, and adware.
Malware
Technical safeguards include encryption and usage of passwords. T/F
False
In an organization, security sensitivity for each position should be documented. T/F
True
An________is a computer program that senses when another computer is attempting to scan a disk or access a computer.
intrusion detection system
A help-desk information system has answers to questions that only a true user of an account or system would know. T/F
True
______ a site means to take extraordinary measures to reduce a system’s vulnerability.
Hardening
Malware protection is an example of a technical safeguard. T/F
True
A person calls the Stark residence and pretends to represent a credit card company. He asks Mrs. Stark to confirm her credit card number. this is an example of _______.
pretexting
Damages to security systems caused by natural disasters are minimal when compared to the damages due to human errors.T/F
False
The creation of backup copies of databse contents makes the data move vulnerable to security threats. T/F
False
Every information system today should require users to sign on with a user name and a password. In this case, which of the following functions is performed by the user’s password?
authentication
Spoofing is a technique for intercepting computer communications. T/F
False
In a brute force attack, a password cracker trues every possible combination of characters. T/F
True
_______ are viruses that masquerade as useful programs like a computer game, an MP3 file, or some other useful innocuous program.
Trojan horses
A _______ sits outside an organizational network and is the first device that Internet traffic encounters.
perimeter firewall
Advanced persistent threats can be a means to engage in cyber warfare and cyber espionage. T/F
True
IP spoofing occurs when an intruder uses another site’s IP address to masquerade as that other site. T/F
True
A_____ examines the source address, destination address, and other data of a message and determines whether to let that message pass.
packet-filtering firewall
Which of the following types of encryption is used by the secure sockets layer protocol?
public key encryption
Spyware programs are installed on a user’s computer without the user’s knowledge. T/F
True
Wardrives are those who engage in phishing to obtain unauthorized access to data. T/F
False
A user name authenticates a user, and a password identifies that user. T/F
False
An _______ is a sophisticated, possibly long-run computer hack that is perpetrated by large, well-funded organizations like governments.
advanced persistent threat
A______ is a plastic card that has a microchip loaded with identifying data.
smart card

Need essay sample on "MIS Chapter 10 Review"? We will write a custom essay sample specifically for you for only .90/page

Can’t wait to take that assignment burden offyour shoulders?

Let us know what it is and we will show you how it can be done!
×
Sorry, but copying text is forbidden on this website. If you need this or any other sample, please register
Signup & Access Essays

Already on Businessays? Login here

No, thanks. I prefer suffering on my own
Sorry, but copying text is forbidden on this website. If you need this or any other sample register now and get a free access to all papers, carefully proofread and edited by our experts.
Sign in / Sign up
No, thanks. I prefer suffering on my own
Not quite the topic you need?
We would be happy to write it
Join and witness the magic
Service Open At All Times
|
Complete Buyer Protection
|
Plagiarism-Free Writing

Emily from Businessays

Hi there, would you like to get such a paper? How about receiving a customized one? Check it out https://goo.gl/chNgQy