 |
1 | |
Three security aspects affect all businesses, but particularly those engaged in e-commerce: |
| | A) | Employee trustworthiness, unethical business partners, interception of messages. |
| | B) | Attacks on servers, firewall breakdowns, outdated encryption programs. |
| | C) | Interception of messages, attacks on servers, monitoring to identify attacks. |
| | D) | Failure to make frequent backups, interception of messages, employee errors. |
|
|
2 | |
A computer virus that attaches itself to your e-mail and then gets loose within your computer tends to do two things: |
| | A) | Wipe the hard drives clean and destroy the operating system. |
| | B) | Release confidential files to hackers and destroy your e-mail contact list. |
| | C) | Leave a time bomb or Trojan horse for future trouble. |
| | D) | It attaches itself to other files in your computer, and it sends itself to everyone in your contact list using your name. |
|
|
3 | |
Common techniques to identify a person based on biological characteristics that can be useful for computer security are: |
| | A) | Fingerprints, handprints, retinal scanners. |
| | B) | DNA scanners, tooth patterns, handprints. |
| | C) | Voiceprints, DNA scanners, fingerprints. |
| | D) | Retinal scanners, DNA scanners, photographs. |
|
|
4 | |
For a fee, there are several websites too help smaller businesses: |
| | A) | Check potential employee references. |
| | B) | Check credit references before the companies agree to work with other small companies. |
| | C) | Conduct merges on the Internet. |
| | D) | Perform basic background checks to verify SSNs and check public criminal records. |
|
|
5 | |
One problem for persons sending credit card numbers over the Internet is that: |
| | A) | You don't know who is on the other end. |
| | B) | Automated tools can be set to monitor transfers through one piece of the Internet, looking or card numbers. |
| | C) | Security is not as good as ones hopes it might be. |
| | D) | Internet transactions are not covered by credit card insurance. |
|
|
6 | |
Any time you open a connection from the Internet to your company data: |
| | A) | Re-check the firewall. |
| | B) | Require a password from the outside connection. |
| | C) | Record all interactions. |
| | D) | Be very careful to maintain strict control of that interaction. |
|
|
7 | |
A recent misuse of cookies was attempted by the company: |
| | A) | Amazon.com |
| | B) | Doubleclick.com |
| | C) | Plug and Play.com |
| | D) | Trackemnow.com |
|
|
8 | |
Which of the following is a key aspect of security and encryption? |
| | A) | Authenticating and identifying the user |
| | B) | Monitoring systems to identify arracks |
| | C) | Intercepting transmissions |
| | D) | Preventing attacks on the server |
|
|
9 | |
How has the internet and e-commerce added challenges for security? |
| | A) | Increased amounts of employees add the amount of exposure to corporate data. |
| | B) | More websites utilize corporate data like inventory levels. |
| | C) | Today’s huge computer capacity has the higher potential for outside attacks by hackers. |
| | D) | It is increasingly more difficult to authenticate transmission of corporate data. |
|
|
10 | |
What poses the biggest threat to information systems? |
| | A) | Hackers |
| | B) | Hurricanes |
| | C) | Developers |
| | D) | Inadequate backup systems |
|
|
11 | |
Which option is not a part of a disaster recovery service? |
| | A) | Data mirroring |
| | B) | Backup power generators |
| | C) | Hot centers |
| | D) | Cold centers |
|
|
12 | |
Identifying and preventing unscrupulous MIS employees from attacking or stealing is a complicated task. The only viable solution is to: |
| | A) | Run extensive background checks. |
| | B) | Check for “fire bombs” in software code on a regular basis. |
| | C) | Have backups of data readily available. |
| | D) | Don’t trust your programmers and analysts. |
|
|
13 | |
It’s generally a good practice to separate staff programmers and users because: |
| | A) | It prevents the opportunity for data theft. |
| | B) | There’s no transaction processing auditing otherwise. |
| | C) | It prevents the creation of timebombs in software. |
| | D) | Programmers and users have a conflict of interests. |
|
|
14 | |
Unscrupulous and criminal programmers have various ways of sabotaging software for their gain. Which of the following is not a method? |
| | A) | UCITA |
| | B) | Tospdoors |
| | C) | Time Bombs |
| | D) | Secret passwords |
|
|
15 | |
The electronic interexchange of financial and business data between businesses is identified as: |
| | A) | ASP |
| | B) | UCITA |
| | C) | EDI |
| | D) | MIS |
|
|
16 | |
The acronym ASP stands for: |
| | A) | Application Scripts Protocol. |
| | B) | Action Scripted pages. |
| | C) | Active Server Page. |
| | D) | Application Service Provider. |
|
|
17 | |
There are many advantages of using an ASP. Which of the following is not one of them? |
| | A) | Availability of company data on the Internet. |
| | B) | Export advice and maintenance of data. |
| | C) | Options of scalability. |
| | D) | Security of having all company maintenance by an outside party. |
|
|
18 | |
Outside hackers have invented many methods to gain access to company data. Which method involves scanning software searching for holes in security and software? |
| | A) | Time bombs |
| | B) | Trap doors |
| | C) | Script kiddies |
| | D) | Social engineers |
|
|
19 | |
Which Microsoft programming language offers a potential for stolen data? |
| | A) | C++ |
| | B) | Java |
| | C) | Visual Basic |
| | D) | Visual Age |
|
|
20 | |
The most prevalent way of acquiring a computer virus is: |
| | A) | Email attachments. |
| | B) | Macro programs. |
| | C) | Trojans. |
| | D) | Worms. |
|
|
21 | |
There are many ways to prevent the download of worms onto your computer. |
| | A) | Avoid suspect email attachments. |
| | B) | Use a virus software kit. |
| | C) | Utilize email filters. |
| | D) | Avoid using software from the Internet. |
|
|
22 | |
When a program replicates and embeds itself, and is usually is benign to the host computer, this is an example of a: |
| | A) | Virus. |
| | B) | Trojan. |
| | C) | Script kiddy. |
| | D) | Worm. |
|
|
23 | |
Denial of service is often related to the problems of |
| | A) | Unauthorized withholding |
| | B) | Unauthorized disclosure |
| | C) | Unauthorized modification |
| | D) | Unauthorized access |
|
|
24 | |
17. Which area of industry has led to the strongest developments in data security? |
| | A) | banking |
| | B) | healthcare |
| | C) | military |
| | D) | home/private security |
|
|
25 | |
Probably the most effective means of protecting data is: |
| | A) | An uninterruptible power supply. |
| | B) | A trusted IT staff. |
| | C) | firewalls and data encryption |
| | D) | formal backups |
|
|
26 | |
Which of the following is not part of an effective backup plan? |
| | A) | An off site storage area |
| | B) | Uninterruptible power supply |
| | C) | Access controls to data |
| | D) | Daily and weekly backup procedure |
|
|
27 | |
Some general rules of good password does not include the following: |
| | A) | Using a combination of letters and numbers |
| | B) | Never writing down passwords |
| | C) | Changing your password often |
| | D) | Using words that are easy to remember |
|
|
28 | |
Kerbers is an example of a: |
| | A) | Biometric system used to identify fingerprints |
| | B) | System cover used to authenticate other servers |
| | C) | Password generator |
| | D) | Transportable backup system. |
|
|
29 | |
Other than cost, what seems to be the biggest impediment to using biometric systems? |
| | A) | Possible bodily endangerment |
| | B) | The unreliability of certain devises |
| | C) | The lack of standards |
| | D) | The lack of industry knowledge and acceptance |
|
|
30 | |
Audits are an effective way of preventing fraud, but they do have drawbacks such as: |
| | A) | Extra operational costs to a firm |
| | B) | Inability of auditors to detect all fraud |
| | C) | Lack of auditory standards among auditing organizations |
| | D) | Threat of being audited not great enough to thwart fraud |
|
|
31 | |
Steganography can be defined as: |
| | A) | a type of shorthand used for note taking |
| | B) | A teletype machine for encryption |
| | C) | Hidden messages within communications |
| | D) | a means of generating passwords |
|
|
32 | |
Producing an audit trail of all file changes made is an example of what security measure? |
| | A) | Hiring and employee evaluation |
| | B) | Physical access tracking and prevention |
| | C) | Access controls |
| | D) | Data monitoring |
|
|
33 | |
The concept of brute force attacks is associated with |
| | A) | Encryption |
| | B) | data monitoring |
| | C) | Access controls |
| | D) | Stegonography |
|
|
34 | |
Which encryption standard allows for the choices of three key lengths? |
| | A) | Triple DES |
| | B) | DES 3.0 |
| | C) | AES |
| | D) | PKI |
|
|
35 | |
When sending and receiving messages through dual key encryption, what is needed besides a public and private key? |
| | A) | RSA |
| | B) | PGP |
| | C) | AES |
| | D) | PKI |
|
|
36 | |
Besides military applications, what's a more common use for dual encryption data? |
| | A) | Secure email messaging |
| | B) | Credit card processing |
| | C) | Internet financial data processing |
| | D) | Password authentication |
|
|
37 | |
In order for digital signatures to work, digital certificates are needed for what reason? |
| | A) | Internetaccess keys always work in pairs. |
| | B) | Public keys need to accurately reflect the user. |
| | C) | Federal law won't recognize digital signatures alone. |
| | D) | there are no regulations or rules for PKI |
|
|
38 | |
Many companies create a _____ to improve security in their internet connection: |
| | A) | PKI |
| | B) | AES |
| | C) | VPN |
| | D) | PGP |
|
|
39 | |
Public networks and _____ represent the two primary types of wireless systems: |
| | A) | VPNs |
| | B) | Private LANs |
| | C) | PGPs |
| | D) | DES |
|
|
40 | |
Which of the following is not an example of data capture technology? |
| | A) | Echelon |
| | B) | Escrow-key |
| | C) | DCS-10000 |
| | D) | Kerberos. |
|
|
41 | |
The use of zombie machines in a flood attack is associated with: |
| | A) | denial of service attacks |
| | B) | wireless networks attacks |
| | C) | echelon interceptions |
| | D) | virtual private network attacks |
|
|
42 | |
Firewalls essentially work by: |
| | A) | Examining network data before passing through routers |
| | B) | Encrypts content and sends it via internet |
| | C) | Verifies the identity of user before letting data transmit |
| | D) | Provides authentication to all authorized servers |
|
|
43 | |
For more sophisticated firewall protection, an intrusion detection system may be the best solution. Why are they better than regular firewalls? |
| | A) | They enable all unnecessary ports of the router to the internet |
| | B) | They use a set of rules to monitor internet traffic |
| | C) | They incorporate dual key encryption |
| | D) | They prevent data packet loss |
|
|
44 | |
Web cookies are usually used to: |
| | A) | monitor employee internet use |
| | B) | track users returning to a site |
| | C) | track location of cell phones |
| | D) | ensure online privacy |
|
|
45 | |
Which law prohibits video stores from releasing rental data? |
| | A) | 1994 Privacy Act |
| | B) | 1974 Privacy Act |
| | C) | Bork Bill |
| | D) | Family Values Act |
|
|
46 | |
As an Internet user, if you are truly concerned about online and consumer privacy, then the best country to live in is: |
| | A) | United States |
| | B) | Canada |
| | C) | Japan |
| | D) | France |
|
|
47 | |
With anonymous internet usage made possible, which group of users would likely abuse this concept? |
| | A) | Telemarketers |
| | B) | Terrorists |
| | C) | Government |
| | D) | Hackers |
|
2003 McGraw-Hill Higher Education