Question 1

A person calls the Stark residence and pretends to represent a credit card company.He asks Mrs.Stark to confirm her credit card number.This is an example of ________.&#10;A)hacking&#10;B)data mining&#10;C)sniffing&#10;D)pretexting

Accepted Answer

This scenario is an example of pretexting, where an individual tricks someone into providing sensitive information by pretending to be someone they're not. The person is pretending to represent a credit card company and asking Mrs. Stark to confirm her credit card number. This type of social engineering attack can lead to identity theft or fraudulent charges on the victim's credit card.

Question 2

An Advanced Persistent Threat (APT)is a sophisticated computer hack that is perpetrated by large,well-funded organisations like governments.

Accepted Answer

Advanced Persistent Threats are typically carried out by large, well-funded organizations such as nation-states, rather than individual hackers or small criminal groups. These organizations have significant resources at their disposal and are often able to carry out attacks over an extended period of time, with the goal of stealing sensitive information or disrupting critical systems.

Question 3

A threat is a person or an organisation that seeks to obtain or alter data illegally,without the owner's permission or knowledge.

Accepted Answer

This is the definition of a threat in regards to cybersecurity.

Question 4

Which of the following occurs when millions of bogus service requests flood a Web server and prevent it from servicing legitimate requests?&#10;A)DOS attack&#10;B)hacking&#10;C)usurpation&#10;D)spoofing

Accepted Answer

This is a classic example of a denial-of-service (DOS) attack, where the attacker floods the targeted server with requests, preventing it from servicing legitimate users.

Question 5

A(n)________ is a sophisticated,possibly long-running,computer hack that is perpetrated by large,well-funded organisations like governments.&#10;A)Advanced Persistent Threat (APT)&#10;B)local area network denial (LAND)&#10;C)denial of service (DOS)&#10;D)Advanced Volatile Threat (AVT)

Accepted Answer

An advanced persistent threat (APT) is a type of cyber attack that is carried out by well-funded and sophisticated organizations, such as governments and large corporations. APTs are typically long-running and targeted, often involving multiple stages and techniques to gain access to sensitive information or systems. Option B (local area network denial) and Option C (denial of service) are both types of cyber attacks, but they are not necessarily sophisticated or well-funded. Option D (Advanced Volatile Threat) is not a commonly used term in the field of cybersecurity.

Question 6

________ occurs when computer criminals invade a computer system and replace legitimate programs with their own unauthorised ones.&#10;A)Encryption&#10;B)Sniffing&#10;C)Usurpation&#10;D)Spoofing

Accepted Answer

Usurpation, also known as hijacking, occurs when attackers gain unauthorized access and control over a computer system. This can involve replacing legitimate programs with their own malicious ones, giving them complete control over the system. Encryption refers to the process of encoding data to prevent unauthorized access, sniffing refers to intercepting data on a network, and spoofing refers to masquerading as a trusted entity to trick users. None of these options specifically refer to the scenario in the question.

Question 7

Pretexting occurs when someone deceives by pretending to be someone else.

Accepted Answer

Pretexting involves creating a false pretext or situation to gain access to someone's private information or to manipulate them in some way. This often involves pretending to be someone else, such as a government official, a company representative, or a trusted friend or acquaintance.

Question 8

________ take computers with wireless connections through an area and search for unprotected wireless networks.&#10;A)Key punchers&#10;B)Drive-by sniffers&#10;C)Phishers&#10;D)Hackers

Accepted Answer

Drive-by sniffers take computers with wireless connections through an area and search for unprotected wireless networks. Key punchers are individuals who enter data into computer systems, phishers are individuals who use deceptive methods to obtain sensitive information, and hackers are individuals who attempt to gain unauthorized access to computer systems.

Question 9

Drive-by phishers take computers with wireless connections through an area and search for unprotected wireless networks.

Accepted Answer

The answer of Drive-by phishers take computers with wireless connections...

Question 10

________ is a technique for intercepting computer communications.&#10;A)Pretexting&#10;B)Spoofing&#10;C)Hacking&#10;D)Sniffing

Accepted Answer

Sniffing is a technique where a person can intercept and read network traffic between computers. This can be used to gather sensitive information like passwords or personal data. Pretexting is a form of social engineering where someone pretends to be someone else to gain access to information, while spoofing involves altering a network address to make it seem like the traffic is coming from a different computer or location. Hacking involves breaking into a system to gain unauthorized access or control.

Question 11

Which of the following is a synonym for phishing?&#10;A)drive-by sniffing&#10;B)email spoofing&#10;C)IP spoofing&#10;D)system hacking

Accepted Answer

The answer of Which of the following is a synonym...

Question 12

Mark receives an email from his bank asking him to update and verify his credit card details.He replies to the mail with all the requested details.Mark later learns that the mail was not actually sent by his bank and that the information he had shared has been misused.Mark is a victim of ________.

A)sniffing
B)data mining
C)phishing
D)hacking

Accepted Answer

The answer of Mark receives an email from his bank...

Question 13

Describe the terms phishing,spoofing,and sniffing.

Accepted Answer

The answer of Describe the terms phishing,spoofing,and sniffing....

Question 14

A ________ pretends to be a legitimate company and sends emails requesting confidential data.&#10;A)hacker&#10;B)phisher&#10;C)drive-by sniffer&#10;D)key puncher

Accepted Answer

The answer of A ________ pretends to be a legitimate...

Question 15

Email spoofing is a synonym for phishing.

Accepted Answer

The answer of Email spoofing is a synonym for phishing....

Question 16

Breaking into computers,servers,or networks to steal proprietary and confidential data is referred to as ________.&#10;A)spoofing&#10;B)hacking&#10;C)usurpation&#10;D)sniffing

Accepted Answer

The answer of Breaking into computers,servers,or networks to steal proprietary...

Question 17

Which of the following types of security loss is WikiLeaks an example of?&#10;A)faulty service&#10;B)incorrect data modification&#10;C)unauthorised data disclosure&#10;D)denial of service

Accepted Answer

The answer of Which of the following types of security...

Question 18

Incorrectly increasing a customer's discount is an example of incorrect data modification.

Accepted Answer

The answer of Incorrectly increasing a customer's discount is an...

Question 19

A(n)________ is a measure that individuals or organisations take to block a threat from obtaining an asset.&#10;A)safeguard&#10;B)information silo&#10;C)third-party cookie&#10;D)Hadoop

Accepted Answer

The answer of A(n)________ is a measure that individuals or...

Question 20

Spoofing is a technique for intercepting computer communications.

Accepted Answer

The answer of Spoofing is a technique for intercepting computer...

Question 21

Which of the following is a data safeguard against security threats?&#10;A)malware protection&#10;B)physical security&#10;C)dissemination of information&#10;D)application design

Accepted Answer

The answer of Which of the following is a data...

Question 22

A person should preferably use the same password for different sites so as to avoid confusion.

Accepted Answer

The answer of A person should preferably use the same...

Question 23

Which of the following is considered a personal security safeguard?&#10;A)create backup of cookies and temporary files&#10;B)conduct transactions using http rather than https&#10;C)use a single valid password for all accounts&#10;D)send no valuable data via email or IM

Accepted Answer

The answer of Which of the following is considered a...

Question 24

A(n)________ is a computer program that senses when another computer is attempting to scan a disk or access a computer.&#10;A)malware definition&#10;B)business intelligence system&#10;C)account administration system&#10;D)intrusion detection system

Accepted Answer

The answer of A(n)________ is a computer program that senses...

Question 25

What are some of the recommended personal security safeguards against security threats?

Accepted Answer

The answer of What are some of the recommended personal...

Question 26

The creation of a backup copy of all database content of an organisation is a technical safeguard.

Accepted Answer

The answer of The creation of a backup copy of...

Question 27

Risk management is a critical security function of an organisation's senior management.

Accepted Answer

The answer of Risk management is a critical security function...

Question 28

During which of the following computer crimes does a password cracker try every possible combination of characters?&#10;A)brute force attack&#10;B)DOS attack&#10;C)sniffing&#10;D)pretexting

Accepted Answer

The answer of During which of the following computer crimes...

Question 29

Backup and physical security are ________ against computer security threats.&#10;A)human safeguards&#10;B)procedural safeguards&#10;C)data safeguards&#10;D)technical safeguards

Accepted Answer

The answer of Backup and physical security are ________ against...

Question 30

In a brute force attack,a password cracker tries every possible combination of characters.

Accepted Answer

The answer of In a brute force attack,a password cracker...

Question 31

Which of the following is a technical safeguard against security threats?&#10;A)compliance&#10;B)backup and recovery&#10;C)passwords&#10;D)identification and authorisation

Accepted Answer

The answer of Which of the following is a technical...

Question 32

Which of the following statements is true of the financial losses due to computer security threats?&#10;A)All studies on costs of computer crimes are based on unobtrusive research.&#10;B)The financial losses faced by companies due to human error are enormous.&#10;C)Damages caused by natural disasters are minimal when compared to the damages due to human errors.&#10;D)There are several set standards for tallying computer crime costs and financial losses.

Accepted Answer

The answer of Which of the following statements is true...

Question 33

Financial institutions must invest heavily in security safeguards because they are obvious targets for theft.

Accepted Answer

The answer of Financial institutions must invest heavily in security...

Question 34

________ are small files that browsers store on users' computers when they visit Web sites.&#10;A)Viral hooks&#10;B)Cookies&#10;C)Mashups&#10;D)Keys

Accepted Answer

The answer of ________ are small files that browsers store...

Question 35

Damages caused by natural disasters are minimal when compared to the damages due to human errors.

Accepted Answer

The answer of Damages caused by natural disasters are minimal...

Question 36

Studies on the cost of computer crimes are mostly based on surveys.

Accepted Answer

The answer of Studies on the cost of computer crimes...

Question 37

Explain the concept of denial of service (DOS)in information management.

Accepted Answer

The answer of Explain the concept of denial of service...

Question 38

While making online purchases,a person should buy only from vendors who support https.

Accepted Answer

The answer of While making online purchases,a person should buy...

Question 39

Which of the following is a human safeguard against security threats?&#10;A)physical security&#10;B)procedure design&#10;C)firewalls&#10;D)backup and recovery

Accepted Answer

The answer of Which of the following is a human...

Question 40

Malware protection is an example of a technical safeguard.

Accepted Answer

The answer of Malware protection is an example of a...

Question 41

With HTTPS,data are encrypted using the Secure Socket Layer (SSL)protocol,which is also known as ________.&#10;A)Simple Mail Transfer Protocol (SMTP)&#10;B)Transport Layer Security (TLS)&#10;C)Secure Shell (SSH)&#10;D)File Transfer Protocol (FTP)

Accepted Answer

The answer of With HTTPS,data are encrypted using the Secure...

Question 42

Which of the following refers to viruses that masquerade as useful programs?&#10;A)Trojan horses&#10;B)adware&#10;C)payloads&#10;D)spyware

Accepted Answer

The answer of Which of the following refers to viruses...

Question 43

________ determine whether to pass each part of a message by examining its source address,destination addresses,and other such data.&#10;A)Perimeter firewalls&#10;B)Application firewalls&#10;C)Internal firewalls&#10;D)Packet-filtering firewalls

Accepted Answer

The answer of ________ determine whether to pass each part...

Question 44

A ________ has a microchip that is loaded with identifying data.&#10;A)smart card&#10;B)payment card&#10;C)biometric passport&#10;D)flashcard

Accepted Answer

The answer of A ________ has a microchip that is...

Question 45

Which of the following statements is true of symmetric encryption?&#10;A)Asymmetric encryption is simpler and much faster than symmetric encryption.&#10;B)With symmetric encryption,encoding and decoding are performed by two different keys.&#10;C)With symmetric encryption,the same key is used for both encoding and decoding.&#10;D)Public key/private key is a special version of symmetric encryption used on the Internet.

Accepted Answer

The answer of Which of the following statements is true...

Question 46

________ includes viruses,worms,Trojan horses,spyware,and adware.&#10;A)Malware&#10;B)Shareware&#10;C)Firewall&#10;D)Metadata

Accepted Answer

The answer of ________ includes viruses,worms,Trojan horses,spyware,and adware.&#10;A)Malware&#10;B)Shareware&#10;C)Firewall&#10;D)Metadata...

Question 47

Explain the two critical security functions that an organisation's senior management needs to address.

Accepted Answer

The answer of Explain the two critical security functions that...

Question 48

With HTTPS,data are encrypted using a protocol called the ________.&#10;A)Post Office Protocol (POP)&#10;B)Secure Shell (SSH)&#10;C)Secure Socket Layer (SSL)&#10;D)File Transfer Protocol (FTP)

Accepted Answer

The answer of With HTTPS,data are encrypted using a protocol...

Question 49

A password ________ a user.&#10;A)authenticates&#10;B)conceals&#10;C)identifies&#10;D)encrypts

Accepted Answer

The answer of A password ________ a user.&#10;A)authenticates&#10;B)conceals&#10;C)identifies&#10;D)encrypts...

Question 50

A user name authenticates a user,and a password identifies that user.

Accepted Answer

The answer of A user name authenticates a user,and a...

Question 51

________ is the process of transforming clear text into coded,unintelligible text for secure storage or communication.&#10;A)Standardisation&#10;B)Encryption&#10;C)Usurpation&#10;D)Authentication

Accepted Answer

The answer of ________ is the process of transforming clear...

Question 52

Users of smart cards are required to enter a ________ to be authenticated.&#10;A)key&#10;B)biometric detail&#10;C)password&#10;D)personal identification number

Accepted Answer

The answer of Users of smart cards are required to...

Question 53

Adware and spyware are similar to each other in that they both ________.&#10;A)are specifically programmed to spread&#10;B)are installed without a user's permission&#10;C)are used to replicate programs&#10;D)masquerade as useful programs

Accepted Answer

The answer of Adware and spyware are similar to each...

Question 54

Which of the following uses an individual's personal physical characteristics such as fingerprints,facial features,and retinal scans for verification purposes?&#10;A)flashcards&#10;B)biometric authentication&#10;C)symmetric encryption&#10;D)smart cards

Accepted Answer

The answer of Which of the following uses an individual's...

Question 55

Smart cards are convenient to use because they don't require a PIN number for authentication.

Accepted Answer

The answer of Smart cards are convenient to use because...

Question 56

A user name ________ a user.&#10;A)identifies&#10;B)authenticates&#10;C)conceals&#10;D)encrypts

Accepted Answer

The answer of A user name ________ a user.&#10;A)identifies&#10;B)authenticates&#10;C)conceals&#10;D)encrypts...

Question 57

Technical safeguards involve both software and hardware components of an information system.

Accepted Answer

The answer of Technical safeguards involve both software and hardware...

Question 58

The most secure communications over the Internet use a protocol called ________.&#10;A)HTTPS&#10;B)HTTP&#10;C)SFTP&#10;D)SMTP

Accepted Answer

The answer of The most secure communications over the Internet...

Question 59

A(n)________ sits outside an organisational network and is the first device that Internet traffic encounters.&#10;A)internal firewall&#10;B)packet-filtering firewall&#10;C)perimeter firewall&#10;D)application firewall

Accepted Answer

The answer of A(n)________ sits outside an organisational network and...

Question 60

Technical safeguards include encryption and the usage of passwords.

Accepted Answer

The answer of Technical safeguards include encryption and the usage...

Question 61

The loss of encryption keys by employees is referred to as key escrow.

Accepted Answer

The answer of The loss of encryption keys by employees...

Question 62

The most secure communications over the Internet use a protocol called HTTP.

Accepted Answer

The answer of The most secure communications over the Internet...

Question 63

What are firewalls? What types of firewalls are commonly used?

Accepted Answer

The answer of What are firewalls? What types of firewalls...

Question 64

Discuss briefly the pros and cons of biometric authentication.

Accepted Answer

The answer of Discuss briefly the pros and cons of...

Deck 12: Information Security Management