Question 1

A password system on a computer network is an example of which type of information security control?&#10;A) physical&#10;B) access&#10;C) communication

Accepted Answer

A password system on a computer network is a form of access control, as it regulates who is allowed to access the network resources by requiring authentication through a password or other means. Physical controls are measures that physically restrict access to resources, such as locks or security guards. Communication controls are measures that protect the transmission of information over a network, such as encryption or firewalls.

Question 2

The threats to information security are _____, and the greatest threat is _____.&#10;A) increasing, human&#10;B) decreasing, human&#10;C) increasing, technological&#10;D) decreasing, technological&#10;E) staying about the same, software

Accepted Answer

The threats to information security are increasing, as technology advances and new vulnerabilities are discovered. However, the greatest threat is still human error or malicious intent, as many security breaches are caused by employees or hackers exploiting human weaknesses.

Question 3

____________ is an encryption standard used for secure transactions such as credit card processing and online banking.&#10;A) VPN&#10;B) TLS&#10;C) DMZ&#10;D) Whitelisting

Accepted Answer

TLS (Transport Layer Security) is used for encrypting data during transmissions over the internet. It is commonly used for securing transactions involving credit cards and online banking as it provides confidentiality and integrity of the data being transmitted. VPN (Virtual Private Network) is a technology used for creating a secure and private connection between two endpoints over the internet. DMZ (Demilitarized Zone) is a network segment that is isolated from the rest of the network and is used to host publicly accessible servers. Whitelisting is a security practice of allowing only pre-approved software or applications to run on a system or network.

Question 4

The emergence of the Internet has decreased the threats to information security.

Accepted Answer

The emergence of the Internet has increased the threats to information security, as it has created new avenues for cyber attacks and data breaches.

Question 5

Risk management identifies, controls, and minimizes the impact of threats to the organization's information security.

Accepted Answer

Risk management is a process that involves identifying potential risks and vulnerabilities, assessing their impact and likelihood, and taking steps to control, reduce or mitigate those risks. By doing this, the organization can minimize the impact of any security breaches, data breaches or other incidents that may affect the confidentiality, integrity or availability of information assets. Thus, the statement is true.

Question 6

Which type of alien software uses your computer to send emails that look like they came from you to all the people in your address book?&#10;A) adware&#10;B) spyware&#10;C) spamware&#10;D) cookies

Accepted Answer

The type of alien software that uses your computer to send emails to all the people in your address book is called spamware. Adware is a type of software that displays advertisements on your computer, while spyware is software that is designed to gather information about a person or organization without their knowledge or consent. Cookies are small files that are stored on your computer by websites to remember your preferences and provide a better browsing experience.

Question 7

Which if the following is not a common risk mitigation strategy?&#10;A) Risk analysis.&#10;B) Risk limitation.&#10;C) Risk acceptance.&#10;D) Risk trasnference.

Accepted Answer

Risk analysis is not a risk mitigation strategy, but rather an initial step in identifying and assessing potential risks. Risk limitation, risk acceptance, and risk transfer are all common risk mitigation strategies.

Question 8

If you have copied a software package (computer program) from a friend without paying for it, you are guilty of software piracy.

Accepted Answer

Copying a software package without paying for it is a violation of the copyright law which is considered as software piracy.

Question 9

Which of the following statements is true?&#10;A) Multifactor authentication systems are more reliable and less expensive than single-factor.&#10;B) Multifactor authentication systems are more reliable and more expensive than single-factor.c) Multifactor authentication systems are less reliable and less expensive than single-factor&#10;D) Multifactor and single-factor authentications have the same degree of reliability.

Accepted Answer

Multifactor authentication systems are more reliable than single-factor because they require more than one method of authentication, making it harder for unauthorized access. However, they are also more expensive to implement and maintain due to the additional hardware and software components required.

Question 10

Which of the following employees typically poses the most significant threat to information security?&#10;A) Janitors&#10;B) Contract labor&#10;C) Consultants&#10;D) IS employees

Accepted Answer

IS employees typically have the greatest access to sensitive information and systems, making them more likely to exploit or mishandle this information. It is important to implement strict security controls and monitoring for this group of employees. Janitors, contract labor, and consultants are also potential security risks, but typically have limited access to sensitive information and systems.

Question 11

Which of the following would be an example of a SCADA attack?&#10;A) Bank accounts are hacked into after Internet purchases&#10;B) Social Security numbers are deleted from a company's database.&#10;C) Computer viruses are introduced into the electrical company's systems resulting ain a shutdown of the power plant.&#10;D) Email accounts are hacked and kinky messages are sent to all fo the user's contacts

Accepted Answer

The answer of Which of the following would be an...

Question 12

Which type of remote software attack does not require user action?&#10;A) virus&#10;B) worm&#10;C) phishing attack&#10;D) denial-of service attack

Accepted Answer

The answer of Which type of remote software attack does...

Question 13

Low level employees pose the greatest threat to information security.

Accepted Answer

The answer of Low level employees pose the greatest threat...

Question 14

Which of the following is not a social engineering technique?&#10;A) Tailgating&#10;B) Shoulder surfing&#10;C) Careless internet surfing&#10;D) All of the choices are social engineering techniques.&#10;E) None of the choices are social engineering techniques

Accepted Answer

The answer of Which of the following is not a...

Question 15

You should regularly delete any spyware that might be residing on your computer, because it may be dangerous.

Accepted Answer

The answer of You should regularly delete any spyware that...

Deck 4: Information Security