Accounting
Anthropology
Archaeology
Art History
Banking
Biology & Life Science
Business
Business Communication
Business Development
Business Ethics
Business Law
Chemistry
Communication
Computer Science
Counseling
Criminal Law
Curriculum & Instruction
Design
Earth Science
Economic
Education
Engineering
Finance
History & Theory
Humanities
Human Resource
International Business
Investments & Securities
Journalism
Law
Management
Marketing
Medicine
Medicine & Health Science
Nursing
Philosophy
Physic
Psychology
Real Estate
Science
Social Science
Sociology
Special Education
Speech
Visual Arts
Management
Q:
Which of the following is considered a type of biometrics?
A. voice
B. face
C. iris
D. All of these are considered biometrics.
Q:
A user can opt in to receive emails by choosing to allow permissions to incoming emails.
Q:
What is the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting?
A. smart card
B. token
C. biometrics
D. content filtering
Q:
A user can opt out of receiving emails by choosing to deny permission to incoming emails.
Q:
What are computer viruses that wait for a specific date before executing their instructions?
A. zombie
B. zombie farm
C. pharming attack
D. time bomb
Q:
A social media policy outlines the corporate guidelines or principles governing employee online communications.
Q:
What uses a zombie farm, often by an organized crime association, to launch a massive phishing attack?
A. zombie
B. zombie farm
C. pharming attack
D. time bomb
Q:
Teergrubing is an anti-spamming approach where the receiving computer launches a return attack against the spammer, sending email messages back to the computer that originated the suspected spam.
Q:
What is a group of computers on which a hacker has planted zombie programs?
A. zombie
B. zombie farm
C. pharming attack
D. time bomb
Q:
Companies do not need a privacy policy for email because an employees work email is private and cannot be viewed by the company.
Q:
What is a device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing?
A. token
B. password
C. smart card
D. biometrics
Q:
An acceptable use policy (AUP) requires a user to agree to follow it in order to be provided access to corporate email, information systems, and the Internet.
Q:
What is the most secure type of authentication?
A. something the user knows such as a user ID and password
B. something the user has such as a smart card or token
C. something that is part of the user such as a fingerprint or voice signature
D. A combination of all of these are correct.
Q:
Cybervandalism includes threats, negative remarks, or defamatory comments transmitted via the Internet or posted on the website.
Q:
A smart card is a device the size of a credit card that contains embedded technology that stores information and small amounts of software and can act as ________.
A. identification instruments
B. a form of digital cash
C. a data storage device
D. All of these are correct.
Q:
Fair information practices is a general term for a set of standards governing the collection and use of personal data and addressing issues of privacy and accuracy.
Q:
Which of the following authentication methods is 100 percent accurate?
A. smart card
B. fingerprint authentication
C. user ID
D. None of these are correct.
Q:
BYOD policies offer four basic options, including 1) unlimited access for personal devices, 2) access only to nonsensitive systems and data, 3) access, but with IT control over personal devices, apps, and stored data, and 4) access, but preventing local storage of data on personal devices.
Q:
The most secure procedures combine which of the following authentication and authorization techniques?
A. something the user knows, such as a user ID and password
B. something the user has, such as a smart card or token
C. something that is part of the user, such as a fingerprint or voice signature
D. All of these are correct.
Q:
Bring your own devices is a general term for a set of standards governing the collection and use of personal data and addressing issues of privacy and accuracy.
Q:
What is a method for confirming users identities?
A. phishing
B. authentication
C. authorization
D. programming
Q:
Fair information practices is a general term for a set of standards governing the collection and use of personal data and addressing issues of privacy and accuracy.
Q:
What is the process that provides a user with permission including access levels and abilities such as file access, hours of access, and amount of allocated storage space?
A. pharming
B. authentication
C. authorization
D. programming
Q:
Fair information practices are policies that allows employees to use their personal mobile devices and computers to access enterprise data and applications.
Q:
What area of information security focuses on preventing identity theft, phishing, and pharming scams?
A. prevention and resistance
B. detection and authorizing
C. detection and response
D. authentication and authorization
Q:
Website name stealing is the theft of a website's name that occurs when someone, posing as a site's administrator, changes the ownership of the domain name assigned to the website to another website owner.
Q:
eBay is an example of an online company that has been faced with numerous security issues. For example, imagine you purchase a digital camera on eBay. Three months later you might receive an email asking you to log in to the system to update your credit card or PayPal information. Of course, this email is not actually from eBay and as soon as you log in your information will be stolen. What type of information security breach would you consider this to be?
A. an Insider
B. dumpster diving
C. social engineering
D. phishing
Q:
Cybervandalism is a problem that occurs when someone registers purposely misspelled variations of well-known domain names.
Q:
Imagine you accidently mistype the URL for your bank and you are redirected to a fake website that collects your information. What type of identity theft were you just a victim of?
A. pharming
B. worm holes
C. phishing
D. insider hacking
Q:
Cybervandalism is the electronic defacing of an existing website.
Q:
What is a program that secretly takes over another computer for the purpose of launching attacks on other computers?
A. zombie
B. zombie farm
C. pharming attack
D. time bomb
Q:
Competitive click-fraud is a computer crime where a competitor or disgruntled employee increases a company's search advertising costs by repeatedly clicking on the advertiser's link.
Q:
What reroutes requests for legitimate websites to false websites?
A. zombie
B. zombie farm
C. pharming attack
D. pharming
Q:
Cyberbullying is an act or object that poses a danger to assets.
Q:
What is pharming?
A. reroutes requests for legitimate websites to false websites
B. a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent emails that look as though they came from legitimate businesses
C. a masquerading attack that combines spam with spoofing
D. a phone scam that attempts to defraud people by asking them to call a bogus telephone number to "confirm" their account information
Q:
Click-fraud is the abuse of pay-per-click, pay-per-call, and pay-per-conversion revenue models by repeatedly clicking on a link to increase charges or costs for the advertiser.
Q:
What is vishing?
A. reroutes requests for legitimate websites to false websites
B. a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent emails that look as though they came from legitimate businesses
C. a masquerading attack that combines spam with spoofing
D. a phone scam that attempts to defraud people by asking them to call a bogus telephone number to "confirm" their account information
Q:
An ethical computer use policy contains general principles to guide computer user behavior.
Q:
What is spear phishing?
A. reroutes requests for legitimate websites to false websites
B. a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent emails that look as though they came from legitimate businesses
C. a masquerading attack that combines spam with spoofing
D. a phishing expedition in which the emails are carefully designed to target a particular person or organization
Q:
Bring your own device is a policy that allows employees to use their personal mobile devices and computers to access enterprise data and applications.
Q:
What is a phishing expedition?
A. reroutes requests for legitimate websites to false websites
B. a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent emails that look as though they came from legitimate businesses
C. a masquerading attack that combines spam with spoofing
D. a phishing expedition in which the emails are carefully designed to target a particular person or organization
Q:
Epolicies are policies and procedures that address information management along with the ethical use of computers and the Internet in the business environment.
Q:
What reroutes requests for legitimate websites to false websites?
A. pharming
B. phishing
C. phishing expedition
D. spear phishing
Q:
Internet governance is government attempts to control Internet traffic, thus preventing some material from being viewed by a country's citizens.
Q:
What is a phone scam that attempts to defraud people by asking them to call a bogus telephone number to "confirm" their account information?
A. pharming
B. phishing
C. phishing expedition
D. vishing
Q:
Information property is the category of computer security that addresses the protection of data from unauthorized disclosure and confirmation of data source authenticity.
Q:
What is a masquerading attack that combines spam with spoofing?
A. pharming
B. phishing
C. phishing expedition
D. spear phishing
Q:
Information secrecy is the category of computer security that addresses the protection of data from unauthorized disclosure and confirmation of data source authenticity.
Q:
What is the difference between phishing and pharming?
A. Phishing is not illegal, and pharming is illegal.
B. Phishing is the right of the company, where pharming is the right of the individual.
C. Phishing is a technique to gain personal information for the purpose of identity theft, and pharming reroutes requests for legitimate websites to false websites.
D. All of these are correct.
Q:
Information secrecy is an ethical issue that focuses on who owns information about individuals and how information can be sold and exchangeD.
Q:
What is a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent emails that look as though they came from legitimate businesses?
A. pharming
B. phishing
C. phishing expedition
D. spear phishing
Q:
Information property is an ethical issue that focuses on who owns information about individuals and how information can be sold and exchangeD.
Q:
What is forging of someones identity for the purpose of fraud?
A. identity crisis
B. identity theft
C. ediscovery
D. All of these are correct.
Q:
Information governance is a method or system of government for information management or control.
Q:
Which of the following represents the three areas where technology can aid in the defense against information security attacks?
A. authentication and authorization, prevention and resistance, prevention and response
B. authentication and authorization, prevention and response, detection and response
C. analyzing and authenticating, prevention and repositioning, detection and response
D. authentication and authorization, prevention and resistance, detection and response
Q:
Information compliance is the act of conforming, acquiescing, or yielding information.
Q:
What is phishing?
A. reroutes requests for legitimate websites to false websites.
B. a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent emails that look as though they came from legitimate businesses
C. a masquerading attack that combines spam with spoofing
D. a phishing expedition in which the emails are carefully designed to target a particular person or organization
Q:
The Child Online Protection Act was passed to protect minors from accessing inappropriate material on the Internet.
Q:
What is a destructive agent?
A. a form of social engineering in which one individual lies to obtain confidential data about another individual
B. a hacker looks through your trash to find personal information
C. legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident
D. malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines
Q:
Information management examines the organizational resource of information and regulates its definitions, uses, value, and distribution ensuring it has the types of data/information required to function and grow effectively.
Q:
Applications allowed to be placed on the corporate network, like IM software, and corporate computer equipment used for personal reasons on personal networks are two areas that should be addressed by managers in which of the following company policies?
A. information ethics policy
B. information security policies
C. information technology plan
D. All of these are correct.
Q:
Copyright is an exclusive right to make, use, and sell an invention and is granted by a government to the inventor.
Q:
Which of the following is an example of a way to maintain information security that a company should include in their information security policies?
A. requiring computer users to log off before leaving for lunch
B. never sharing user or password information with anyone
C. changing passwords every 30-60 days
D. All of these are correct.
Q:
Working at a ski resort in the mountains has its own unique security issues. Kenny is the chief information officer for Sundance Ski Resort, and he is faced with both physical and information security threats every month. Since the resort implemented a new software system, they have been having larger number of threats and breaches of company information. He suspects that this may be the cause of an internal employee. He needs to clarify and establish what type of plan to help reduce further problems?
A. an information security plan
B. an ethical information policy
C. an antivirus plan
D. None of these are correct.
Q:
A patent is the legal protection afforded an expression of an idea, such as a song, book, or video game.
Q:
What is dumpster diving?
A. a form of social engineering in which one individual lies to obtain confidential data about another individual
B. a hacker that looks through your trash to find personal information
C. legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident
D. malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines
Q:
Pirated software is software that is manufactured to look like the real thing and sold as such.
Q:
What is pretexting?
A. a form of social engineering in which one individual lies to obtain confidential data about another individual
B. a hacker looks through your trash to find personal information
C. legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident
D. malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines
Q:
What is a form of social engineering in which one individual lies to obtain confidential data about another individual?
A. dumpster texting
B. dumpster diving
C. trash retrieval
D. pretexting
Q:
Digital rights management is a technological solution that allows publishers to control their digital media to discourage, limit, or prevent illegal copying and distribution.
Q:
What is it called when a hacker looks through your trash to find personal information?
A. striker bunny
B. dumpster diving
C. trash retrieval
D. approved consent
Q:
Confidentiality is the right to be left alone when you want to be, to have control over your own personal possessions, and not to be observed without your consent.
Q:
Using ones social skills to trick people into revealing access credentials or other valuable information is called ________.
A. social engineering
B. social media
C. social viruses
D. social processes
Q:
Which of the following describes confidentiality?
A. the assurance that messages and information are available only to those who are authorized to view them
B. policies and procedures that address the ethical use of computers and Internet usage in the business environment
C. the right to be left alone when you want to be, to have control over your own personal possessions, and not to be observed without your consent
D. the principles and standards that guide our behavior toward other people
Q:
Janet is a financial aid counselor at a local community college and she shares an office with her three coworkers. Janet feels safe in her office environment and frequently leaves her username and password on a sticky note next to her computer. Without realizing it Janet is creating the potential for which type of information security breach to occur?
A. insiders to hack into the college system
B. dumpster diving to find usernames and passwords
C. viruses and worms to spread through the college system
D. All of these are correct.
Q:
Which of the following is an example of acting ethically?
A. Individuals copy, use, and distribute software.
B. Employees search organizational databases for sensitive corporate and personal information.
C. Individuals hack into computer systems to steal proprietary information.
D. None of these are examples of acting ethically.
Q:
What is an insider?
A. a form of social engineering in which one individual lies to obtain confidential data about another individual
B. a hacker looks through your trash to find personal information
C. legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident
D. malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines
Q:
Which of the following describes privacy?
A. the assurance that messages and data are available only to those who are authorized to view them
B. policies and procedures that address the ethical use of computers and Internet usage in the business environment
C. the right to be left alone when you want to be, to have control over your own personal possessions, and to not be observed without your consent
D. the principles and standards that guide our behavior toward other people
Q:
Angela works for an identity protection company that maintains large amounts of sensitive customer information such as usernames, passwords, personal information, and social security numbers. Angela and a coworker decide to use the sensitive information to open credit cards in a few of her customers' names. This is a classic example of which of the following security breaches?
A. a social engineer
B. an insider
C. a spammer
D. a dumpster diver
Q:
A. ethics
B. intellectual property
C. privacy
D. confidentiality