Chat with AI
Deck 12: Managing Information Security and Privacy
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/113
Play
Full screen (f)
Deck 12: Managing Information Security and Privacy
1
A retinal scan would be considered a biometric authentication technique.
True
2
Drive-by sniffers take computers with wireless connections through an area and search for unprotected wireless networks.
True
3
Technical safeguards involve the hardware and software components of an information system.
True
4
Data safeguards are designed to protect computer networks.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
5
Care must be taken when terminating employees because they may take harmful and malicious actions.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
6
Phishing is when someone sends an email pretending to be a legitimate company and asking for confidential data, such as account numbers.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
7
Despite warnings, users have a tendency to write their passwords on sticky notes next to the computer.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
8
Smart cards are convenient and easy to use since they don't require any PIN numbers for authentication.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
9
Spoofing is a technique for intercepting computer communications.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
10
People who intentionally gain unauthorized access to computer systems are called hackers.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
11
Even if a potential new hire will not have access to sensitive data and systems, they should be extensively screened for security purposes.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
12
To protect against lost or sabotaged encryption keys, a trusted party should keep a copy of the key.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
13
Encryption is one of several technical safeguards.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
14
Biometric authentication has been around for some time, and because of weaknesses is not likely to see much usage in the future.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
15
Malware is used in denial-of-service attacks.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
16
Most anti-malware programs check email attachments for malware code.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
17
Malware protection is an example of a technical safeguard.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
18
Any action, device, procedure, technique, or other measure that reduces a system's vulnerability to a threat is a safeguard.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
19
Denial of service always occurs because of malicious attacks on the system.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
20
When a hacker floods a web server with millions of bogus service requests so that it cannot service legitimate requests, this is called a denial-of-service attack.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
21
Organizations should store at least some of the ________ of the database contents off the premises, possibly in a remote location.
A) backups
B) company information
C) malware definitions
D) smaller parts
A) backups
B) company information
C) malware definitions
D) smaller parts
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
22
The purpose of a(n) ________ is to protect databases and other organizational data.
A) data warehouse
B) data security group
C) operations group
D) data safeguard
E) steering committee
A) data warehouse
B) data security group
C) operations group
D) data safeguard
E) steering committee
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
23
________, which are the patterns that exist in malware code, should be downloaded and updated frequently.
A) Software updates
B) Service packs
C) Malware patterns
D) Network patches
E) Malware definitions
A) Software updates
B) Service packs
C) Malware patterns
D) Network patches
E) Malware definitions
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
24
Be sure to purchase your antispyware program from a(n) ________ vendor because some free programs in the past were actually malware programs in disguise.
A) reasonable
B) reputable
C) entrepreneurial
D) inexpensive
E) illegitimate
A) reasonable
B) reputable
C) entrepreneurial
D) inexpensive
E) illegitimate
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
25
About 90 percent of all viruses are spread via
A) spreadsheets.
B) AOL.
C) technology.
D) network worms.
E) email.
A) spreadsheets.
B) AOL.
C) technology.
D) network worms.
E) email.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
26
Viruses and worms don't spread very quickly so it is not essential to move cautiously when one is discovered by someone in your organization.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
27
________ to (for) the physical computers that run the DBMS and all devices that store database data should be carefully controlled.
A) References
B) Access
C) Design plans
D) Connections
E) Documentation
A) References
B) Access
C) Design plans
D) Connections
E) Documentation
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
28
Bloggers have not yet had much of an impact on the mainstream media.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
29
Hardened websites use special versions of the operating systems and functions that are not required by the application.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
30
Help desks have not been the source of many security problems in the past.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
31
Since most organizations are protected by a(n) ________, it is not surprising that most viruses spread via email.
A) data dictionary
B) antivirus program
C) biometric authentication device
D) firewall
E) white-hat hacker
A) data dictionary
B) antivirus program
C) biometric authentication device
D) firewall
E) white-hat hacker
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
32
Following a disaster, hot sites provide office space, but customers themselves must come and provide and install the equipment needed to continue operations.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
33
It is possible for some malware to install itself on your computer by you doing nothing more than opening a(n)
A) webpage.
B) file.
C) email
D) computer.
E) account.
A) webpage.
B) file.
C) email
D) computer.
E) account.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
34
The best safeguard against a natural disaster is to have a safe location.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
35
If you ever receive notification that your password has been reset when you did not request a reset, immediately contact your IS department.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
36
Because encryption keys can be lost or destroyed, a copy of the key should be stored with a trusted third party called a(n)
A) key account.
B) white-hat hacker.
C) key escrow.
D) authentication certifier.
E) control account.
A) key account.
B) white-hat hacker.
C) key escrow.
D) authentication certifier.
E) control account.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
37
Organizations should protect sensitive data by storing it in ________ form.
A) compressed
B) secure
C) digital
D) encrypted
E) standardized
A) compressed
B) secure
C) digital
D) encrypted
E) standardized
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
38
Users should scan their computers with anti-malware programs at least
A) once a year.
B) biannually.
C) once a week.
D) daily.
E) once a month.
A) once a year.
B) biannually.
C) once a week.
D) daily.
E) once a month.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
39
________ safeguards involve the people and procedure components of information systems.
A) Human
B) Data
C) Technical
D) Malware
E) Firewall
A) Human
B) Data
C) Technical
D) Malware
E) Firewall
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
40
Backup and recovery, passwords, and encryption are human safeguards.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
41
The existence of ________ user accounts is a serious security threat.
A) unused
B) network
C) meta
D) employee
E) modified
A) unused
B) network
C) meta
D) employee
E) modified
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
42
In order to prioritize their activities and protect an organization from possible risk and loss, security personnel must document the position ________ of all employees.
A) riskiness
B) data access
C) controls
D) level
E) sensitivity
A) riskiness
B) data access
C) controls
D) level
E) sensitivity
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
43
Computing infrastructure should be located in ________ buildings designed to house expensive and critical equipment.
A) central
B) air-conditioned
C) high-tech
D) fire-resistant
E) easily accessible
A) central
B) air-conditioned
C) high-tech
D) fire-resistant
E) easily accessible
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
44
________ is a technique for intercepting computer communications.
A) Spoofing
B) Hacking
C) Pretexting
D) Phishing
E) Sniffing
A) Spoofing
B) Hacking
C) Pretexting
D) Phishing
E) Sniffing
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
45
Some of the biggest security threats are from ________ employees.
A) disinterested
B) disgruntled
C) self-motivated
D) happy
E) contrarian
A) disinterested
B) disgruntled
C) self-motivated
D) happy
E) contrarian
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
46
A(n) ________ is someone who pretends to be a legitimate company and sends email requesting confidential data.
A) hacker
B) phisher
C) spoofer
D) hawker
E) employee
A) hacker
B) phisher
C) spoofer
D) hawker
E) employee
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
47
The best way to safeguard a website from public users is to ________ the website against an attack.
A) secure
B) prepare
C) defend
D) harden
E) update
A) secure
B) prepare
C) defend
D) harden
E) update
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
48
A ________ is a remote processing centre run by a commercial disaster-recovery service that provides all the equipment needed to continue operations after a disaster.
A) web farm
B) development site
C) cold site
D) hot site
E) server farm
A) web farm
B) development site
C) cold site
D) hot site
E) server farm
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
49
In order to intercept communications on ________ networks, drive-by sniffers simply drive or walk around with computers with wireless connections.
A) commercial
B) LAN
C) wireless
D) ISP
E) WAN
A) commercial
B) LAN
C) wireless
D) ISP
E) WAN
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
50
When an employee notices a virus on his machine, the ________ plan should specify what to do.
A) antivirus
B) security
C) technology
D) company
E) incident response
A) antivirus
B) security
C) technology
D) company
E) incident response
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
51
Firewalls produce ________ of their activities, which include lists of all dropped packets, and attempts to gain unauthorized access.
A) programs
B) logs
C) graphics
D) calls
E) accounts
A) programs
B) logs
C) graphics
D) calls
E) accounts
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
52
________ considerations should be part of the hiring process.
A) Weight
B) Position
C) Gender
D) Age
E) Security
A) Weight
B) Position
C) Gender
D) Age
E) Security
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
53
________ is one of the fastest-growing crimes in Canada because it is relatively easy to do.
A) Phishing
B) Hacking
C) Spoofing
D) PIPEDA
E) Identity theft
A) Phishing
B) Hacking
C) Spoofing
D) PIPEDA
E) Identity theft
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
54
A(n) ________ card has a microchip on it that is loaded with identifying data.
A) smart
B) debit
C) credit
D) ATM
E) identity
A) smart
B) debit
C) credit
D) ATM
E) identity
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
55
When an employee is terminated, system administrators should receive advance notice so they can
A) plan for security changes.
B) get the employees computer.
C) remove accounts and passwords.
D) fight over the person's office.
E) plan a termination party.
A) plan for security changes.
B) get the employees computer.
C) remove accounts and passwords.
D) fight over the person's office.
E) plan a termination party.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
56
A hacker can launch a denial-of-service attack against a web server by ________ it with millions of bogus service requests.
A) programming
B) flooding
C) denying
D) hacking
E) probing
A) programming
B) flooding
C) denying
D) hacking
E) probing
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
57
Because they kept giving out passwords to users who claimed to have forgotten them, ________ were a serious security risk in the organization.
A) interns
B) help desks
C) data administrators
D) executives
E) developers
A) interns
B) help desks
C) data administrators
D) executives
E) developers
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
58
________ are the primary means of authentication.
A) Encrypted keys
B) Network administrators
C) Passwords
D) Single sign-on
E) Facial scans
A) Encrypted keys
B) Network administrators
C) Passwords
D) Single sign-on
E) Facial scans
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
59
A company should clearly define the security ________ for each position.
A) accounts
B) levels
C) responsibilities
D) backups
E) safeguards
A) accounts
B) levels
C) responsibilities
D) backups
E) safeguards
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
60
Passwords have weaknesses because users often choose simple passwords, which ________ systems can easily guess.
A) security
B) intrusion
C) antivirus
D) malware
E) biometric
A) security
B) intrusion
C) antivirus
D) malware
E) biometric
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
61
Security policy establishment is the responsibility of
A) middle managers.
B) the CEO.
C) corporate lawyers.
D) senior management.
E) the IT department.
A) middle managers.
B) the CEO.
C) corporate lawyers.
D) senior management.
E) the IT department.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
62
A security incident reporting plan should ________ all incident reports.
A) centralize
B) generalize
C) standardize
D) decentralize
E) prioritize
A) centralize
B) generalize
C) standardize
D) decentralize
E) prioritize
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
63
The website ________ lists simple things to do to lower your risk of identity theft.
A) www.wordpress.com
B) www.google.ca
C) www.safecanada.com
D) www.priv.gc.da
E) www.equifax.com
A) www.wordpress.com
B) www.google.ca
C) www.safecanada.com
D) www.priv.gc.da
E) www.equifax.com
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
64
When an incident is reported, ________ is (are) of the essence.
A) the response
B) preparation
C) speed
D) a systematic approach
E) actions
A) the response
B) preparation
C) speed
D) a systematic approach
E) actions
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
65
Hardening is actually a(n) ________ safeguard.
A) technical
B) security
C) data
D) human
E) accountability
A) technical
B) security
C) data
D) human
E) accountability
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
66
If you suspect an organization has inappropriately disclosed your personal information to a 3rd party, you can lodge a complaint with
A) Industry Canada.
B) RCMP.
C) the local police.
D) Revenue Canada.
E) Office of the Privacy Commissioner of Canada.
A) Industry Canada.
B) RCMP.
C) the local police.
D) Revenue Canada.
E) Office of the Privacy Commissioner of Canada.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
67
Users often resist biometric identification because they feel it is
A) expensive.
B) ineffective.
C) too technical.
D) invasive.
E) hard to use.
A) expensive.
B) ineffective.
C) too technical.
D) invasive.
E) hard to use.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
68
According to PIPEDA, every organization needs to identify anyone in the organization who is responsible for ________ personal information.
A) using
B) safeguarding
C) disclosing
D) collecting
E) maintaining
A) using
B) safeguarding
C) disclosing
D) collecting
E) maintaining
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
69
A company establishes data rights and responsibilities and educates employees on how to backup and recover the database, but the company still needs to address the ________ safeguards.
A) inadvertent
B) security
C) human
D) data
E) technical
A) inadvertent
B) security
C) human
D) data
E) technical
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
70
PIPEDA gives individuals the right to know why an organization is ________ their personal information.
A) collecting and disclosing
B) collecting and changing
C) collecting, using or disclosing
D) changing
E) using and disclosing
A) collecting and disclosing
B) collecting and changing
C) collecting, using or disclosing
D) changing
E) using and disclosing
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
71
Pretexting is the same as ________ in the world of malicious computer activities.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
72
User accounts should be given (the) ________ to perform their jobs.
A) least possible privileges needed
B) most possible privileges needed
C) administrator privileges
D) user privileges
E) company standard privileges
A) least possible privileges needed
B) most possible privileges needed
C) administrator privileges
D) user privileges
E) company standard privileges
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
73
The popularity and efficacy of search engines like Google have created a source of
A) entertainment.
B) inadvertent information disclosure.
C) phishing.
D) pretexting.
E) sniffing.
A) entertainment.
B) inadvertent information disclosure.
C) phishing.
D) pretexting.
E) sniffing.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
74
PIPEDA stands for
A) Personal Information Protection and Electronic Disclosure Act.
B) Personal Information Protection and Effective Disclosures Act.
C) Personal Information Protection and Electronic Disclosures Act.
D) Personal Information Protection and Electronic Documents Act.
E) Personal Information Protection and Electronic Disclosure Actions.
A) Personal Information Protection and Electronic Disclosure Act.
B) Personal Information Protection and Effective Disclosures Act.
C) Personal Information Protection and Electronic Disclosures Act.
D) Personal Information Protection and Electronic Documents Act.
E) Personal Information Protection and Electronic Disclosure Actions.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
75
Adware is ________ than spyware.
A) more serious
B) less annoying
C) more malicious
D) more benign
E) harder to get rid of
A) more serious
B) less annoying
C) more malicious
D) more benign
E) harder to get rid of
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
76
________ is an organization-wide function that is in charge of developing data policies and enforcing data standards.
A) Data contents protection
B) Data safeguarding
C) Data integrity
D) Data administration
E) Data rights administration
A) Data contents protection
B) Data safeguarding
C) Data integrity
D) Data administration
E) Data rights administration
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
77
Enforcement consists of ________ interdependent factors.
A) 4
B) 2
C) 5
D) 3
E) 6
A) 4
B) 2
C) 5
D) 3
E) 6
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
78
After installing anti-virus and antispyware, what is the best way to avoid malware?
A) Encrypt your work.
B) Give your friend your passwords.
C) Shut the computer down at the end of the day.
D) Open all email by double clicking.
E) Don't open email attachments from unknown sources.
A) Encrypt your work.
B) Give your friend your passwords.
C) Shut the computer down at the end of the day.
D) Open all email by double clicking.
E) Don't open email attachments from unknown sources.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
79
Email spoofing, where a hacker uses email to pretend to be someone else, is another name for ________.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
80
The sources of security problems are human error, malicious activity, and ________.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
