Chapter 8

Question 1

1) Smartphones have the same security flaws as other Internet-connected devices.

Answer 1

True

Question 2

2) In 2013, the security firm McAfee identified approximately 35,000 kinds of mobile malware.

Answer 2

True

Question 3

3) Viruses can be spread through e-mail.

Answer 3

True

Question 4

4) The term cracker is used to identify a hacker whose specialty is breaking open security systems.

Answer 4

False

Question 5

5) To secure mobile devices, a company will need to implement special mobile device management software.

Answer 5

True

Question 6

6) Wireless networks are vulnerable to penetration because radio frequency bands are easy to scan.

Answer 6

True

Question 7

7) Computer worms spread much more rapidly than computer viruses.

Answer 7

True

Question 8

8) One form of spoofing involves forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender.

Answer 8

True

Question 9

9) Sniffers enable hackers to steal proprietary information from anywhere on a network, including e-mail messages, company files, and confidential reports.

Answer 9

True

Question 10

10) DoS attacks are used to destroy information and access restricted areas of a company’s information system.

Answer 10

False

Question 11

11) The distributed nature of cloud computing makes it somewhat easier to track unauthorized access.

Answer 11

False

Question 12

12) Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.

Answer 12

True

Question 13

13) An acceptable use policy defines the acceptable level of access to information assets for different users.

Answer 13

False

Question 14

14) Biometric authentication is the use of physical characteristics such as retinal images to provide identification.

Answer 14

True

Question 15

15) Packet filtering catches most types of network attacks.

Answer 15

False

Question 16

16) NAT conceals the IP addresses of the organization’s internal host computers to deter sniffer programs.

Answer 16

True

Question 17

17) SSL is a protocol used to establish a secure connection between two computers.

Answer 17

True

Question 18

18) Public key encryption uses two keys.

Answer 18

True

Question 19

19) Over 70 percent of malware today is aimed at small businesses.

Answer 19

False

Question 20

20) Smartphones typically feature state-of-the-art encryption and security features, making them highly secure tools for businesses.

Answer 20

False

Question 21

21) \_\_\_\_\_\_\_\_ refers to policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems.
A) "Security"
B) "Controls"
C) "Benchmarking"
D) "Algorithms"

Answer 21

A) “Security”

Question 22

22) \_\_\_\_\_\_\_\_ refers to all of the methods, policies, and organizational procedures that ensure the safety of the organization's assets, the accuracy and reliability of its accounting records, and operational adherence to management standards.
A) "Legacy systems"
B) "SSID standards"
C) "Vulnerabilities"
D) "Controls"

Answer 22

D) “Controls”

Question 23

23) Large amounts of data stored in electronic form are ________ than the same data in manual form.
A) less vulnerable to damage
B) more secure
C) vulnerable to many more kinds of threats
D) more critical to most businesses

Answer 23

C) vulnerable to many more kinds of threats

Question 24

24) Electronic data are more susceptible to destruction, fraud, error, and misuse because information systems concentrate data in computer files that:
A) are easily decrypted.
B) can be opened with easily available software.
C) may be accessible by anyone who has access to the same network.
D) are unprotected by up-to-date security systems.

Answer 24

C) may be accessible by anyone who has access to the same network.

Question 25

25) Specific security challenges that threaten the communications lines in a client/server environment include:
A) tapping; sniffing; message alteration; radiation.
B) hacking; vandalism; denial of service attacks.
C) theft, copying, alteration of data; hardware or software failure.
D) unauthorized access; errors; spyware.

Answer 25

A) tapping; sniffing; message alteration; radiation.

Question 26

26) Specific security challenges that threaten clients in a client/server environment include:
A) tapping; sniffing; message alteration; radiation.
B) hacking; vandalism; denial of service attacks.
C) theft, copying, alteration of data; hardware or software failure.
D) unauthorized access; errors; spyware.

Answer 26

D) unauthorized access; errors; spyware.

Question 27

27) Specific security challenges that threaten corporate servers in a client/server environment include:
A) tapping; sniffing; message alteration; radiation.
B) hacking; vandalism; denial of service attacks.
C) theft, copying, alteration of data; hardware or software failure.
D) unauthorized access; errors; spyware.

Answer 27

B) hacking; vandalism; denial of service attacks.

Question 28

28) The Internet poses specific security problems because:
A) it was designed to be easily accessible.
B) Internet data is not run over secure lines.
C) Internet standards are universal.
D) it changes so rapidly.

Answer 28

A) it was designed to be easily accessible.

Question 29

29) Which of the following statements about the Internet security is not true?
A) The use of P2P networks can expose a corporate computer to outsiders.
B) A corporate network without access to the Internet is more secure than one that provides access.
C) VoIP is more secure than the switched voice network.
D) Instant messaging can provide hackers access to an otherwise secure network.

Answer 29

C) VoIP is more secure than the switched voice network.

Question 30

30) An independent computer program that copies itself from one computer to another over a network is called a:
A) worm.
B) Trojan horse.
C) bug.
D) pest.

Answer 30

A) worm.