cgs chapter 12
TRANSCRIPT
-
7/23/2019 CGS Chapter 12
1/3
1. If a backup is made, the database is secure. False2. Which of the following observations concerning Secure Socket Laer !SSL" is
true# It is a useful hbrid of smmetric and asmmetric encrptiontechni$ues.
%. &surpation occurs when computer criminals invade a computer sstem and
replace legitimate programs with their own unauthori'ed ones. (rue). ******** occurs when computer criminals invade a computer sstem andreplace legitimate programs with their own unauthori'ed ones that shut downlegitimate applications and substitute their own processing to sp, steal andmanipulate data, or other purposes. &surpation
+. Which of the following is covered b the ramm-Leach-lile /ct of1000# consumer financial data stored b financial institutions
. &sers of smart cards are re$uired to enter a ******** to be authenticated.personal identification number
. ******** occurs when a person breaks into a network to steal data such ascustomer lists, product inventor data, emploee data, and other proprietar and
confidential data. 3acking4. 5mail spoofing is a snonm for ********. 6hishing0. Which of the following is an e7ample of an intangible conse$uence# a loss
of customer goodwill due to an outage18. 9rive-b sniffers monitor and intercept wireless traffic at will. (rue11. 5mail spoofing is a snonm for phishing. (rue12. / magnetic strip holds far more data than a microchip. False1%. (he e7istence of accounts that are no longer in use are not a securit threat to an
organi'ation. False1). / ******** pretends to be a legitimate compan and sends an email re$uesting
confidential data, such as account numbers, Social Securit numbers, account
passwords, and so forth. 6hisher1+. In disaster-preparedness terminolog, a ******** is a utilit compan that cantake over another compan:s processing with no forewarning. 3ot site
1. ;atural disasters present the largest risk for infrastructure loss. (rue1. Intangible conse$uences are those whose financial impact can be
measured. False14. 6robable loss is the probabilit that a given asset will be compromised b a given
threat, despite the safeguards. False10. Windows, Linu7, &ni7, and other operating sstems emplo
-
7/23/2019 CGS Chapter 12
2/3
2). ******** are small files that our browser stores on our computer when ouvisit Web sites and enable ou to access Web sites without having to sign inever time. >ookies
2+. (he total cost of a cold site, including all customer labor and other e7penses, isalwas less than the cost of a hot site. False
2. Which of the following sstems procedures is specificall the responsibilit ofoperations personnel# backing up sstem databases2. Wireless networks are more secure than wired networks. False24. ******** is a techni$ue for intercepting computer communications, either
through a phsical connection to a network or, in the case of wireless networks,with no phsical connection. Sniffing
20. Which element of a securit polic specifies how an organi'ation will ensure theenforcement of securit programs and policies# the general statementof the securit polic
%8. (o obtain a measure of probable loss, companies ********. multipllikelihood b the cost of the conse$uences
%1. ********, tin files that gather demographic information, use a single code toidentif users b age, gender, location, likel income, and online activit.eacons
%2. ******** is the term used to denote viruses, worms, (ro=an horses, spware,and adware. ?alware
%%. Sniffing occurs when an intruder uses another site:s I6 address as if it were thatother site. False
%). ******** a site means to take e7traordinar measures to reduce a sstem:svulnerabilit, using special versions of the operating sstem, and eliminatingoperating sstems features and functions that are not re$uired b theapplication. 3ardening
%+. / retina scan is a biometric authentication techni$ue. (rue%. 9rive-b sniffers monitor and intercept wireless traffic at will. (rue%. /ccording to the elements of compan securit outlined in the ;IS( 3andbook,
computer securit is not constrained b societal factors. False%4. Which of the following is used for biometric authentication# Facial
features%0. 6hishing is a techni$ue for intercepting computer communications. False)8. Fault service includes incorrectl billing customers or sending the wrong
information to emploees, but not incorrect data modification. False)1. /n e7ample of a computer crime includes an emploee who inadvertentl installs
an old database on top of the current one. False)2. 6rete7ting occurs when a person receives a confidential te7t message b
mistake and pretends to be the intended recipient. False)%. @ou are transferring funds online through the Web site of a reputed bank. Which
of the following displaed in our browser:s address bar will let ou know that thebank is using the SSL protocol# 3ttps
)). Securit, like 6?, is a process that re$uires process management. (rue)+. ******** refers to things we do not know, while ******** is the likelihood of an
adverse occurrence. &ncertaintA risk
-
7/23/2019 CGS Chapter 12
3/3
). Which of the following usuall happens in a malicious denial-of-serviceattack# / hacker floods a Web server with millions of bogus servicere$uests.
). ?an companies create ********, which are false targets for computercriminals to attack. (o an intruder, it would look like a particularl valuable
resource, such as an unprotected Web site, but in actualit the onl site contentis a program that determines the attacker:s I6 address. 3onepots)4. /!n" ******** is a tpe of virus that propagates using the Internet or other
computer networks. Worm)0. (echnical safeguards involve the hardware and software components of an
information sstem. (rue+8. ?aintaining the computers that run a 9?S in a locked room is a part of
********. phsical securit procedures+1. ecause encrption kes can be lost or destroed, a cop of the ke should be
stored with a trusted third part. (his procedure is called ********.ke escrow
+2. (o gain access to a wired network, a potential intruder must obtain phsicalaccess to the network. (rue+%. 5ncrption is an e7ample of a technical safeguard. (rue+). Which factor of risk assessment refers to the probabilit that a given asset will be
compromised b a given threat, despite the safeguards# Likelihood