Fill This Form To Receive Instant Help

Help in Homework
trustpilot ratings
google ratings


Homework answers / question archive / California State University, Fresno - IS 6E Package Title: Test Bank Course Title: Introduction to IS 6e  Chapter Number: 4 Question Type: Multiple Choice 1)Which hacker group successfully attacked Sony Picture Entertainment on November 24, 2014? A

California State University, Fresno - IS 6E Package Title: Test Bank Course Title: Introduction to IS 6e  Chapter Number: 4 Question Type: Multiple Choice 1)Which hacker group successfully attacked Sony Picture Entertainment on November 24, 2014? A

Business

California State University, Fresno - IS 6E

Package Title: Test Bank

Course Title: Introduction to IS 6e

 Chapter Number: 4

Question Type: Multiple Choice

1)Which hacker group successfully attacked Sony Picture Entertainment on November 24, 2014?

A.         Anonymous

B.         Guardians of Peace

C.         Hackweiser

D.         Legion of Doom

 

 

2.         The main purpose for the attack on Sony Picture Entertainment on November 24, 2014 was to    .

A.         sell social security numbers

B.         steal credit card numbers

C.         stop the release of the move The Interview

D.         threaten the US government

 

 

3.                    was originally accused of the Sony Picture Entertainment hack on November 24, 2014; their involvement    been proved.

A.         China; has

B.         China; has not

C.         North Korea; has

D.         North Korea; has not

 

 

4.                    manages the internet connections for North Korea and could stop hacking attempts on the US.

A.         Australia

B.         China

C.         India

D.         Russia

 

 

5.         Which country is currently in a dispute with the US over bilateral hacking?

A.         Australia

B.         China

C.         India

D.         United Kingdom

 

 

6.         Which of the following is NOT a lesson learned from the Sony Picture Entertainment hack on November 24, 2014?

A.         China is the leading hacking group that encourages similar behavior from other countries.

B.         It appears that it is impossible to secure the Internet.

C.         It is difficult, if not impossible, for organization to provide perfect security for their data.

D.         There is a growing danger that countries are engaging in economic cyberwarfare among themselves.

 

 

7.                    is any danger to which a system may be exposed.

A.         Exposure

B.         Information security

C.         Threat

D.         Security

 

 

 

8.                    is the possibility that the system will be harmed by a threat.

A.         Exposure

B.         Threat

C.         Security

D.         Vulnerability

 

 

 

 

 

9.         Wireless is a(n) inherently      network.

A.         trusted

B.         neutral

C.         untrusted

D.         useful

 

 

 

 

 

10.       Which of the following is FALSE?

A.         It is easier to be a hacker nowadays.

B.         Mainframes make it easy to communicate freely and seamlessly with everyone.

C.         Management doesn’t always support security efforts.

D.         Thumb drives make it easy to steal huge amounts of sensitive information.

 

 

 

 

11.       Cybercriminals           

A.         are violent criminals.

B.         can be easily arrested, once they are found.

 

 

 

 

 

C.         don’t make that much money; they do it for fun.

D.         target known software security weaknesses.

 

 

 

 

 

12.       Which of the following is NOT one of the most dangerous employees to information security?

A.         Accountants

B.         HR employees

C.         Janitors

D.         MIS employees

 

 

 

 

 

13.       The airport’s self check-in computers are a(n)          threat.

A.         outside

B.         employee

C.         hardware

D.         software

 

 

 

 

 

14.       Weak passwords are a(n)       threat.

A.         outside

B.         employee

C.         hardware

D.         software

 

 

 

 

 

15.       Which of the following is NOT an unintentional threat to information systems?

A.         Careless monitoring of environmental hazards

B.         Choosing a weak password

C.         Having an unlocked desk or filing cabinet after going home

D.         Viruses

 

 

 

 

 

16.                  is an attack in which the perpetrator uses social skills to trick or manipulate legitimate employees into providing confidential company information such as passwords.

A.         Dumpster diving

B.         Shoulder surfing

C.         Social engineering

D.         Tailgating

 

 

 

 

 

17.       Social engineering is a(n)       threat on the part of the employee and a(n)

            threat on the part of the social engineer.

A.         deliberate; unintentional

B.         deliberate; deliberate

C.         unintentional; deliberate

D.         unintentional; unintentional

 

 

 

 

18.       OpenSSL is       software.

A.         Banking

B.         Encryption

C.         Hacking

D.         Free

 

 

 

 

 

19.       The Heartbleed bug is an encryption security flaw in the     software package that was an            mistake by the software developer.

A.         Microsoft; intended

B.         Microsoft; unintended

C.         OpenSSL; intended

D.         OpenSSL; unintended

 

 

 

 

20.       Google created a code fix for the Heartbleed bug. Which of the following is a TRUE statement?

A.         Home internet routers should be largely safe from this bug since they don’t exchange enough sensitive data to be a target.

B.         Industrial control systems are highly vulnerable since they are updated infrequently.

C.         Organizations simply have to install the fix.

D.         Organizations need to install the fix and just create new private key-public key pairs.

 

 

 

 

 

21.                  is threatening to steal or actually stealing information from a company and then demanding payment to not use or release that information.

A.         Competitive intelligence

B.         Espionage

C.         Information extortion

D.         Intellectual property

 

 

 

 

 

22.       Phishing is an example of       .

A.         Copyright infringement

B.         Espionage

C.         Sabotage

D.         Software attack

 

 

 

23.       You start browsing your favorite home improvement company’s website and notice someone has changed all the logos to their main competitor’s logos. This is an example of        .

A.         Espionage

B.         Identity theft

C.         Information extortion

D.         Sabotage

 

 

 

24.                  is an identity theft technique.

A.         Dumpster diving

B.         Espionage

C.         Sabotage

D.         Vandalism

 

 

 

 

25.       Coca-Cola’s formula is an example of a        .

A.         Copyright

B.         Patent

C.         Trade secret

D.         All of the above

 

 

 

 

 

26.       A          is a remote attack requiring user action.

A.         back door

B.         denial-of-service attack

C.         logic bomb

D.         phishing attack

 

 

 

 

27.       A          is a remote attack needing no user action.

A.         back door

B.         denial-of-service attack

C.         logic bomb

D.         phishing attack

 

 

 

 

28.       A          is an attack by a programmer developing a system.

A.         back door

B.         denial-of-service attack

C.         phishing attack

D.         virus

 

 

 

 

29.       A          is an attack by a programmer developing a system.

A.         denial-of-service attack

B.         logic bomb

C.         phishing attack

D.         worm

 

 

 

 

 

30.       Which of the following is NOT an example of alien software?

A.         Adware

B.         Blockware

C.         Spamware

D.         Spyware

 

 

 

 

31.       The goal of CAPTCHA is to      .

A.         ensure you aren’t alien software

B.         hack into secure networks

C.         protect networks against hackers

D.         remove alien software from your computer

 

 

 

32.       SCADA attacks typically occur on       .

A.         Hacker networks

B.         Industrial control systems

C.         Personal computers

D.         Government networks

 

 

 

 

33.       Shodan’s primary purpose is  .

A.         a hacker website

B.         a service that searches the internet for devices connected to the internet

 

 

 

 

 

C.         a website that shows which devices are vulnerable to hackers

D.         to help users search for other people who use similar devices

 

 

 

 

 

34.       Shodan is used for       .

A.         creating a backdoor

B.         SCADA attacks

C.         spreading viruses

D.         phishing

 

 

 

 

35.       The Shodan case illustrates    .

A.         how vulnerable all devices are, even if they aren’t connected to the internet

B.         strong passwords aren’t necessary on home devices since most hackers don’t care about such a small target

C.         that hackers and security researchers use the same sites to identify vulnerabilities

D.         the government is doing nothing to protect our privacy

 

 

 

36.                  is a process whereby the organization takes concrete actions against risks, such as implementing controls and developing a disaster recovery plan.

A.         Risk

B.         Risk analysis

C.         Risk management

D.         Risk mitigation

 

 

 

 

 

37.       You have a small business that has had problems with malware on your employees’ computers. You decide to hire a third-party company such as GFI Software to implement security controls and then monitor your company’s systems. You are adopting a risk

            strategy.

A.         acceptance

B.         analysis

C.         limitation

D.         transference

 

 

 

38.       Risk      means absorbing any damages that occur.

A.         acceptance

B.         analysis

C.         limitation

D.         transference

 

 

 

 

39.       If you hire a cybersecurity company like FireEye to identify security weaknesses in your information systems, you are using a risk  strategy.

A.         acceptance

B.         analysis

C.         limitation

D.         transference

 

 

 

 

40.       You decide to use the password “1234” on your computer because you figure nobody cares enough about your information to steal it. This is a risk        strategy.

A.         acceptance

B.         analysis

C.         limitation

 

D.         transference

 

 

 

 

 

41.       According to the “Catching a Hacker” case,  is one of the most sophisticated and destructive malicious software programs ever developed.

A.         the Heartbleed bug

B.         FireEye

C.         Shodan

D.         SpyEye

 

 

 

 

42.       The purpose of SpyEye is to    .

A.         catch hackers in the act of hacking

B.         collect personal and financial information

C.         facilitate SCADA attacks by seeing which systems are vulnerable

D.         watch what you do on your computer

 

 

 

 

43.       A firewall is a  control.

A.         access

B.         communication

C.         physical

D.         virtual

 

 

 

 

44.       Biometrics is something the user       .

A.         Does

B.         Has

C.         Is

D.         Knows

 

 

 

 

45.       A smart ID card is something the user           .

A.         Does

B.         Has

C.         Is

D.         Knows

 

 

 

 

46.                  is one common example of SSL.

A.         http

B.         https

C.         www

D.         wwws

 

 

 

 

47.       If you have an empty building you can move into if your primary location is destroyed, you’ve implemented a           site.

A.         Cold

B.         Hot

C.         Neutral

D.         Warm

 

 

 

 

 

48.       Auditing           the computer means inputs, outputs, and processing are checked.

A.         Around

B.         Into

C.         Through

D.         With

           

 

 

 

49.                  percent of organizational breaches exploit weak or stolen user credentials.

A.         26

B.         51

C.         76

D.         99

 

 

 

 

50.       Security must be balanced with         for people to use systems.

A.         Convenience

B.         Cost

C.         Time

D.         Trust

 

 

 

 

51.       The main problem with multifactor authentication is           .

A.         it’s a single point of failure

B.         it’s too hard to do

C.         it will invade our privacy

D.         there are no problems with multifactor authentication

 

 

 

 

 

52.                  is a computer security firm that sells malware detection tools to companies like Target.

A.         Heartbleed

B.         FireEye

C.         Shodan

D.         SpyEye

 

 

 

53.       The Target data breach started with a          .

A.         back door

B.         denial-of-service attack

C.         logic bomb

D.         phishing attack

 

 

 

54.       By hiring FireEye to improve their security, Target adopted a risk   strategy; this strategy was      .

A.         limitation; a failure

B.         limitation; successful

C.         transference; a failure

D.         transference; successful

 

 

 

Question Type: True/False

 

1.         Wireless is an untrusted network.

 

 

 

 

 

 

2.         Janitors are no threat to information security since they have no access to company systems.

 

 

 

 

 

 

3.         A patent lasts for the life of the creator plus 70 years.

 

 

 

 

 

4.         A copyright lasts 20 years.

 

 

 

 

 

5.         Competitive intelligence is industrial espionage.

 

 

 

 

 

 

6.         The goal of risk management is to reduce risk to acceptable levels.

 

 

 

 

 

7.         Tracking down cybercriminals is the most difficult and only real challenge authorities face.

 

 

 

 

 

8.         Biometrics is an authentication tool.

 

 

 

 

 

9.         Blacklisting is when everything can run except what is on the list.

 

 

 

 

 

10.       Whitelisting is when nothing can run unless it is on the list.

 

 

 

 

 

 

Question Type: Fill-in-the-Blank

 

1.                    is the loss of business from increased customer turnover.

 

 

 

2.                    refers to all the processes and policies designed to protect an organization’s information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

 

 

 

 

 

3.                    is an attack in which the perpetrator uses social skills to trick or manipulate legitimate employees into providing confidential company information such as passwords.

 

 

 

 

 

4.                    is software that causes pop-up advertisements to appear on your screen.

 

 

 

 

5.                    is the probability that a threat will impact an information resource.

 

 

 

 

6.                    controls restrict unauthorized individuals from using information resources.

 

 

 

 

Question Type: Essay

 

1.         What are the five factors that contribute to the increasing vulnerability of organizational information resources? Using the Target case as an example, how did each of these five factors contribute to that situation?

 

 

 

 

2.         Why are IT people, consultants, janitors, and guards such dangerous employees? How can you protect a company’s assets against these people?

 

 

 

3.         Identity theft is a deliberate threat to information systems and is one of the largest concerns of consumers and businesses today. What are the four techniques the book mentions for illegally obtaining information? How can you protect yourself or your future business from these threats?

 

 

 

4.         Why is it so difficult to stop cybercriminals?

 

 

5.         What are the six basic guidelines for creating strong passwords? Without divulging your passwords, how do your passwords “add up” and why? HINT: You should specifically address each of the six guidelines for your passwords.

 

 

 

 

Option 1

Low Cost Option
Download this past answer in few clicks

12.83 USD

PURCHASE SOLUTION

Already member?


Option 2

Custom new solution created by our subject matter experts

GET A QUOTE