ECE 660Chapter 5: CyberSecurity, Compliance, and Business Continuity Test Bank (SOLVED)

Document Content and Description Below

Chapter 5: CyberSecurity, Compliance, and Business Continuity Test Bank Multiple Choice 1. Which of the following most accurately describes the steps that organizations should take to secure c ... onfidential data? a. There are no laws that specifically address unauthorized access of confidential data. b. Current laws prohibit unauthorized access of confidential data, but few laws require organizations to take steps to protect data. c. Only a few specific industries (e.g. banking, health care) are affected by laws requiring organizations to take steps to protect data. d. International, federal, and state laws and industry regulations mandate that organizations invest in cybersecurity defenses, audits, and internal controls to secure confidential data. Answer: D Difficulty: Easy Section Ref: Opening Case: Managing BYOD Security Risks AACSB: Dynamics of the global economy 2. People wanting to use their mobile devices at work is part of a trend called _____________. a. Personal devices at work (PDAW) b. Bring your own device (BYOD) c. Consumer /Enterprise Equipment (CEE) d. Non-Approved Devices (NAD) Answer: B Difficulty: Easy Section Ref: Opening Case: Managing BYOD Security Risks AACSB: Use of Information Technology 3. Which of the following represents the chief concern about employees using their own smartphones for work purposes? a. Employees will spend too much time playing games or using entertainment and recreation apps, thus reducing productivity. b. Managers will be unable to monitor phone calls or police the volume of personal calls made during work hours. c. Many personal smartphones do not have anti-malware or data encryption apps, creating a security problem with respect to any confidential business data stored on the device. d. Consumer quality equipment is more likely to break or malfunction than enterprise quality devices. Answer: C Difficulty: Easy Section Ref: Opening Case: Managing BYOD Security Risks AACSB: Use of Information Technology 4. Which of the following factors was not listed in your text as a challenge related to managing employee owned mobile devices used for work related purposes? a. Increase costs of managing new and existing mobile devices b. Security threats – employee owned devices may not be properly protected with strong passwords or encryption software. c. Compliance – employee owned devices may not meet regulatory standards for how data must be collected, stored, or made available in the event of audit or legal action. d. Impact on productivity – managers must trade-off gains related to employees having 24/7 access to work related data against losses related to employees using non-work related apps (e.g. personal social media, texting, personal phone calls) while on the job. Answer: D Difficulty: Medium Section Ref: Opening Case: Managing BYOD Security Risks AACSB: Use of Information Technology 5. Which of the following is not a true statement regarding the use of employee owned mobile devices in the workplace? a. With the number of mobile apps hitting 1.3 million–compared to only 75,000 apps for PCs–-managing employee-owned devices is more complex and expensive. b. Companies are increasingly prohibiting employees from using their personal mobile devices for work related purposes because of security and compliance challenges. c. Companies need to insure and be able to prove that enterprise data stored on personal devices are in compliance, e.g., encrypted, password protected, unaltered, etc. d. Controls placed on employee-owned devices can infringe on personal privacy; organizations could learn what sites were visited or movies were watched, what was done on sick days, and all social media activities during work hours and off- hours. Answer: B Difficulty: Hard Section Ref: Opening Case: Managing BYOD Security Risks AACSB: Use of Information Technology 6. ______________________ is/are defined as “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.” a. The National Security architecture b. Strategically connected networks c. Critical infrastructure d. Secure network architecture Answer: C Difficulty: Medium Section Ref: 5.1 Up Close Look at Cybercrimes, Criminals, and Motivations AACSB: Use of Information Technology 7. ________________ tactics are used by hackers and corporate spies to trick people into revealing login information or access codes. a. Social engineering b. URL fabricating c. Security crashing d. Password crashing Answer: A Difficulty: Medium Section Ref: 5.1 Up Close Look at Cybercrimes, Criminals, and Motivations AACSB: Use of Information Technology 8. A stealth network attack in which an unauthorized person gains access to a network and remains undetected for a long time is referred to as a(n) ___________________________. a. Background Intruder attack b. Advanced Persistent Threat (APT) attack c. Silent Sabotage attack d. Unauthorized Security Breach (USB) attack Answer: B Difficulty: Medium Section Ref: 5.1 Up Close Look at Cybercrimes, Criminals, and Motivations AACSB: Use of Information Technology 9. One way that hackers and corporate spies trick people into revealing login information or access codes is __________________; using a story that convinces someone that it is okay to reveal secret information. a. Pretexting b. Identity Fraud c. Baiting d. Thrashing Answer: A Difficulty: Medium Section Ref: 5.1 Up Close Look at Cybercrimes, Criminals, and Motivations AACSB: Use of Information Technology 10. One way that hackers and corporate spies trick people into revealing login information or access codes is __________________; use of an incentive to get a user to perform an insecure action. A common application of this practice involves offering a free app or video for clicking a link in a text message and voting for best video game. Clicking the link downloads malware. a. Pretexting b. Identity Fraud c. Baiting d. Thrashing Answer: C Difficulty: Medium Section Ref: 5.1 Up Close Look at Cybercrimes, Criminals, and Motivations AACSB: Use of Information Technology 11. For many organizations, ____________ technologies have worsened their exposure to security risks because they cannot enforce or verify their ____________ providers’ cybersecurity policies. a. Database b. Cloud c. Anti-virus d. Local Area Network (LAN) Answer: B Difficulty: Medium Section Ref: 5.1 Up Close Look at Cybercrimes, Criminals, and Motivations AACSB: Use of Information Technology 12. Which of the following was not cited in your text as a reason why cyberattacks are getting worse? a. Because networks are used by hacktivists looking for media attention b. Because of hackers stealing credentials such as banking PINS and passwords c. Because of industrial spies looking for trade secrets d. Because of decreased awareness about the problem on the part of top management and IT professionals in organizations. Answer: D Difficulty: Easy Section Ref: 5.1 Up Close Look at Cybercrimes, Criminals, and Motivations AACSB: Use of Information Technology 13. One source of cybersecurity threats today are ____________, hacker-activists (or hacking for a cause) who breach networks in an attempt to gain media attention. a. Hacktivists b. Political criminals c. Industrial spies d. Attention seekers Answer: A Difficulty: Easy Section Ref: 5.1 Up Close Look at Cybercrimes, Criminals, and Motivations AACSB: Use of Information Technology 14. A(n) _______________________ is a special kind of hacker who attempts to breach secure networks looking for trade secrets or proprietary information. a. Hacktivist b. Political criminal c. Industrial spy d. Attention seeker Answer: C Difficulty: Easy Section Ref: 5.1 Up Close Look at Cybercrimes, Criminals, and Motivations AACSB: Use of Information Technology 15. The Data Breach Investigations Report revealed that 97 percent of data breaches evaluated in the study _____________________________________. a. Resulted from sophisticated software attacks that effectively defeated the IT security defenses in place at the time of the attack. b. Were avoidable and did not require hackers to possess special skills, resources, or customization. c. Resulted from hackers using high tech hardware to breach the IT security defenses in place at the time of the attack. d. Resulted from a combination of sophisticated hacking software and hardware tools designed to defeat IT security defenses. Answer: B Difficulty: Easy Section Ref: 5.1 Up Close Look at Cybercrimes, Criminals, and Motivations AACSB: Use of Information Technology [Show More]

Last updated: 2 years ago

Preview 1 out of 84 pages