Help
Options
Question
What is defined as the set of protections put in place to safeguard information systems and data from security threats such a unauthorized access, use, disclosure, disruption, modification or destruction?
click to flip
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't know
Question
Information security is not just about technology, but also about managements and
Remaining cards (104)
Know
retry
shuffle
restart
0:01
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
bis 3
| Question | Answer |
|---|---|
| What is defined as the set of protections put in place to safeguard information systems and data from security threats such a unauthorized access, use, disclosure, disruption, modification or destruction? | information security |
| Information security is not just about technology, but also about managements and | people |
| In order for you to enter the server room at your office you must have a key to the room, and then you must have a proper user name and password to access the server. All of the student files on the server are encrypted. What is this called? | Defense in depth |
| Your IT department is adding a firewall to the network. What type of protection is the department adding? | network access |
| What kind of threat renders a system inoperative or limits its capability to operate? | denial of service |
| A system that has been accessed illegally is a victim of ____ | unauthorized access |
| If a virus is embedded in a legitimate file, they are often called a | Trojan horse |
| What is the term for when a hacker uses an innocent third party to multiply the messages being sent to the intended target, such as a university server? | smurfing |
| Who usually perpetrates unauthorized access? | organization insiders |
| U recently noticed that ur personal information has been altered on ur university web account. U know that u did not make any changes and the registrar's office has no record of their office making changes. What type of unauthorized access are u a victim | active |
| What type of unauthorized access consists of simply accessing records or listening to transmissions on a network | passive |
| What term is sued to refer to someone (or something) pretending to be someone else (or another computer)? | spoofing |
| You have received an email for your university IT department stressing that the IT department will never ask you for your username and password to your email account. What type of scheme is the university most likely to protect you from? | Phishing |
| What is a common tactic hackers use to allow themselves re-access to a system? | backdoor |
| When considering security threats it is very important to consider _____ and ____ of the threat on the organization | prevalence, impact |
| ____ involves making sure that information or data can only be accessed by individuals with authorized access | confidentiality |
| Using a unique username and a complicated password is one possible method to verify that a user is who they say they are. What type of goal is this? | Authenticity |
| Military and Department of Defense employees are required to use a Common Access Card to gain access to military and DoD computers. What lever of user access has the DoD implemented? | Possession |
| Biometrics are primary used for one of two things. What are they? | authentication, identification |
| What is the term for a computer or a router that controls access in an out of the organization's networks, applications, and computers? | firewall |
| What are the two types of cryptography systems used in encryption today? | asymmetric, symmetric |
| Encryption is not only used to protect and data transmission, but it can also be used to | protect data on servers |
| When you shop online, what is an indication that the transaction is secure? | |
| Most antivirus programs are ______, which means that they detect viruses after an infection | reactive |
| What is a more recent and more powerful encryption algorithm widely available in most routers? | WPA (8-36) |
| What is the process of identifying, assessing and prioritizing the security risks an organization may face? | risk management |
| Recognizable bit pattens of a virus are known as what? | virus signature |
| What types of viruses propagate through the Internet with no user intervention? | worms |
| _____ refers to hackers that try to find information that, if revealed, will advance human causes | hactivism |
| What is software that monitors transmissions, capturing unauthorized data of interest called? | sniffer |
| What is software that allows hackers to have unfettered access to everything on the system, including adding, deleting, and copying files called? | rootkits |
| _____ involves making sure that data are consistent and complete | integrity |
| A Web merchant wants to ensure that people cannot deny that they entered into a transaction, so they starting using digital signatures and encryption as part of their transaction processing. This is an example of what? | non-repuidation |
| What is the main solution used to prevent unauthorized access to systems, data, and applications? | user profiles |
| Which of the following refers to security solutions that protect access to systems, applications, or data by ensuring users or systems are authenticated and allowed to have such access? | logical access controls |
| Privacy of information is the _____ of the ____ collected by organizations about the individuals using their services | confidentiality, information |
| Everyone has to be concerned not only about their own information privacy, but also about the information privacy of which of the following? | all of the above |
| What are cookies? | small text files that store information |
| Small text files that store information that are deposited on your computer after you visit some websites are called what? | cookies |
| What type of hidden collection approach tracks online browsing behavior? | clickstream data |
| What does secondary use of information refer to? | the use of data for purposes other than those for which they were originally collected |
| ____ refers to having some level of control over potential secondary uses of one's personal information | information privacy |
| ____ refers to data being used for other functions beyond those purposes for which they were collected | function creep |
| You are asked to provide your location and email address when downloading iTunes from the Apple site. You are also prompted to check a box if you would like any Apple News updates. This checkbox allows you to do what? | Opt-in |
| A study published in 2009 shows that _____ methods for stealing personal information are more popular than _______ methods. | low-tech, technology driven |
| What is identity theft? | one uses another person's personal information for fraudulent activities |
| The best way for someone to protect themselves from identity theft is to follow basic security guidelines and ____ | common sense |
| Privacy tools are described in Chapter 9, but many are _____ to information privacy | approaches |
| A privacy policy on a website is more about the _____ than the technology | content |
| Wha tools and techniques, rather than technologies, are available to protect you online? | Privacy policy and seals |
| What type of information can be stored in cookies? | all of the above |
| What is a statement that describes what the organization's practice are with respect to the privacy of customers? | privacy policy |
| What does an industry generally create in an attempt to avoid government regulations? | self-regulation |
| Privacy policies and privacy seals are considered _____ mechanisms for information privacy | self-regulation |
| What government privacy act protects your medical records from others? | HIPPA |
| A faculty member receives a phone call from the parent of a student. The parent inquires about the grade of the student on the last exam. If the instructor discloses any information, that instructor would violate what privacy act? | FERPA |
| With regards to PAPA, what reflects the confidentiality of the data collected? | privacy |
| An online email account that you have prompts you to verify that your personal information is correct. This organization is practicing with aspect of PAPA? | accuracy |
| Often times when signing up fora new account, there is a statement that includes who has access to the information you are sharing. What aspect of PAPA is being implemented? | accessibility |
| Often times there are questions about using online services when conducting research or proprietary business.Those involved are often concerned about who owns the actual data that resides in the cloud. What aspect of PAPA is concerning? | Property |
| What government privacy act prevents websites from collecting personally identifiable information from children without patronal consent? | COPPA |
| What government privacy act regulates the use of private information by financial institutions? | GLBA |
| Which of the following is not part of the Fair Information Practices principles? | Use/Repudiation |
| Which of the following is not a cost of privacy breaches upon an organization? | loss of goodwill |
| Who is responsible for ensuring that privacy policies are respected? | the FTC |
| When installing the latest version of Internet Explorer a dialogue box pops up with a box checked telling u that Bing will be ur automatic search provider. U have the opportunity to change this selection before continuing. Checkbox allows u to do what? | Opt-out |
| With regards to PAPA, what reflects that the data about you is what it is supposed to be? | accuracy |
| With regards to PAPA, what reflects the ownership of the data about you? | property |
| With regards to PAPA, what reflects the access to the information systems and the data they hold about you? | accessibility |
| Websites often request information about you. You have a choice as to whether or not you provide this to them. What aspect of PAPA is being implemented? | privacy |
| What does the term e0business refer to? | various electronic means of conducting business |
| What is the term for an e-business that interacts with other businesses? | B2B |
| What is the term for when e-business interactions take place between a consumer and a business? | B2C |
| When you purchase textbooks from Amazon.com, what type of e-business are you conducting? | B2C |
| What type of e-business are you using when you decide to sell your old baseball cards on eBay.com? | C2C |
| When you submit your income taxes online, what type of e-busienss are you conducting? | G2C |
| Organizations that have both physical locations and operate an online business are called: | bricks and clicks |
| Pure play companies do not have | physical stores |
| What does "pure play" refer to? | organizations with only an online presence |
| An _____ model describes how the organization functions and creates value | business |
| An important B2C enable that allows for users that use a wide variety of platforms to access businesses that use different platforms is | interoperability |
| What is concept of critical mass? | sufficient buyers to sustain business |
| ___ has an impact on the downstream portion of the supply chain? | E-channel compression |
| ____ is the addition of intermediaries in an industry or e-business? | E-channel expansion |
| There are non-technical features that attract consumers to websites. Which of the following is not an example? | unprofessional |
| What is the rate at which consumers browsing the website end up buying merchandise? | conversion rate |
| What is the electronic exchange of information between two or more organizations using standard format? | EDI |
| EDI refers to the ___ sharing of information between two businesses in a standard format | electronic |
| In terms of e-business, what is another term for marketplace? | exchange |
| Methods to improve a site's ranking in search engine results are referred to as | search engine optimization |
| What concepts is being used when organizations pay the search engine owners only when someone clicks their link on the search results page? | pay per click |
| When you make a perching using an app on your phone or tablet, what kind of e-bsuiness trend are you participating in? | M-business |
| In the term m-business, the m refers to: | mobile |
| The internet has been the contributor to a global platform where organizations across the world can compete for customers and gain access to new | markets |
| E-government options currently include paying taxes, but what is the future of e-government? | voting |
| An electronic means to conduct financial transactions is referred to as | electronic funds transfer |
| E-commerce represents less than what percentage of overall retail sales in the United States? | 5% |
| Amazon.com is an example of what type of B2C e-business model? | online retailing |
| kayak.com is an example of what type of B2C e-business model | infomediary |
| What type of of B2C e-business model offers a location for buyers and sellers to transact online with revenues coming from fees or sellers or buyers, or commission on sales? | exchanges |
| What type of electronic business represents traditional organizations with a physical location and no online business? | bricks and mortar |
| Which of the following is not a B2C e-business enabler? | a competitive marketplace |
| Which of the following is not a format used for EDI? | HTML |
| Search engine results achieved by design and search engine optimization are known as | organic links |
| search engine results where companies pay for placement are known as | sponsored links |
Created by:
leh467