Upgrade to remove ads
Only $35.99/year

ITE303 Chapter 1., ITE303 Chapter 6., ITE303 Chapter 2 ., ITE303 Chapter 3., ITE303 Chapter 4 thầy Việt, ITE303 Chapter 5 thầy Việt, ITE303- Self-Assessment Questions

Terms in this set (163)

The term __________ refers to social conventions about right and wrong that are so widely shared that they become the basis for an established consensus.

A. Morality
B. Virtues
C. Ethics
D. Code of principles
A. Morality
__________ is a set of beliefs about right and wrong behavior within a society.

A. Virtues
B. Code of principles
C. Ethics
D. Morals
C. Ethics
___ are habits of acceptable behavior.

A. Ethics
B. Virtues
C. Morals
D. Code of principles
B. Virtues
A person who acts with integrity acts in accordance with a personal______________.

A. Supply chain sustainability
B. Code of principles
C. Morals
D. Corporate social responsibility
B. Code of principles
__________ are one's personal beliefs about right and wrong.

A. reputation
B. Corporate social responsibility
C. Morals
D. Supply chain sustainability
C. Morals
___________ is the concept that an organization should act ethically by taking responsibility for the impact of its actions on the environment, the community, and the welfare of its employees.

A. Vision and leadership
B. reputation
C. Corporate social responsibility
D. Supply chain sustainability
C. Corporate social responsibility
___________ focuses on developing and maintaining a supply chain that meets the needs of the present without compromising the ability of future generations to meet their needs.


A. Vision and leadership
B. reputation
C. Corporate social responsibility
D. Supply chain sustainability
D. Supply chain sustainability
The public _________ of an organization strongly influences the value of its stock, how consumers regard its products and services, the degree of oversight it receives from government agencies, and the amount of support and cooperation it receives from its business partners.


A. Vision and leadership
B. reputation
C. Corporate social responsibility
D. Supply chain sustainability
B. reputation
The corporate ethics officer provides the organization with ________ and ________ in the area of business conduct.


A. Vision and leadership
B. reputation
C. Corporate social responsibility
D. Supply chain sustainability
A. Vision and leadership
_______ is a system of rules that tells us what we can and cannot do.

A. Vision and leadership
B. Law
C. Corporate social responsibility
D. Supply chain sustainability
B. Law
_________________ requires public companies to disclose whether they have codes of ethics and disclose any waiver to their code of ethics for certain members of senior management.

A. Section 406 of the Sarbanes-Oxley Act
B. renew investor's trust in the content and preparation of disclosure documents by public companies
C. Code of ethics
D. Law
A. Section 406 of the Sarbanes-Oxley Act
The goal of the Sarbanes-Oxley Act was to__________________.

A. Section 406 of the Sarbanes-Oxley Act
B. renew investor's trust in the content and preparation of disclosure documents by public companies
C. Code of ethics
D. Law
B. renew investor's trust in the content and preparation of disclosure documents by public companies
_______________ highlights an organization's key ethical issues and identifies the overarching values and principles that are important to the organization and its decision-making process.

A. Section 406 of the Sarbanes-Oxley Act
B. renew investor's trust in the content and preparation of disclosure documents by public companies
C. Code of ethics
D. Law
C. Code of ethics
A(n) ______________ enables an organization to review how well it is meeting its ethical and social responsibility goals, and communicate new goals for the upcoming year.

A. formal ethics training
B. Social audit
C. Problem definition
D. Section 406 of the Sarbanes-Oxley Act
B. Social audit
______________ makes employees more aware of a company's code of ethics and how to apply it, as well as demonstrates that the company intends to operate in an ethical manner.

A. formal ethics training
B. Social audit
C. Problem definition
D. Section 406 of the Sarbanes-Oxley Act
A. formal ethics training
The most important part of the decision-making process is____________

A. formal ethics training
B. Social audit
C. Problem definition
D. Section 406 of the Sarbanes-Oxley Act
C. Problem definition
The _____________ approach to ethical decision making is based on a vision of society as a community whose members work together to achieve a common set of values and goals.

A. formal ethics training
B. Social audit
C. Problem definition
D. Commond good approach
D. Commond good approach
___________is a clear, concise description of the issue that needs to be addressed.

A. formal ethics training
B. Social audit
C. Problem definition
D. Commond good approach
C. Problem definition
Which of the following is an example of intellectual property?

a. a work of art
b. a computer program
c. a trade secret of an organization
d. all of the above
D. All of the above
Copyright law protects authored works; ___________ law protects inventions.

A. Patent
B. Copyright
C. trade mark
D. trade secert
A. Patent
Software can be protected under copyright law, but it can also be patented. True or False?

A. True
B. False
A. True
The courts may award up to triple damages for which of the following?

a. patent infringement
b. copyright infringement
c. trademark infringement
d. theft of trade secrets
a. patent infringement
Two software manufacturers develop separate but nearly identical programs for playing an online game. Even though the second manufacturer can establish that it developed the program on its own, without knowledge of the existing program, that manufacturer could be found guilty of copyright infringement. True or False?

A. True
B. False
B. False
Title II of the amends the___________ amends the Copyright Act by adding a new section that enables a Web site operator that allows users to post content on its Web site to avoid copyright infringement if certain "safe harbor" provisions are followed.

A. Telecommunications Act
B. Child Online Protection Act
C. Digital Millennium Copyright Act
D. Children's Internet Protection Act
C. Digital Millennium Copyright Act
A(n) _________ is a logo, package design, phrase, sound, or word that enables a consumer to differentiate one company's products from another's.

A trade secert
B. Copyright
C. License
D. trade mark
D. trade mark
Many large software companies have ________ agreements with each other in which each agrees not to sue the other over patent infringement.

A. prior art
B. cross-licensing
C. License
D. Copyright
B. cross-licensing
The ________ doctrine established four factors for courts to consider when deciding whether a particular use of copyrighted property is fair and can be allowed without penalty.


A. Fair use
B. Bad use
C. Easy use
D. Hard use
A. Fair use
A __________ is a form of protection for intellectual property that does not require any disclosures or the filing of an application.

a. copyright
b. patent
c. trade secret
d. trademark
c. trade secret
The WTO developed the ____________ , which established minimum levels of protection that each government must provide to the intellectual property of all WTO members.

A. Secret
B. patent
C. Trade-Related Aspects of Intellectual Property Rights (TRIPS) Agreement
D. cybersquatting
C. Trade-Related Aspects of Intellectual Property Rights (TRIPS) Agreement
Plagiarism is an issue only in academia. True or False?

A. True
B. False
B. False
The process of taking something apart in order to understand it, build a copy of it, or improve it is called ._____________

A. prior art
B. Fair use
C. cybersquatting
D. reverse engineering
D. reverse engineering
As part of the patent application, the USPTO searches the existing body of knowledge that is available to a person of ordinary skill in the art. This existing body of knowledge is also called ____________

A. prior art
B. Fair use
C. reverse engineering
D. cybersquatting
A. prior art
Almost all the data needed for competitive intelligence can be collected either through carefully examining published information or through interviews. True or False?

A. True
B. False
A. True
The main tactic used to circumvent is to register numerous domain name variations as soon as an organization thinks it might want to develop a Web presence.

A. reverse engineering
B. Fair use
C. prior art
D. cybersquatting
D. cybersquatting
A professional is someone who:

A. requires advanced training and experience
B. must exercise discretion and judgment in the course of his or her work
C. does work that cannot be standardized
D. all of the above
D. all of the above
Although end users often get the blame when it comes to using illegal copies of commercial software, software piracy in a corporate setting is sometimes directly traceable to members of the _________ organization.

A. IT
B. Fraud
C. Compliance
D. Internal audit
A. IT
The mission of the Business Software Alliance is to _______

A. Fraud
B. Compliance
C. stop the unauthorized copying of software produced by its members
D. Code of ethics
C. stop the unauthorized copying of software produced by its members
Whistle-blowing is an effort by an employee to attract attention to a negligent, illegal, unethical, abusive, or dangerous act by a company that threatens the public interest. True or False?

A. True
B. False
A. True
_____ is the crime of obtaining goods, services, or property through deception or trickery.

A. Compliance
B. Fraud
C. Code of ethics
D. Certification
B. Fraud
______ means to be in accordance with established policies, guidelines, specifications, or legislation.

A. Compliance
B. Fraud
C. Code of ethics
D. Certification
A. Compliance
Society expects professionals to act in a way that:

a. causes no harm to society
b. provides significant benefits
c. establishes and maintains professional standards that protect the public
d. all of the above
D. all of the above
Most organizations have a(n) _______ team with primary responsibilities to determine that internal systems and controls are adequate and effective.

A. IT
B. Fraud
C. Compliance
D. Internal audit
D. Internal audit
_________ is a process that one undertakes voluntarily to prove competency in a set of skills.

A. Licensing
B. Certification
C. Registration
D. all of the above
B. Certification
Senior management (including members of the audit committee) has the option of ignoring or suppressing recommendations of the internal audit committee. True or False?

A. True
B. False
A. True
_________ has been defined as not doing something that a reasonable person would do, or doing something that a reasonable person would not do.

A. IT
B. Fraud
C. Negligence
D. Internal audit
C. Negligence
A(n) __________states the principles and core values that are essential to the work of a particular occupational group.

A. Compliance
B. Fraud
C. Code of ethics
D. Certification
C. Code of ethics
According to the 2010/11 CSI Computer Crime and Security Survey, which of the following was the most common security incident?

A. being fraudulently misrepresented as a sender of email messages requesting personal information
B. malware infection
C. laptop or mobile hardware theft
D. employees, abuse of Internet access or email
B. malware infection
Computer security incidents occur around the world, with personal computer users in developing countries being exposed to the greatest risk of their computers being infected by malware. True or False?

A. True
B. False
A. True
An attack on an information system that takes advantage of a vulnerability is called a(n) _____

A. exploit
B. CAPTCHA
C. botnet
D. Trojan Horse
A. exploit
________ software operates in a software layer that runs on top of the operating system and enables multiple virtual machines each with their own operating system to run on a single computer.

A. exploit
B. CAPTCHA
C. Virtualization
D. Trojan Horse
C. Virtualization
The number of new software vulnerabilities identified has steadily increased each year since 2006. True or False?

A. True
B. False
A. True
A(n) _________takes places before the security community or software developer knows about the vulnerability or has been able to repair it.

A. Zero-day attack
B. botnet
C. exploit
D. CAPTCHA
A. Zero-day attack
Software that generates and grades tests that humans can pass but that all but the most sophisticated computer programs cannot is called___________

A. Zero-day attack
B. CAPTCHA
C. exploit
D. botnet
B. CAPTCHA
___________is a form of malware that, if a user unknowingly downloads it to his or her smartphone, takes control of the device and its data until the owner agrees to pay a ransom to the attacker.

A. exploit
B. Ransomware
C. Virtualization
D. Trojan Horse
B. Ransomware
A(n) ___________attack is one in which a malicious hacker takes over computers via the Internet and causes them to flood a target site with demands for data and other small tasks.

A. Distributed denial-of-service
B. botnet
C. exploit
D. Virtualization
A. Distributed denial-of-service
A(n)________ is malicious code hidden inside a seemingly harmless program.

A. exploit
B. Ransomware
C. Virtualization
D. Trojan Horse
D. Trojan Horse
A(n) _________is a large group of computers controlled from one or more remote locations by hackers, without the knowledge or consent of their owners.

A. exploit
B. Ransomware
C. botnet
D. Trojan Horse
C. botnet
__________is a method of computing that delivers secure, private, and reliable computing experiences.

A. botnet
B. Trojan horse
C. Ransomware
D. Trustworthy computing
D. Trustworthy computing
The process of assessing security-related risks from both internal and external threats to an organization's computers and networks is called a(n)_________

A. Trustworthy computing
B. Ransomware
C. Risk Assessment
D. botnet
C. Risk assessment
The written statement that defines an organization's security requirements as well as the controls and sanctions used to meet those requirements is known as a:

A. risk assessment
B. security policy
C. firewall
D. none of the above
D. None of the above
Implementation of a strong firewall provides adequate security for almost any network. True or False?

A. True
B. False
B. False
In a security incident, the primary goal must be to monitor and catch the intruder. True or False?

A. True
B. False
B. False
The purpose of the Bill of Rights was to:

A. grant additional powers to the federal government
B. identify exceptions to specific portions of the Constitution
C. identify additional rights of individuals
D. identify requirements for being a "good" U.S. citizen
C. identify additional rights of individuals
_____ is part of the pretrial phase of a lawsuit in which each party can obtain evidence from the other part by various means.

A. Discovery
B. HIPAA
C. wiretap
D. Cookie
A. Discovery
Like many other countries, the United States has developed a single, overarching national data privacy policy. True or False?

A. True
B. False
B. False
The Act ___________ is enforced by the FTC and is designed to ensure the accuracy, fairness, and privacy of information in the files of credit-reporting companies and to check those systems that gather and sell information about people:

A. Gramm-Leach-Bliley
B. Fair Credit Reporting
C. HIPAA
D. USA PATRIOT
b. Fair Credit Reporting
The Fair and Accurate Credit Transactions Act allows consumers to request and obtain a free credit report once each year from each of the three primary consumer credit reporting companies. True or False?

A. True
B. False
A. True
Under the provisions of _________, healthcare providers must obtain written consent from patients prior to disclosing any information in their medical records.

A. Gramm-Leach-Bliley
B. Fair Credit Reporting
C. HIPAA
D. USA PATRIOT
C. HIPAA
According to the Children's Online Privacy Protection Act, a Web site that caters to children must:

A. offer comprehensive privacy policies
B. notify parents or guardians about its data collection practices
C. receive parental consent before collecting any personal information from preteens
D. all of the above
D. all of the above
______ is a federal law that assigns certain rights to parents regarding their children's educational records

A. HIPAA
B. Family Educational Rights and Privacy Act;
C. Fair Credit Reporting
D. Gramm-Leach-Bliley
B. Family Educational Rights and Privacy Act;
__________ v. United States is a famous court ruling that helped form the basis for the requirement that there be a reasonable expectation of privacy for the Fourth Amendment to

A. Katz
B. Trap and trace
C. USA PATRIOCT ACT;
D. FTC
A. Katz
The ______________ Act describes procedures for the electronic surveillance and collection of foreign intelligence information in communications between foreign powers and agents of foreign powers. It also created a special court which meets in secret to hear applications for orders approving electronic surveillance anywhere within the United States.

A. USA PATRIOCT Act;
B. Family Educational Rights and Privacy Act;
C. Foreign Intelligence Surveillance Act;
D. Gramm-Leach-Bliley
C. Foreign Intelligence Surveillance Act;
Which of the following identifies the numbers dialed for outgoing calls?

a. pen register
b. wiretap
c. trap and trace
d. all of the above
a. pen register
In 2011, the Department of Justice submitted 1,745 applications for electronic surveillance to the FISA court and none of those applications were denied. True or False?

A. True
B. False
A. True
The ________ Act gave sweeping new powers both to domestic law enforcement and U.S. international intelligence agencies, including increasing the ability of law enforcement to search telephone, email, medical, financial, and other records.

A. USA PATRIOT Act;
B. Family Educational Rights and Privacy Act;
C. Foreign Intelligence Surveillance Act;
D. Gramm-Leach-Bliley
A. USA PATRIOT Act;
The European philosophy of addressing privacy concerns employs strict government regulation, including enforcement by a set of commissioners; it differs greatly from the U.S. philosophy of having no federal privacy policy. True or False?

A. True
B. False
A. True
________ is a term for a set of guidelines that govern the collection and use of personal data.

A. Fair Information Practices
B. HIPAA
C. wiretap
D. Katz
A. Fair Information Practices
Nearly half the cost of a data breach is a result of lost business opportunity associated with customers whose patronage is lost due to the incident. True or False?

A. True
B. False
A. True
A(n) _________ is a text file that a Web site can download to a visitor's hard drive to identify visitors on subsequent visits.


A. Discovery
B. HIPAA
C. wiretap
D. Cookie
D. Cookie
The agency that is responsible for protecting the privacy of U.S. consumers is the:

A. FBI
B. SEC
C. Department of Homeland Security
D. FTC
D. FTC
The _________ to the U.S. Constitution was adopted to guarantee the right to freedom of expression.

A. First Amendment
B. Doxing
C. John Doe
D. CAN-SPAM
A. First Amendment
An important Supreme Court case that established a three-part test to determine if material is obscene and therefore not protected speech was_________

A. Ewing v. California
A. Atkins v. Virginia
B. Gregg v. Georgia
D. Miller v. California
D. Miller v. California
The right to freedom of expression is restricted when the expressions, whether spoken or written, are untrue and cause harm. True or False?

A. True
B. False
A. True
Because defamation is defined as an untrue statement of fact, truth is an absolute defense against a charge of defamation. True or False?

A. True
B. False
A. True
__________of the Communications Decency Act provides immunity to an Internet service provider that publishes user-generated content, as long as its actions do not rise to the level of a content provider.

A. First Amendment
B. Section 230
C. Doxing
D. John Doe
B. Section 230
Which of the following laws required federally financed schools and libraries to use some form of technological protection to block computer access to obscene material, pornography, and anything else considered harmful to minors?

a. Telecommunications Act
b. Child Online Protection Act
c. Children's Internet Protection Act
d. Communications Decency Act
c. Children's Internet Protection Act
_________is the control or suppression of the publishing or accessing of information on the Internet.

A. Internet censorship
B. Section 230
C. Doxing
D. John Doe
A. Internet censorship
An anti-SLAPP law is used by government officials against citizens who oppose them on matters of public concern. True or False?

A. True
B. False
B. False
________ involves the examination of Internet records in an attempt to reveal the identity of an anonymous poster.

A. John Doe
B. Section 230
C. Doxing
D. Internet censorship
C. Doxing
A(n) __________ lawsuit can be filed against a defendant whose identity is temporarily unknown because he or she is communicating anonymously or using a pseudonym.

A. Doxing
B. Internet censorship
C. John Doe
D. Section 230
C. John Doe
The California State Court in Pre-Paid v. Sturtz et al set a legal precedent that courts apply when deciding:

a. whether material is obscene
b. if a library must install filters on its computers
c. whether or not to approve subpoenas requesting the identity of anonymous Web posters
d. whether speech is merely annoying or hate speech
c. whether or not to approve subpoenas requesting the identity of anonymous Web posters
A person who posts material on the Web that is illegal in a foreign country can be prosecuted if he visits that country; however, U.S. laws do not allow a person to be extradited for an activity protected by the U.S. Constitution. True or False?

A. True
B. False
A. True
Pornography purveyors are free to produce and publish whatever they want; however, if what they distribute or exhibit is judged obscene, they are subject to prosecution under obscenity laws. True or False?

A. True
B. False
B. False
All anonymous email and blog postings are either illegal or unethical. True or False?

A. True
B. False
B. False
Sexting is a fast-growing trend among U.S. teenagers. True or False?

A. True
B. False
B. False
The _________ Act specifies requirements that commercial emailers must follow in sending out messages that advertise or promote a commercial product or service.

A. Doxing
B. Telecommunications Act
C. Section 230
D. CAN-SPAM Act
D. CAN-SPAM Act
The term describes the standards or codes of behavior expected of an individual by a group to which the individual belongs.
a. morals
b. ethics
c. virtues
d. integrity
C
2. is/are one's personal beliefs about what is right and wrong.
a. Virtues and vices
b. Ethics
c. Morals
d. Code of ethics
C
3. Laws provide a complete guide to ethical behavior.
True or False?
FALSE
4. The moral corruption of people in power has been given the name ....
Bathsheba syndrome
5. According to the Ethics Resource Center, which of the following is the most commonly observed form of employee misconduct?
a. Lying to employees
b. Abusive behavior
c. Inappropriate social networking
d. Misuse of company time
D
6. Nonmanagers are responsible for what percent of instances of reported misconduct?
a. Roughly 25 percent
b. Over 50 percent
c. About 40 percent
d. Less than 33 percent
C
7. The goodwill that CSR activities generate can make it easier for corporations to conduct their business but is unlikely to affect the profitability of the firm.
True or False?
False
8. If an employee acts in a manner contrary to corporate policy and their employee's directions, the employer cannot be held responsible for these actions.
True or False?
False
9. Approximately how many U.S. workers have reported worker or manager misconduct and then suffered some sort of retribution from their supervisor or negative reactions from their coworkers?
a. Less than 5.5 million
b. Over 10 million
c. Some 6.2 million
d. About 8.7 million
C
10. A statement that highlights an organization's key ethical issues and identifies the overarching values and principles that are important to the organization and its decision making.
a. Integrity statement
b. Code of ethics
c. Mission statement
d. Vision statement
B
11. Which of the following is not a key goal of employee ethics training?
a. Increase the percentage of employees who report incidents of misconduct.
b. Make employees more aware of the company's code of ethics and how to apply it.
c. Become familiar with various philosophers and how they dealt with ethical issues.
d. Reduce the company's liability in the event of legal action.
C
12. Identifying the stakeholders and their positions on an issue is a part of which decisionmaking step?
a. Define the problem
b. Review the applicable guidelines, policies, and laws
c. Identify and evaluate options
d. Choose the best option
A
13. If you find yourself rationalizing a decision with the statement "Well, our competitors are doing something far worse"—what action should you not take?
a. Drop this option, and implement the same policy as your competitors.
b. Reconsider your options.
c. Realize you are about to make a decision that you will find difficult to justify to others.
d. Seek input and advice from others.
A
14. Important decisions with strong ethical implications are too often left to the technical experts; general business managers must assume greater responsibility for these decisions.
True or False?
True
1. An IT worker cannot be sued for professional malpractice unless he or she is licensed.
True or False.
True
2. The mission of the Software & Information Industry Association and the Business Software Alliance is to .
a. protect the trade secrets of world's largest software and hardware manufacturers
b. encourage disgruntled employees to report misdeeds by their employers
c. stop the unauthorized copying of software produced by its members d. provide recommendations on how to develop software code that is unhackable
C
3. .............. is an effort by an employee to attract attention to a negligent, illegal, unethical, abusive, or dangerous act by a company that threatens the public interest.
Whistle- blowing
............ occurs when a party fails to perform certain express or implied obligations, which impairs or destroys the very essence of a contract.
a. Fraud
b. Material breach of contract
c. Breach of contract
d. Misrepresentation
B
Under the Foreign Corrupt Practices Act (FCPA), it is permissible to pay an official to perform some official function faster (for example, to speed customs clearance).
True or False
True
6. A(An)........ states the principles and core values that are essential to the work of a particular occupational group.
professional code of ethics or code of ethics
7. Unlike certification, which applies only to people and is required by law, licensing can also apply to products.
True or False.
False
8. To become licensed as a software engineer in the United States, one must pass the Fundamental of Engineering exam and a software engineering ................ exam.
Principles and Practices
9. The core ................... for any profession outlines agreed-upon sets of skills and abilities that all licensed professionals must possess.
body of knowledge
10. Professionals who breach the duty of care are liable for injuries that their negligence causes. This liability is commonly referred to as . a. negligence
b. professional malpractice
c. breach of contract
d. breach of contract
B
11. Senior management (including members of the audit committee) must always follow the recommendations of the internal audit committee.
True or False.
True
12. .............. is the process established by an organization's board of directors, managers, and IT systems people to provide reasonable assurance for the effectiveness and efficiency of operations, the reliability of financial reporting, and compliance with applicable laws and regulations.
Internal control
13. The software piracy rates in Albania, Kazakhstan, Libya, Panama, and Zimbabwe .
a. exceed 90 percent
b. are nearly 100 percent
c. exceed 70 percent
d. are about 50 percent
C
14. Which of the following is not one of the five key elements of an acceptable use policy (AUP)?
a. Purpose of the AUP, why it is needed and what are its goals
b. Background and make-up of the infosec organization that enforces the AUP
c. Definition of the actions that will be taken against an individual who violates the policy
d. Scope of who and what is covered under the AUP
B
15. A .......... is hardware or software (or a combination of both) that serves as the first line of defense between an organization's network and the Internet; it also limits access to the company's network based on the organization's Internet-usage policy.
firewall
1. The number of global companies that have an overall security strategy is .
a. less than one-third
b. more than two-thirds
c. about 58 percent
d. nearly 75 percent
C
2. The worldwide financial services industry spent over $27 billion on IT security and fraud prevention in 2015.
True or False?
True
3. A(n) is an attack on an information system that takes advantage of a particular system vulnerability.
a. virus
b. worm
c. Trojan horse
d. exploit
D
4. A(n) ............. exploit is an attack that takes place before the security community and/or software developers become aware of and fix a security vulnerability.
Zero- day
5. A(n)........... is an individual who hacks computers or websites in an attempt to promote a political ideology.
a. black hat hacker
b. cracker
c. malicious insider
d. hacktivist
D
6. A(n)............ is a sophisticated threat that combines the features of a virus, worm, Trojan horse, and other malicious code into a single payload.
blended threat
7. A(n) .................. is an attack in which a malicious hacker takes over computers via the Internet and causes them to flood a target site with demands for data and other small tasks.
a. rootkit
b. zombie
c. botnet
d. distributed denial-of-service
D
8. ............. is an exploit in which victims receive a voice-mail message telling them to call a phone number or access a website.
Vishing
9. ........... involves the deployment of malware that secretly steals data in the computer systems of organizations that can be used to gain an unfair competitive advantage for the perpetrator.
a. Cyberterrorism
b. Data breach
c. Cyberespionage
d. Smishing
C
10. The computer security triad consists of .
a. security, confidentiality, and intelligence
b. confidence, safety, and integrity
c. confidence, safety, and intelligence
d. integrity, confidentiality, and availability
D
11. .............. is the process of assessing security-related risks to an organization's computers and networks from both internal and external threats.
Risk assessment
12. The business recovery plan is the documented process to recover an organization's business information system assets including hardware, software, data, networks, and facilities in the event of a disaster.
True or False?
False
13. Which of the following is not a multifactor authentication method? a. Entering a user name and a strong end-user password at least 10 characters long including capital letters, numbers, and special characters
b. Plugging a hardware token into a USB port of the computer and entering an end-user password
c. Entering a password and providing a voice pattern sample
d. Providing a fingerprint recognition and entering a password
A
14. A(n)........... is a hardware- or software-based network security system that is able to detect and block sophisticated attacks by filtering network traffic depend on the contents of data packets.
a. firewall
b. router
c. antivirus software
d. next-generation firewall
D
15. ................. is the process of scrambling messages or data in such a way that only authorized parties can read it.
Encryption
16. A virtual private network (VPN) enables remote users to securely access an organization's collection of computing and storage devices and share data remotely transmitting and receiving data over public networks such as the Internet.
True or False?
True
17. Antivirus software scans for a specific sequence of bytes known as a(n) ............ that indicates the presence of a specific virus.
Virus signature
18. In the event of a successful cyberattack, the best way to give out specific information is through use of online discussion groups, email, and other systems connected to the compromised system.
True or False?
False
19. A(n) .................. is a company that monitors, manages, and maintains computer and network security for other organizations.
managed security service provider( MSSP)
20. ................. is a discipline that combines elements of law and computer science to identify, collect, examine, and preserve data from computer system, networks, and storage devices in a manner that preserves the integrity of data gathered so that it is admissible as evidence in a court of law.
Computer forensics
1. The Supreme Court has stated that American citizens are protected by the Fourth Amendment with no exception.
True or False?
False
2. ...........is a system employed to collect Internet data including search histories, photos sent and received; the contents of email, file transfers, and voice and video chats; and other Internet communication data. a. MYSTIC
b. Stingray
c. PRISM
d. ALPR
C
3. Although a number of independent laws and acts have been implemented over time, no single, overarching data privacy policy has been developed in the United States. However, there is an established advisory agency that recommends acceptable privacy practices to U.S. businesses.
True or False?
False
4. This act allows consumers to request and obtain a free credit report once each year from each of the three primary consumer credit reporting companies.
a. Fair Credit Reporting Act
b. Right to Financial Privacy Act
c. Gramm-Leach-Bliley Act
d. Fair and Accurate Credit Transactions Act
D
5. Under (the) .................., the presumption is that a student's records are private and not available to the public without the consent of the student. a. HIPAA
b. American Recovery and Reinvestment Act
c. Family Educational Rights and Privacy Act
d. Children's Online Privacy Protection Act
C
6. ............describes procedures for the electronic surveillance and collection of foreign intelligence between foreign powers and agents of foreign powers. It also created a special court which meets in secret to hear applications for orders approving electronic surveillance anywhere within the United States. a. The Foreign Intelligence Surveillance Act
b. The USA PATRIOT Act
c. The USA Freedom Act
d. Executive Order 12333
A
7. (The) ................approves the use of any intelligence collection techniques that are in accordance with procedures established by the head of the intelligence community and approved by the attorney general.
a. Foreign Intelligence Surveillance Act
b. USA PATRIOT Act
c. USA Freedom Act
d. Executive Order 12333
D
8. The number of U.S. government intelligence-gathering units identified in Executive Order 12333 exceeds 18.
True or False?
True
9. The is designed to strengthen the data protection for individuals within the EU and includes stiff penalties for privacy violations.
a. Organization for Economic Co-operation and Development for the Protection of Privacy and Transborder Flows of Personal Data b. European Union Data Protective Directive
c. European-United States Privacy Shield Data Transfer Program Guidelines
d. General Data Protection Regulation
D
10. Federal agencies receiving a .................request must acknowledge that the request has been received and indicate when the request will be fulfilled, with an initial response within 20 working days unless an unusual circumstance occurs.
Freedom of Information Request
11. Many companies obtain information about web surfers through the use of .................., which are text files that can be downloaded to the hard drives of users so that the website is able to identify visitors on subsequent visits.
cookies
12. Publicly traded organizations have an obligation to report all data breaches to the Securities and Exchange Commission.
True or False?
False
13. Often organizations who are engaged in litigation will send a ..................notice to its employees or to the opposing party to save relevant data and to suspend data that might be due to be destroyed based on normal data-retention rules.
litigation hold
14. .............is a process that couples human guidance with computer-driven concept searching in order to train document review software to recognize relevant documents with a document universe.
Predictive coding
15. A recent study revealed that between percent of workers' time online has nothing to do with work. a. 20 and 40
b. 30 and 50
c. 50 and 70
d. 60 and 80
D
16. The Fourth Amendment cannot be used to limit how a private employer treats its employees, and private-sector employees must seek legal protection against an invasive employer under various state statues.
True or False?
True
17. China has more surveillance cameras per person than Great Britain.
True or False?
False
18. Beginning with the model year 2011 vehicles, the National Highway Safety Administration defined a minimum set of 15 data elements that must be captured for manufacturers who voluntarily install Electronic Data Recorders on their vehicles.
True or False?
True
Other sets by this creator