Test Bank for Corporate Computer Security, 5th Edition

Name: Test Bank for Corporate Computer Security, 5th Edition
Brand: Academic Documents Platform
Price: 17 USD
Availability: InStock
Author: Jack Murphy

Study stress-free with Test Bank for Corporate Computer Security, 5th Edition, a concise and easy-to-follow exam guide tailored for success.

Jack Murphy

Contributor

4.7

2 days ago

Preview (16 of 246)

1
Corporate Computer Security, 5e (Boyle/Panko)
Chapter 1 The Threat Environment
1) The three common core goals of security are ________.
A) confidentiality, information, and authorization
B) confidentiality, integrity, and authentication
C) confidentiality, information, and availability
D) confidentiality, integrity, and availability
Answer: D
Page Ref: 3
Learning Objective: 1.1 Define the term threat environment
Difficulty: Moderate
2) If an attacker breaks into a corporate database and deletes critical files, this is an attack against
the ________ security goal.
A) confidentiality
B) integrity
C) availability
D) CIA
Answer: B
Page Ref: 3
Learning Objective: 1.1 Define the term threat environment
Difficulty: Moderate
3) Which of the following is NOT a type of countermeasure?
A) Corrective
B) Preventative
C) Detective
D) Sustainable
Answer: D
Page Ref: 4
Learning Objective: 1.1 Define the term threat environment
Difficulty: Moderate
4) When a threat succeeds in causing harm to a business, this is known as a(n) ________.
A) breach
B) PII
C) CIA
D) unintended access
Answer: A
Page Ref: 4
Learning Objective: 1.1 Define the term threat environment
Difficulty: Easy

2
5) Methods that security professionals use to try to stop threats include all of the following
EXCEPT ________.
A) safeguards
B) countermeasure
C) protections
D) breaches
Answer: D
Page Ref: 3
Learning Objective: 1.1 Define the term threat environment
Difficulty: Moderate
6) Which of the following is NOT a type of countermeasure?
A) Detective
B) Corrective
C) Cyberwar
D) Preventative
Answer: C
Page Ref: 4
Learning Objective: 1.1 Define the term threat environment
Difficulty: Easy
7) The cost of computer crime is well known.
Answer: FALSE
Page Ref: 2
Learning Objective: 1.1 Define the term threat environment
Difficulty: Moderate
8) Availability means that attackers cannot change or destroy information.
Answer: FALSE
Page Ref: 3
Learning Objective: 1.1 Define the term threat environment
Difficulty: Easy
9) Costs for all threats is increasing annually.
Answer: TRUE
Page Ref: 3
Learning Objective: 1.1 Define the term threat environment
Difficulty: Easy
10) Corrective countermeasures identify when a threat is attacking.
Answer: FALSE
Page Ref: 4
Learning Objective: 1.1 Define the term threat environment
Difficulty: Easy

3
11) Preventative countermeasures keep attacks from succeeding.
Answer: TRUE
Page Ref: 4
Learning Objective: 1.1 Define the term threat environment
Difficulty: Easy
12) Detective countermeasures is considered one of the security goals of computer staff.
Answer: FALSE
Page Ref: 4
Learning Objective: 1.1 Define the term threat environment
Difficulty: Easy
13) Most countermeasure controls are preventative controls.
Answer: TRUE
Page Ref: 4
Learning Objective: 1.1 Define the term threat environment
Difficulty: Easy
14) A ________ happens when an unauthorized person is able to view, alter, or steal secured
data.
A) countermeasure
B) data breach
C) safeguard
D) compromise
Answer: B
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
15) More than ________ records were stolen in 2018.
A) 2.2 billion
B) 1 million
C) 5 billion
D) 100,000
Answer: C
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy

4
16) Which of the following is true about data breaches in 2018?
A) It's likely that half of all Americans lost their records at least one time in 2018.
B) It's likely that nearly everyone lost their records at least one time in 2018.
C) More than 12 billion people lost their records in 2018.
D) Slightly less than half of the world's population lost their records at least once in 2018.
Answer: B
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Moderate
17) Indirect costs due to data breaches are estimated to be:
A) $3.9 million per incident
B) $150 million per year
C) $10,000 per incident
D) $190,000 per year
Answer: A
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
18) The chances of an organization having a data breach over the next two years is
approximately ________.
A) 10 percent
B) 20 percent
C) 42 percent
D) 28 percent
Answer: D
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
19) Which of the following is NOT an indirect cost of a major data breach?
A) Loss of reputation
B) Notification costs
C) Abnormal customer turnover
D) Increased customer acquisition activities
Answer: B
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Moderate

5
20) Which of the following is NOT a direct cost of a major data breach?
A) Loss of reputation
B) Notification costs
C) Legal fees
D) Detection
Answer: A
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Moderate
21) Which of the following companies experienced the largest data breach in history in 2016?
A) Amazon
B) Yahoo! Inc.
C) First American Corp.
D) Facebook
Answer: B
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
22) When a data breach occurs, hackers are primarily looking for ________.
A) personal and business addresses
B) access to systems
C) personally identifiable information
D) cash and credit card numbers
Answer: C
Page Ref: 6
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
23) Stolen information is commonly used for ________.
A) credit card fraud
B) identity theft
C) false claims
D) data mismanagement
Answer: A
Page Ref: 6
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy

Loading page 6...

6
24) Which of the following is typically considered the first step in protecting your company from
data breaches?
A) Locking up your data to prevent data breaches
B) Understanding how data breaches happen
C) Purchasing software to prevent data breaches
D) Hiring a qualified data security team
Answer: B
Page Ref: 7
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
25) Data from Target customers was stolen ________.
A) online
B) from point-of-sale (POS) systems
C) primary by internal hackers, mostly employees
D) through employee extortion
Answer: B
Page Ref: 7
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
26) Attackers in the Target data breach used malware and then used ______ or ______ to infect a
Target third party vendor.
A) spear phishing; sabotage
B) hacking; sabotage
C) spear phishing; a targeted phishing attack
D) viruses; worms
Answer: C
Page Ref: 7
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Moderate
27) What is Trojan.POSRAM in regard to Target's data breach?
A) Employee sabotage
B) Malware
C) A virus
D) A worm
Answer: B
Page Ref: 8
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy

Loading page 7...

7
28) The Target data breach helped impact a shift from swipe cards to ________.
A) EMV-compliant smart cards
B) POS systems
C) keystroke logger
D) rootkits
Answer: A
Page Ref: 8
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
29) One of the long-lasting effects of the data breach to Target was ________.
A) loss of money
B) loss of customer confidence
C) loss of merchandise
D) employee dissatisfaction
Answer: B
Page Ref: 8
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Moderate
30) Data breaches are rarely costly to a company.
Answer: FALSE
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Moderate
31) Data breaches are always the result of hackers in distant locations.
Answer: FALSE
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
32) Direct costs of handling a data breach include paying for notification and detection.
Answer: TRUE
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
33) Indirect cost related to data breaches average an addition $10 million per incident in the U.S.
Answer: FALSE
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy

Loading page 8...

8
34) There is about a one in four chance that your organization will experience a data breach.
Answer: TRUE
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
35) More than 67 percent of data breaches come from hackers trying to make money.
Answer: TRUE
Page Ref: 5
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
36) Rogue internal employees typically have a more difficult time stealing data than do external
hackers.
Answer: FALSE
Page Ref: 6
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
37) The Target data breach affected 30 percent of the population of the U.S.
Answer: TRUE
Page Ref: 7
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
38) Trojan.POSRAM is a variant of the ILOVEYOU virus.
Answer: FALSE
Page Ref: 8
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
39) Hackers sold stolen credit card information gained from the Target breach.
Answer: TRUE
Page Ref: 9
Learning Objective: 1.2 Describe the impact of data breaches
Difficulty: Easy
40) Which of the following is FALSE about employees being considered dangerous in regard to
security?
A) Employees usually have extensive knowledge of systems.
B) Employees often have the credentials needed to access sensitive parts of systems.
C) Companies generally have little trust in their employees.
D) Employees know corporate control mechanisms and so often know how to avoid detection.
Answer: C
Page Ref: 11
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Moderate

Loading page 9...

9
41) ________ are considered the most dangerous of all employees.
A) Financial professionals
B) IT security employees
C) CEOs
D) Data entry clerks
Answer: B
Page Ref: 11
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Moderate
42) ________ is the destruction of hardware, software, or data.
A) Extortion
B) Denial of service
C) Hacking
D) Sabotage
Answer: D
Page Ref: 13
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Easy
43) In ________, a perpetrator tries to obtain money or other goods by threatening to take
actions that would be against the victim's interest.
A) fraud
B) hacking
C) abuse
D) extortion
Answer: D
Page Ref: 14
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Easy
44) ________ consists of activities that violate a company's IT use and/or ethics policies.
A) Abuse
B) Fraud
C) Extortion
D) Hacking
Answer: A
Page Ref: 14
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Easy

Loading page 10...

10
45) Which of the following is considered a trade secret?
A) Product formulations
B) Patents
C) Trade names
D) Trademarks
Answer: A
Page Ref: 14
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Easy
46) Employees often have extensive knowledge of systems and can pose a greater risk than
external attackers.
Answer: TRUE
Page Ref: 11
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Easy
47) Penalties for hacking are significantly different if you are attempting to steal a million dollars
or attempting to steal nothing of value.
Answer: FALSE
Page Ref: 11
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Easy
48) Misappropriation of assets is an example of employee financial theft.
Answer: TRUE
Page Ref: 13
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Easy
49) Downloading pornography can invoke a sexual harassment lawsuit.
Answer: TRUE
Page Ref: 13
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Easy
50) If you are explicitly or implicitly allowed to use the resources that you're accessing on a
company computer, you have authorization to do so.
Answer: TRUE
Page Ref: 13
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Easy

Loading page 11...

11
51) Copyrights and patents are known as trade secrets.
Answer: FALSE
Page Ref: 13
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Moderate
52) You have access to your home page on a server. By accident, you discover that if you hit a
certain key, you can get into someone else's files. You spend just a few minutes looking around.
This is hacking.
Answer: TRUE
Page Ref: 13
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Moderate
53) The terms "intellectual property" and "trade secret" are synonymous.
Answer: FALSE
Page Ref: 13
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Easy
54) Contract workers can also be considered a threat to a business.
Answer: TRUE
Page Ref: 15
Learning Objective: 1.3 Describe threats from employees and ex-employees
Difficulty: Easy
55) ________ is a generic term for "evil software."
A) Spyware
B) Payloads
C) Malware
D) Ransomware
Answer: C
Page Ref: 16
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Easy
56) ________ are programs that attach themselves to legitimate programs.
A) Viruses
B) Worms
C) Payloads
D) Direct-propagation worms
Answer: A
Page Ref: 16
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Easy

Loading page 12...

12
57) ________ are spread through e-mail with infected attachments.
A) Viruses
B) Worms
C) Direct-propagation worms
D) Distributed denial-of-service (DDoS) attacks
Answer: C
Page Ref: 16
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Moderate
58) Some ________ can jump directly between computers without human intervention.
A) DDoS attacks
B) viruses
C) worms
D) direct-propagation worms
Answer: B
Page Ref: 16
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Easy
59) ________ take advantage of vulnerabilities in software.
A) Direct-propagation worms
B) Trojan horses
C) Blended threats
D) Bots
Answer: D
Page Ref: 16
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Moderate
60) What is a payload?
A) Malicious software that blocks access to a system or data until money is paid to the attacker
B) A generic name for any "evil software"
C) A piece of code executed by a virus or a worm
D) A program that gives an attacker remote control of your computer
Answer: C
Page Ref: 18
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Difficult

Loading page 13...

13
61) A program that gives an attacker remote access control of your computer is known as
________.
A) a RAT
B) a Trojan horse
C) spyware
D) a cookie
Answer: A
Page Ref: 19
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Moderate
62) A ________ is a small program that, after installed, downloads a larger attack program.
A) rootkit
B) keystroke logger
C) downloader
D) Trojan horse
Answer: C
Page Ref: 19
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Moderate
63) Which of the following is a type of spyware?
A) Keystroke loggers
B) Rootkits
C) Spam
D) Downloaders
Answer: A
Page Ref: 20
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Moderate
64) Which of the following is FALSE about rootkits?
A) Rootkits are seldom caught by ordinary antivirus programs.
B) Rootkits take over the root account of a computer.
C) Rootkits use a root account's privileges to hide themselves.
D) Rootkits are typically less of a threat than are Trojan horses.
Answer: D
Page Ref: 20
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Difficult

Loading page 14...

14
65) Mobile code usually is delivered through ________.
A) e-mail
B) direct-propagation worms
C) webpages
D) spam
Answer: C
Page Ref: 20
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Moderate
66) ________ take advantage of flawed human judgment by convincing a victim to take actions
that are counter to security policies.
A) Phishing attacks
B) Hoaxes
C) Social engineering attacks
D) Spear phishing attacks
Answer: C
Page Ref: 21
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Moderate
67) You receive an e-mail that seems to come from your bank. Clicking on a link in the message
takes you to a website that seems to be your bank's website. However, the website is fake. This is
called ________.
A) a hoax
B) social engineering
C) spear fishing
D) phishing
Answer: D
Page Ref: 21
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Moderate
68) You receive an e-mail that appears to come from a frequent customer. It contains specific
information about your relationship with the customer. Clicking on a link in the message takes
you to a website that seems to be your customer's website. However, the website is fake. This is
an example of ________.
A) social engineering
B) spear fishing
C) phishing
D) a hoax
Answer: B
Page Ref: 21
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Moderate

Loading page 15...

15
69) Worms and viruses act much in the same way in how they propagate.
Answer: TRUE
Page Ref: 16
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Easy
70) Nonmobile malware can be carried to a system as part of a payload.
Answer: TRUE
Page Ref: 18
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Easy
71) A malicious payload is a program that hides itself by deleting a system file and taking on the
system file's name.
Answer: FALSE
Page Ref: 19
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Moderate
72) Cookies are small text strings stored on your own personal computer.
Answer: TRUE
Page Ref: 20
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Easy
73) Mobile code usually is contained in webpages.
Answer: TRUE
Page Ref: 20
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Easy
74) The definition of spam is "unsolicited commercial e-mail."
Answer: TRUE
Page Ref: 21
Learning Objective: 1.4 Describe threats from malware writers
Difficulty: Easy
75) Most traditional external attackers were primarily motivated by ________.
A) the thrill of breaking in
B) making money through crime
C) stealing personal identity data
D) capturing thousands and thousands of credit card numbers
Answer: A
Page Ref: 22
Learning Objective: 1.5 Describe traditional external hackers and their attacks, including break-
in processes, social engineering, and denial-of-service attacks
Difficulty: Easy

Loading page 16...

13 more pages available. Scroll down to load them.

Preview Mode

100%

Study Now!

XY-Copilot AI

Unlimited Access

Secure Payment

Instant Access

24/7 Support

Document Chat

Document Details

Subject

Information Technology

Test Bank for Corporate Computer Security, 5th Edition

Study Now!

Document Details

Related Documents

Trust Relationship Between Two Domains

Cloud Computing in Education Section

Best Use of MD5 or SHA1 Network Security

Data Breaches and Regulatory requirement

Week 5 iLab� Fireworks Stand Checkout

Computer Systems Security Foundations

HD DVD/Blu-ray Format

ERM and Database Management

Single Sign-On Access

Cloud Technology and Virtualization

Company

Explore

Study Tools