Identity theft
____________ is a crime in which an imposter obtains key pieces of personal information to impersonate someone else
imposes responsibility on companies and management to safeguard the accuracy of financial information
The Sarbanes-Oxley Act:
spoofing
Phishing is a form of:
Authentication cannot be established by the use of a password
Which of the following statements about passwords is not true?
DDoS
Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n) __________ attack
spyware
A keylogger is a type of:
enforce a security policy on data exchanged between its network and the internet
A firewall allows the organization to:
redirecting users to a fraudulent website even when the user has typed in the correct address in the web browser
Pharming involves
VoIP is more secure than the switched voice network
Which of the following statements about internet security is not true?
SSIDs
_____________ identify the access points in a Wi-Fi network
The most common type of electronic evidence is:
is a device that displays passcodes
An authentication token:
bogus wireless network access points that look legitimate to users
Evil twins are:
a file deleted from a hard disk
Which of the following is a type of ambient data?
cyberwarfare
A foreign country attempting to access government networks in order to disable a national power grid would be an example of
risk assessment
Analysis of an information system that rates the likelihood of a security incident occurring and its cost is included in a(n)
body odor
All of the following are currently being used as traits that can be profiled by biometric authentication except:
illegally accessing stored electronic communication
Which of the following is not an example of a computer used as a target of crime?
National Information Infrastructure Protection Act
Which of the following specifically makes malware distribution and hacker attacks to disable websites a federal crime?
UTM
Comprehensive security management products, with tools for firewalls, VPNs, intrusion detection systems, and more, are called ________ systems.
setting up a fake medical Web site that asks users for confidential information.
An example of phishing is
Security
________ refers to policies, procedures, and technical measures used to prevent unauthorized access, alternation, theft, or physical damage to information systems.
Disaster recovery planning
Which of the following focuses primarily on the technical issues of keeping systems up and running?
Data security
________ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access, change, or destruction while they are in use or in storage.
SSL, TLS, and S-HTTP
Currently, the protocols used for secure information transfer over the Internet are
breaching the confidentiality of protected computerized data
Which of the following is not an example of a computer used as an instrument of crime?
It is not possible to make a smartphone part of a botnet.
Which of the following statements about botnets is not true?
war driving
A practice in which eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic is referred to as:
social engineering
Tricking employees to reveal their passwords by pretending to be a legitimate member of a company is called
symmetric key encryption
In which method of encryption is a single encryption key sent to the receiver so both sender and receiver share the same key?
outlines medical security and privacy rules
The HIPAA Act of 1996:
An AUP
Which of the following defines acceptable uses of a firm's information resources and computing equipment?
Controls
Which of the following refers to all of the methods, policies, and organizational procedures that ensure the safety of the organization's assets, the accuracy and reliability of its accounting records, and operational adherence to management standards?
spoofing
Redirecting a Web link to a different address is a form of
application controls
All of the following are types of information systems general controls except
can be classified as input controls, processing controls, and output controls
Application controls
deep packet inspection
In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data
collecting physical evidence on the computer.
Computer forensics tasks include all of the following except:
requires financial institutions to ensure the security of customer data.
The Gramm-Leach-Bliley Act
WPA2
Which of the following specifications replaced WEP with a stronger security standard that features changing encryption keys?
click fraud
A salesperson clicks repeatedly on the online ads of a competitor's in order to drive the competitor's advertising costs up. This is an example of
worm
An independent computer program that copies itself from one computer to another over a network is called a
payload
Most computer viruses deliver a: