Chapter12Unlocked

Chapter12Unlocked - Exam Name TRUE/FALSE. 1 2 ,...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Exam Name___________________________________ TRUE/FALSE. Write ʹ T ʹ if the statement is true and ʹ F ʹ if the statement is false. 1) An example of a human mistake is an employee entering the wrong data into an account. 1) 2) An example of malicious human activity could include an employee who, in the course of backing up a database, inadvertently installs an old database on top of the current one. 2) 3) Unauthorized data disclosures can occur from malicious human activity. 3) 4) Phishing is when someone sends an email pretending to be a legitimate company and asking for confidential data, such as account numbers. 4) 5) Pretexting occurs when you receive a confidential SMS by mistake. 5) 6) Spoofing is a technique for intercepting computer communications. 6) 7) Email spoofing is a synonym for phishing. 7) 8) Drive - by spoofers take computers with wireless connections through an area and search for unprotected wireless networks. 8) 9) Drive - by sniffers can be prevented from accessing wireless networks by protecting them. 9) 10) People who intentionally gain unauthorized access to computer systems are called hackers. 10) 11) Faulty service can be caused by usurpation. 11) 12) Denial of service always occurs because of malicious attacks on the system. 12) 13) When a hacker floods a Web server with millions of bogus service requests so that it cannot service legitimate requests, this is called a denial - of - service attack. 13) 14) Any action, device, procedure, technique, or other measure that reduces a system ʹ s vulnerability to a threat is a safeguard. 14) 15) The IT department should set the security policy for an organization. 15) 16) Everyone in the department must adequately safeguard company assets. This statement is in accordance with the elements of company security outlined in the NIST Handbook. 16) 17) According to the elements of company security outlined in the NIST Handbook, computer security should not be constrained by societal factors. 17) 18) Uncertainty is the likelihood of an adverse occurrence. 18) 1
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
19) Risk management can only be approximated because of uncertainty. 19) 20) The Privacy Act of 1974 gives individuals the right to access health data. 20) 21) HIPAA sets limits on who can receive your health information. 21) 22) The Gramm - Leach - Bliley Act set limits on how health care providers use your medical information. 22) 23) Vulnerabilities in a security system are its weaknesses. 23) 24) Tangible consequences include such things as loss of customer goodwill due to an outage. 24) 25) Probable loss is the probability that a given asset will be compromised by a given threat, despite the safeguards. 25) 26) The ʺ bottom line ʺ of risk assessment is termed probable loss. 26) 27) Technical safeguards involve the hardware and software components of an information system. 27) 28) Smart cards are convenient and easy to use since they don ʹ t require any PIN numbers for authentication. 28)
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page1 / 10

Chapter12Unlocked - Exam Name TRUE/FALSE. 1 2 ,...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online