True / False
1. Microsoft Windows includes BitLocker in some editions, so entire hard drives can be
encrypted.
2. Employees with access to any sensitive information should be asked to sign
nondisclosure agreements.
3. The Patriot Act was the first U.S. law to criminalize theft of commercial trade secrets.
4. Crafting email and websites to specifically target certain victims is called dive
bombing.
5. A key logger can be hardware-based of software-based.
6. Funcrypt is a free tool that can be used to encrypt drives, folders, or partitions.
7. Hiding a message in images is an example of stenography.
8. Sending a forged email asking for sensitive data is an example of steganography.
9. VI (value of information) = C (cost to produce) + VG (value gained).
10. Industrial espionage is the use of spying techniques to find out key information that is
of economic value.
Multiple Choice
1. ______________ is the use of spying techniques to find out key information that is of
economic value.
a. Industrial espionage
b. Scanning
c. Electronic monitoring
d. None of the above
2. Which of the following is NOT an example of industrial espionage?
a. Details on a competitor’s new project
b. A list of a competitor’s clients
c. Denial-of-service attack
d. None of the above
3. For security reasons, when an employee leaves a company, you should conduct a(n)
________ interview.
a. Security
b. Exit
c. Employment
d. Scanning
4. VI (value of information) = C (cost to produce) + ___________.
a. MU (markup)
b. GM (gross margin)
c. VG (value gained)
d. VL (value lost)
Answer C.
5. Data stored in computer systems has a high value because there is a great deal of time
and effort that goes into creating an analyzing it and ________________.
a. Data often has intrinsic value.
b. Data is an asset that appreciates.
c. Data lasts forever.
d. None of the above.
6. The process to list assets that you believe support your organization is called
________.
a. Business planning
b. Asset identification
c. Making a balance sheet
d. Organizational charting
7. The company whose chief executive officer was indicted for copyright infringement
of allegedly stealing technology from D-Link, which was one of its own customers, was
_________.
a. General Motors
b. Interactive Television Technologies, Inc.
c. Bloomberg, Inc.
d. None of the above
8. The company involved in an attack by Oleg Zezev from Kazahkstan, in which Zezev
accessed computer data and copied personal information for purposes of blackmail was
______.
a. General Motors
b. Interactive Television Technologies, Inc.
c. Bloomberg, Inc.
d. None of the above
9. The chief executive officer of Oracle defends his practice to hire private investigators
to sift through the garbage of which competitor?
a. Red Hat
b. McAfee
c. Norton
d. Microsoft
10. Cookies and key loggers are examples of ____________.
a. Viruses
b. Worms
c. Spyware
d. None of the above
11.The single greatest security risk to any organization is _________.
a. A disgruntled employee
b. Lack of a disaster recovery plan
c. Lack of antivirus software
d. Out-of-date software
12. The most obvious use of ________________involves talking to a targeted employee
and getting him to reveal sensitive data.
a. Phishing
b. Key logging
c. Social engineering
d. None of the above
13. Sending an email that claims to come from a different sender, and asking for sensitive
data is an example of ___________.
a. Phishing
b. Key logging
c. Social engineering
d. None of the above
14. Quick Stego and Invisible Secrets are two software tools that can be used for
__________.
a. Port scanning
b. Steganography
c. Key logging
d. None of the above
15. Giving personnel access to only data that they absolutely need to perform their jobs
is referred to as _________.
a. Least privileges
b. Job rotation
c. Business continuation planning
d. None of the above