Type
Quiz
Book Title
Computer Security Fundamentals (Pearson IT Cybersecurity Curriculum (ITCC)) 3rd Edition
ISBN 13
978-0789757463

978-0789757463 Chapter 7

February 27, 2021
True / False
1. Microsoft Windows includes BitLocker in some editions, so entire hard drives can be
encrypted.
2. Employees with access to any sensitive information should be asked to sign
nondisclosure agreements.
3. The Patriot Act was the first U.S. law to criminalize theft of commercial trade secrets.
4. Crafting email and websites to specifically target certain victims is called dive
bombing.
5. A key logger can be hardware-based of software-based.
6. Funcrypt is a free tool that can be used to encrypt drives, folders, or partitions.
7. Hiding a message in images is an example of stenography.
8. Sending a forged email asking for sensitive data is an example of steganography.
9. VI (value of information) = C (cost to produce) + VG (value gained).
10. Industrial espionage is the use of spying techniques to find out key information that is
of economic value.
Multiple Choice
1. ______________ is the use of spying techniques to find out key information that is of
economic value.
a. Industrial espionage
b. Scanning
c. Electronic monitoring
d. None of the above
2. Which of the following is NOT an example of industrial espionage?
a. Details on a competitor’s new project
b. A list of a competitor’s clients
c. Denial-of-service attack
d. None of the above
3. For security reasons, when an employee leaves a company, you should conduct a(n)
________ interview.
a. Security
b. Exit
c. Employment
d. Scanning
4. VI (value of information) = C (cost to produce) + ___________.
a. MU (markup)
b. GM (gross margin)
c. VG (value gained)
d. VL (value lost)
Answer C.
5. Data stored in computer systems has a high value because there is a great deal of time
and effort that goes into creating an analyzing it and ________________.
a. Data often has intrinsic value.
b. Data is an asset that appreciates.
c. Data lasts forever.
d. None of the above.
6. The process to list assets that you believe support your organization is called
________.
a. Business planning
b. Asset identification
c. Making a balance sheet
d. Organizational charting
7. The company whose chief executive officer was indicted for copyright infringement
of allegedly stealing technology from D-Link, which was one of its own customers, was
_________.
a. General Motors
b. Interactive Television Technologies, Inc.
c. Bloomberg, Inc.
d. None of the above
8. The company involved in an attack by Oleg Zezev from Kazahkstan, in which Zezev
accessed computer data and copied personal information for purposes of blackmail was
______.
a. General Motors
b. Interactive Television Technologies, Inc.
c. Bloomberg, Inc.
d. None of the above
9. The chief executive officer of Oracle defends his practice to hire private investigators
to sift through the garbage of which competitor?
a. Red Hat
b. McAfee
c. Norton
d. Microsoft
10. Cookies and key loggers are examples of ____________.
a. Viruses
b. Worms
c. Spyware
d. None of the above
11.The single greatest security risk to any organization is _________.
a. A disgruntled employee
b. Lack of a disaster recovery plan
c. Lack of antivirus software
d. Out-of-date software
12. The most obvious use of ________________involves talking to a targeted employee
and getting him to reveal sensitive data.
a. Phishing
b. Key logging
c. Social engineering
d. None of the above
13. Sending an email that claims to come from a different sender, and asking for sensitive
data is an example of ___________.
a. Phishing
b. Key logging
c. Social engineering
d. None of the above
14. Quick Stego and Invisible Secrets are two software tools that can be used for
__________.
a. Port scanning
b. Steganography
c. Key logging
d. None of the above
15. Giving personnel access to only data that they absolutely need to perform their jobs
is referred to as _________.
a. Least privileges
b. Job rotation
c. Business continuation planning
d. None of the above
1. ______________ is the use of spying techniques to find out key information that is of economic value. a. industrial espionage b. scanning c. electronic monitoring d. none of the above answer a. scanning and electronic monitoring are two examples of industrial espionage. 2. which of the following is not an example of industrial espionage? a. details on a competitor’s new project b. a list of a competitor’s clients c. denial-of-service attack d. none of the above answer c. 3. for security reasons, when an employee leaves a company, you should conduct a(n) ________ interview. a. security b. exit c. employment d. scanning answer b. you should also consider limiting an employee’s access to data prior to terminating his employment. 4. vi (value of information) = c (cost to produce) + ___________. a. mu (markup) b. gm (gross margin) c. vg (value gained) d. vl (value lost) answer c. 5. data stored in computer systems has a high value because there is a great deal of time and effort that goes into creating an analyzing it and ________________. a. data often has intrinsic value. b. data is an asset that appreciates. c. data lasts forever. d. none of the above. answer a. for example, data might provide a competitive edge. 6. the process to list assets that you believe support your organization is called ________. a. business planning b. asset identification c. making a balance sheet d. organizational charting answer b. the cert website offers a worksheet that you can use to itemize the assets in your organization. 9. the chief executive officer of oracle defends his practice to hire private investigators to sift through the garbage of which competitor? a. red hat b. mcafee c. norton d. microsoft answer d. 10. cookies and key loggers are examples of ____________. a. viruses b. worms c. spyware d. none of the above answer c. 11.the single greatest security risk to any organization is _________. a. a disgruntled employee b. lack of a disaster recovery plan c. lack of antivirus software d. out-of-date software answer a. 12. the most obvious use of ________________involves talking to a targeted employee and getting him to reveal sensitive data. a. phishing b. key logging c. social engineering d. none of the above answer c. 13. sending an email that claims to come from a different sender, and asking for sensitive data is an example of ___________. a. phishing b. key logging c. social engineering d. none of the above answer c. in large organizations, you cannot know every member, and it might be easy to forge and email. 14. quick stego and invisible secrets are two software tools that can be used for __________. a. port scanning b. steganography c. key logging d. none of the above answer b. 15. giving personnel access to only data that they absolutely need to perform their jobs is referred to as _________. a. least privileges b. job rotation c. business continuation planning d. none of the above answer a. employees are given minimum privileges necessary to perform their job tasks.