Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
C) application proxy filtering
D) packet filtering
67) Which of the following is the greatest threat that employees pose to an organization's
information systems?
A) forgetting passwords
B) lack of knowledge
C) entering faulty data
D) introducing software errors
68) Currently, the protocols used for secure information transfer over the Internet are
A) TCP/IP and SSL.
B) S-HTTP and CA.
C) HTTP and TCP/IP.
D) SSL, TLS, and S-HTTP.
69) Most antivirus software is effective against
A) only those viruses active on the Internet and through e-mail.
B) any virus.
C) any virus except those in wireless communications applications.
D) only those viruses already known when the software is written.
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
70) In which method of encryption is a single encryption key sent to the receiver so both sender
and receiver share the same key?
A) SSL
B) symmetric key encryption
C) public key encryption
D) private key encryption
71) A digital certificate system
A) uses third-party CAs to validate a user's identity.
B) uses digital signatures to validate a user's identity.
C) uses tokens to validate a user's identity.
D) is used primarily by individuals for personal correspondence.
72) Downtime refers to periods of time in which a
A) computer system is malfunctioning.
B) computer system is not operational.
C) company or organization is not operational.
D) computer is not online.
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
73) For 100% availability, online transaction processing requires
A) high-capacity storage.
B) a multi-tier server network.
C) fault-tolerant computer systems.
D) dedicated phone lines.
74) In controlling network traffic to minimize slow-downs, a technology called ________ is
used to examine data files and sort low-priority data from high-priority data.
A) high availability computing
B) deep-packet inspection
C) application proxy filtering
D) stateful inspection
75) The development and use of methods to make computer systems resume their activities
more quickly after mishaps is called
A) high availability computing.
B) recovery oriented computing.
C) fault tolerant computing.
D) disaster recovery planning.
76) Smaller firms may outsource some or many security functions to
A) ISPs.
B) MISs.
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
C) MSSPs.
D) CAs.
77) A ___________________________ is an individual who intends to gain unauthorized
access to a computer system.
A) hacker
B) cracker
C) fracker
D) jacker
78) A ___________________________ is typically used to denote a hacker with criminal intent.
A) hacker
B) cracker
C) fracker
D) jacker
79) A ___________________________ is typically used to denote a hacker with criminal
intent.
A) Software controls
B) Hardware controls
C) Computer operations controls
D) Data security controls
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
80) ___________________________ ensure that computer hardware is physically secure and
check for equipment malfunction.
A) Software controls
B) Hardware controls
C) Computer operations controls
D) Data security controls
81) ___________________________ oversee the work of the computer department to ensure
that programmed procedures are consistently and correctly applied to the storage and
processing of data.
A) Software controls
B) Hardware controls
C) Computer operations controls
D) Data security controls
82) ___________________________ ensure that valuable business data files on either disk or
tape are not subject to unauthorized access, change, or destruction while they are in use or
in storage.
A) Software controls
B) Hardware controls
C) Computer operations controls
D) Data security controls
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
83) ___________________________ devises plans for the restoration of computing and
communications services after they have been disrupted
A) Disaster recovery planning
B) Business continuity planning
C) MIS audit
D) Risk assessment
84) ___________________________ focuses on how the company can restore business
operations after a disaster strikes.
A) Disaster recovery planning
B) Business continuity planning
C) MIS audit
D) Risk assessment
85) An ___________________________ examines the firm’s overall security environment as
well as controls governing individual information systems.
A) Disaster recovery planning
B) Business continuity planning
C) MIS audit
D) Risk assessment
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
86) A practice in which eavesdroppers drive by buildings or park outside and try to intercept
wireless network traffic is referred to as ________.
87) Malicious software programs referred to as ________ include a variety of threats such as
computer viruses, worms, and Trojan horses.
88) ________ is a crime in which an imposter obtains key pieces of personal information to
impersonate someone else.
89) ________ is the scientific collection, examination, authentication, preservation, and analysis
of data held on or retrieved from computer storage media in such a way that the information
can be used as evidence in a court of law.
90) The intentional disruption of a Web site or information system is called ________.
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
Objective: 8.1
91) A(n) ________ examines the firm's overall security environment as well as the controls
governing individual information systems.
92) ________ refers to the ability to know that a person is who he or she claims to be.
93) Comprehensive security management products, with tools for firewalls, VPNs, intrusion
detection systems, and more, are called ________ systems.
94) PKI is the use of public key cryptography working with a(n) ________.
95) When errors are discovered in software programs, the sources of the errors are found and
eliminated through a process called ________.
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
96) __________________________ refers to the policies, procedures, and technical measures
used to prevent unauthorized access, alteration, theft, or physical damage to information
systems
97) __________________________ are independent computer programs that copy themselves
from one computer to other computers over a network.
98) A _________________________is a software program that appears to be benign but then
does something other than expected.
99) A ____________________ is an individual who intends to gain unauthorized access to a
computer system.
100) In a _______________________________ attack hackers flood a network server or Web
server with many thousands of false communications or requests for services to crash the
network.
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
101) ____________________ govern the design, security, and use of computer programs and the
security of data files in general throughout the organization’s information technology
infrastructure.
102) ____________________ monitor the use of system software and prevent unauthorized
access of software programs, system software, and computer programs.
103) ____________________ ensure that computer hardware is physically secure and check for
equipment malfunction.
104) ____________________ oversee the work of the computer department to ensure that
programmed procedures are consistently and correctly applied to the storage and processing
of data.
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
105) Discuss the issue of security challenges on the Internet as that issue applies to a global
enterprise. List at least five Internet security challenges.
106) How can a firm's security policies contribute and relate to the six main business objectives?
Give examples.
107) Three major concerns of system builders and users are disaster, security, and human error.
Of the three, which do you think is most difficult to deal with? Why?
108) What are the security challenges faced by wireless networks?
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
109) Why is software quality important to security? What specific steps can an organization take
to ensure software quality?
110) Hackers and their companion viruses are an increasing problem, especially on the Internet.
What are the most important measurers for a firm to take to protect itself from this? Is full
protection feasible? Why or why not?
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
111) You have just been hired as a security consultant by MegaMalls Inc., a national chain of
retail malls, to make sure that the security of their information systems is up to par. Outline
the steps you will take to achieve this.
112) What is a digital certificate? How does it work?
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
113) Define a fault-tolerant computer system and a high-availability computer system. How do
they differ? When would each be used?
114) How is the security of a firm's information system and data affected by its people,
organization, and technology? Is the contribution of one of these dimensions any more
important than the other? Why?
Laudon/Laudon/Brabston, Management Information Systems, Seventh Canadian Edition
