Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
30 Cards in this Set
- Front
- Back
|
An individual or organization faced with an ethical decision is basically considering whether to break the law. True or False |
False
|
|
|
A code of ethics is a collection of principles that are intended to guide decision making by members of the organization. True of False |
True |
|
|
Most electronic surveillance of employees is illegal. True or False |
|
|
|
Privacy is the right to be left alone and to be free of unreasonable personal intrusions. True or False |
True |
|
|
The opt-out model of informed consent allows a company to collect personal information until the customer specifically requests otherwise. True or False |
True |
|
|
The computing skills necessary to be a hacker are decreasing. True or False |
True |
|
|
Human errors cause more than half of the security-related problems in many organizations True or False |
True |
|
|
Software cannot be copyrighted. True or False |
False |
|
|
Trojan horses are software programs that hide in other computer programs and reveal their designed behaviour only when they are activated. True or False |
True |
|
|
A VPN is a network within the organization. True or False |
False |
|
|
The _____________ ethical standard states than an ethical action is the one that provides the most good or does the least harm. A. Well-being b. Utilitarian c. Common Good d. Rights e. Fairness |
b. Utilitarian |
|
|
_____________________ means that you accept the consequences of your decisions and actions a. Due process b. Accountability c. Due diligence d. Responsibility e. Liability |
d. Responsibility |
|
|
___________ issues involve collecting, storing, and disseminating information about individuals. a. Privacy b. Accessibility c. Transferability d. Accuracy e. Property |
a. Privacy |
|
|
___________issues involve the authenticity and fidelity of information that is collected and processed. a. Accuracy b. Transferability c. Property d. Privacy e. Accessibility |
a. Accuracy |
|
|
___________________ determines who is responsible for the actions taken. a. Liability b. Transferability c. Accountability d. Responsibility e. Privacy |
c. Accountability |
|
|
____________________ is a legal concept that gives individuals the right to recover the damages done to them by other individuals, organizations, or systems. a. Transferability b. Responsibility c. Liability d. Accountability e. Privacy |
c. Liability |
|
|
Which of the following statements is correct? a. Determining and enforcing privacy regulations can be difficult. b. The internet has increased individuals' privacy. c. An individual's right to privacy supersedes the needs of society. d. Advances in information technologies have not affected individual privacy. e. An individual's right to privacy is absolute. |
a. Determining and enforcing privacy regulations can be difficult. |
|
|
_________________ is the tracking of people's activities, online or offline, with the aid of computers a. Data aggregation b. Computer spying c. Electronic surveillance d. Profiling e. Phising |
c. Electronic surveillance |
|
|
Which of the following statements is not correct? a. Employees should be aware that surveillance is legal. b. As with normal first-class mail, employers cannot read employee e-mail. c. The large majority of organizations monitor employee internet usage. d. Employees have limited protection against surveillance by employers. e. The large majority of organizations use URL filtering. |
b. As with normal first-class mail, employers cannot read employee e-mail. |
|
|
Which of the following factors is not increasing the threats to information security? a. The Internet b. Limited storage capacity on portable devices c. Smaller computing devices d. Downstream liability e. Due diligence |
b. Limited storage capacity on portable devices |
|
|
An information system's ____________ is the possibility that the system wil be harmed by a threat. a. compromise b. danger c. risk d. vulnerability e. control |
d. vulnerability |
|
|
Employees in which functional areas of the organization pose particularly grave threats to information security? a. Operational management, management information systems b. Human resources, finance c. Finance, management information systems d. Finance, marketing e. Human resources, information systems |
e. Human resources, information systems |
|
|
Unintentional threats to information systems include all of the following except: a. Power outage b. Lack of user experience c. Tailgating d. Tornados or hurricanes e. Malicious software |
e. Malicious software |
|
|
__________________ involves building an inappropriate trust relationship with employees for the purpose of gaining sensitive information or unauthorized access privileges. a. Spoofing b. Tailgating c. Social engineering d. Spamming e. Hacking |
c. Social engineering |
|
|
A ____________ is intellectual work that is known only to a company and is not based on public information. a. knowledge base b. private property c. copyright d. patent e. trade secret |
e. trade secret |
|
|
A ____________ is a document that grants the holder exclusive rights on an invention for 20 years. a. private property notice b. copyright c. trade secret d. patent e. knowledge base |
d. patent |
|
|
An organization's email policy has the least impact on which of the following software attacks? a. Phishing b. Denial-of-Service attack c. Virus d. Worm e. Spear phishing |
b. Denial-of-Service attack |
|
|
A ____________ attack uses deception to fraudulently acquire sensitive personal information by masquerading as an official e-mail. a. Virus b. Brute force dictionary c. Distributed denial-of-service d. Denial-of-service e. Phishing |
e. Phishing |
|
|
In a ___________ attack, a coordinated stream of requests is launched against a target system from many compromised computers at the same time. a. virus b. phishing c. distributed denial-of-service d. worm e. back door |
c. distributed denial-of-service |
|
|
__________ is the process in which an organization assesses the value of each asset being protected, estimates the probability that it will be compromised, and compares the probable costs of an attack with the costs of protecting the asset. a. Risk management b. Risk assessment c. Risk analysis d. Risk mitigation e. Risk transference |
c. Risk analysis |
