MGMT 336 Final Exam Study || with A+ Guaranteed Solutions.
4 views 0 purchase
Course
MGMT 336
Institution
MGMT 336
When a computer is the subject of an attack, it is the entity being attacked correct answers False
The SDLC process may be initiated in response to specific conditions or combinations of conditions. correct answers True
An E-mail virus involves sending an e-mail message with a modified field....
MGMT 336 Final Exam Study || with A+ Guaranteed
Solutions.
When a computer is the subject of an attack, it is the entity being attacked correct answers False
The SDLC process may be initiated in response to specific conditions or combinations of
conditions. correct answers True
An E-mail virus involves sending an e-mail message with a modified field. correct answers False
n information security, salami theft occurs when an employee steals a few pieces of information
at a time, knowing that taking more would be noticed — but eventually the employee gets the
whole thing. correct answers True
A(n) ____ attack is when a hacker uses his or her personal computer to break into a system.
correct answers Direct
The ____ is a methodology for the design and implementation of an information system in an
organization. correct answers SDLC
Which of the following phases is the longest and most expensive phase of the systems
development life cycle? correct answers Maintenance and Change
A(n) project team should consist of a number of individuals who are experienced in one or
multiple facets of the technical and nontechnical areas. correct answers True
The most successful kind of top-down approach involves a formal development strategy referred
to as a(n) ____. correct answers Systems development life cycle
The primary threats to security during the early years of computers were physical theft of
equipment, espionage against the products of the systems, and sabotage. correct answers True
Information has redundancy when it is free from mistakes or errors and it has the value that the
end user expects. correct answers False
The concept of the security artesan is based on the way individuals have perceived systems
technologists since computers became commonplace. correct answers True
Part of the Logical Design phase of the SecSDLC is planning for partial or catastrophic loss.
____ dictates what steps are taken when an attack occurs. correct answers Incident Response
____ of information is the quality or state of being genuine or original. correct answers
Authenticity
,Network security focuses on the protection of the details of a particular operation or series of
activities. correct answers False
The physical design is the blueprint for the desired solution. correct answers False
A breach of possession always results in a breach of confidentiality. correct answers False
The ____ model consists of 6 general phases. correct answers Waterfall
The investigation phase of the SecSDLC begins with a directive from upper management. correct
answers True
Intellectual property is defined as "the ownership of ideas and control over the tangible or virtual
representation of those ideas." correct answers True
A worm can deposit copies of itself onto all Web servers that the infected system can write to, so
that users who subsequently visit those sites become infected. correct answers True
The macro virus infects the key operating system files located in a computer's boot sector.
correct answers False
Complete loss of power for a moment is known as a(n) ____. correct answers Fault
____ are machines that are directed remotely (usually by a transmitted command) by the attacker
to participate in an attack. correct answers Zombie
Acts of ____ can lead to unauthorized real or virtual actions that enable information gatherers to
enter premises or systems they have not been authorized to enter. correct answers Trespass
One form of online vandalism is ____ operations, which interfere with or disrupt systems to
protest the operations, policies, or actions of an organization or government agency. correct
answers Hacktivist
As frustrating as viruses and worms are, perhaps more time and money is spent on resolving
____. correct answers Hoaxes
The application of computing and network resources to try every possible combination of
options of a password is called a brute crack attack. correct answers False
Attacks conducted by scripts are usually unpredictable. correct answers False
With the theft of electronic information, the evidence of a crime is readily apparent. correct
answers False
In the well-known ____ attack, an attacker monitors (or sniffs) packets from the network,
modifies them, and inserts them back into the network. correct answers Man-in-the-middle
, A(n) cookie could allow an attacker to collect personal information about visits to Internet Web
sites. correct answers True
"4-1-9" fraud is an example of a(n) ____ attack. correct answers Social Engineering
With the removal of copyright protection, software can be easily distributed and installed. correct
answers True
Web hosting services are usually arranged with an agreement providing minimum service levels
known as a(n) ____. correct answers SLA
A timing attack involves interception and analysis of cryptographic elements to determine keys
and encryption algorithms. correct answers True
A(n) ____ is an attack in which a coordinated stream of requests is launched against a target
from many locations at the same time. correct answers Distributed denial of service
The Federal Privacy Act of 1974 regulates the government in the protection of national security.
correct answers False
The Privacy of Customer Information Section of the common carrier regulation specifies that
any proprietary information shall be used explicitly for providing services, and not for any ____
purposes. correct answers Marketing
According to the National Information Infrastructure Protection Act of 1996, the severity of
penalties for computer crimes depends on the value of the information obtained and whether the
offense is judged to have been committed for each of the following except: correct answers To
harass
Thirty-four countries have ratified the European Council Cyber-Crime Convention as of June
2004. correct answers False
____ is designed to prevent abuse of information gained by an individual working in one
company and employed by another. correct answers Economic Espionage Act
What is the subject of the Computer Security Act? correct answers Federal Agency Information
Security
The code of ethics put forth by (ISC) focuses on four mandatory canons: "Protect society, the
commonwealth, and the infrastructure; act honorably, honestly, justly, responsibly, and legally;
provide diligent and competent service to principals; and advance and protect the profession.".
correct answers True
All but which of the following acts defines and formalizes laws to counter threats from computer
related acts and offenses? correct answers Communications Act
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller FullyFocus. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.