IS chapter 8

Smartphones have the same security flaws as other Internet-connected devices.
True
In 2013, the security firm McAfee identified approximately 35,000 kinds of mobile malware.
True
Viruses can be spread through e-mail.
True
The term cracker is used to identify a hacker whose specialty is breaking open security systems.
False
To secure mobile devices, a company will need to implement special mobile device management software.
True
Wireless networks are vulnerable to penetration because radio frequency bands are easy to scan.
True
Computer worms spread much more rapidly than computer viruses.
True
One form of spoofing involves forging the return address on an e-mail so that the e-mail message appears to come from someone other than the sender.
True
Sniffers enable hackers to steal proprietary information from anywhere on a network, including e-mail messages, company files, and confidential reports.
True
DoS attacks are used to destroy information and access restricted areas of a company’s information system.
False
The distributed nature of cloud computing makes it somewhat easier to track unauthorized access.
False
Zero defects cannot be achieved in larger software programs because fully testing programs that contain thousands of choices and millions of paths would require thousands of years.
True
An acceptable use policy defines the acceptable level of access to information assets for different users.
false
Biometric authentication is the use of physical characteristics such as retinal images to provide identification.
True
Packet filtering catches most types of network attacks.
False
NAT conceals the IP addresses of the organization’s internal host computers to deter sniffer programs.
True
SSL is a protocol used to establish a secure connection between two computers.
True
Public key encryption uses two keys.
True
Over 70 percent of malware today is aimed at small businesses.
False
Smartphones typically feature state-of-the-art encryption and security features, making them highly secure tools for businesses.
False
________ refers to policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems.
Security
) ________ refers to all of the methods, policies, and organizational procedures that ensure the safety of the organization’s assets, the accuracy and reliability of its accounting records, and operational adherence to management standards.
Controls
Large amounts of data stored in electronic form are ________ than the same data in manual form.
vulnerable to many more kinds of threats
Electronic data are more susceptible to destruction, fraud, error, and misuse because information systems concentrate data in computer files that:
may be accessible by anyone who has access to the same network.
Specific security challenges that threaten the communications lines in a client/server environment include:
tapping; sniffing; message alteration; radiation.
Specific security challenges that threaten clients in a client/server environment include:
unauthorized access; errors; spyware.
Specific security challenges that threaten corporate servers in a client/server environment include:
hacking; vandalism; denial of service attacks.
The Internet poses specific security problems because:
it was designed to be easily accessible.
Which of the following statements about the Internet security is not true?
VoIP is more secure than the switched voice network.
An independent computer program that copies itself from one computer to another over a network is called a:
worm