FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 6: Information Systems Security

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 51

True/False

Review LaterAdd Note

Review Later

Using the qualitative approach to risk assessment,each loss exposure is computed as the product of the cost of an individual loss times the likelihood of its occurrence.

Correct Answer

verified

Show Answer

Question 52

True/False

Review LaterAdd Note

Review Later

The objective of the first phase of the security system life cycle is to design risk control measures such as various security measures and contingency plans.

Correct Answer

verified

Show Answer

Question 53

True/False

Review LaterAdd Note

Direct observation includes shoulder surfing and dumpster diving.

The primary way to prevent active threats concerning fraud and sabotage is to implement successive layers of access controls.The second step behind the layered approach to access control is to

Information security management system is part of the larger ________ risk management process.

A serious business problem today is the theft of data.

Business continuity planning and disaster recovery,in general,mean the same thing.

Passive threats include information systems fraud and computer sabotage.

Malware can be hidden in email,downloaded software,disk or Web browser.

Fault tolerance can be applied at any of three levels: input,processing,or output.

The three objectives of information security are ________,________,and ________.

________ ________ involves manipulating victims in order to trick them into divulging privileged information.

One Internet security problem arises from configuration problems in the area of configuring permissions for directories.This is an example of

Discuss the information security system life cycle.

The ________ makes it a federal crime,with a mandatory prison sentence,to pretext any kind of information that relates to a relationship between a consumer and a financial institution.

In computer environments,________ control is especially important as there is often a tendency to either overspend or spend on the wrong things.

The method used in most cases of computer fraud is

In most organizations,accounting,computing,and data processing are all organized under the controller.

Using cloud-based services and data storage is referred to as cloud computing.

Social engineering is a form of manipulation of people in order to trick them into divulging privileged information.