搜索
1Copyright©2012PearsonEducation,Inc.ManagementInformationSystems,12e(Laudon)Chapter8SecuringInformationSystems1)Inadditiontoe-mail,instantmessagesandP2Pfile-sharingcanalsoposesecuritythreatstocomputersystemsandnetworks.Answer:TRUEDiff:1PageRef:294AACSB:UseofITCASE:ComprehensionObjective:8.12)ComputersusingcablemodemstoconnecttotheInternetaremoreopentopenetrationthanthoseconnectingviadial-up.Answer:TRUEDiff:2PageRef:294AACSB:UseofITCASE:ComprehensionObjective:8.13)Wirelessnetworksarevulnerabletopenetrationbecauseradiofrequencybandsareeasytoscan.Answer:TRUEDiff:2PageRef:295AACSB:UseofITCASE:ComprehensionObjective:8.14)TherangeofWi-Finetworkscanbeextendeduptotwomilesbyusingexternalantennae.Answer:FALSEDiff:3PageRef:295AACSB:UseofITCASE:ComprehensionObjective:8.15)TheWEPspecificationcallsforanaccesspointanditsuserstosharethesame40-bitencryptedpassword.Answer:TRUEDiff:3PageRef:296AACSB:UseofITCASE:ComprehensionObjective:8.12Copyright©2012PearsonEducation,Inc.6)Virusescanbespreadthroughe-mail.Answer:TRUEDiff:1PageRef:296AACSB:ReflectiveThinkingCASE:ComprehensionObjective:8.17)Computerwormsspreadmuchmorerapidlythancomputerviruses.Answer:TRUEDiff:2PageRef:296AACSB:ReflectiveThinkingCASE:ComprehensionObjective:8.18)Oneformofspoofinginvolvesforgingthereturnaddressonane-mailsothatthee-mailmessageappearstocomefromsomeoneotherthanthesender.Answer:TRUEDiff:2PageRef:299AACSB:ReflectiveThinkingCASE:ComprehensionObjective:8.19)Sniffersenablehackerstostealproprietaryinformationfromanywhereonanetwork,includinge-mailmessages,companyfiles,andconfidentialreports.Answer:TRUEDiff:2PageRef:299AACSB:ReflectiveThinkingCASE:ComprehensionObjective:8.210)DoSattacksareusedtodestroyinformationandaccessrestrictedareasofacompany’sinformationsystem.Answer:FALSEDiff:2PageRef:299AACSB:UseofITCASE:ComprehensionObjective:8.211)DoSattacksareoneofthemosteconomicallydamagingkindsofcomputercrime.Answer:TRUEDiff:3PageRef:300-301AACSB:UseofITCASE:ComprehensionObjective:8.23Copyright©2012PearsonEducation,Inc.12)Zerodefectscannotbeachievedinlargersoftwareprogramsbecausefullytestingprogramsthatcontainthousandsofchoicesandmillionsofpathswouldrequirethousandsofyears.Answer:TRUEDiff:2PageRef:303AACSB:UseofITCASE:ComprehensionObjective:8.213)Anacceptableusepolicydefinestheacceptablelevelofaccesstoinformationassetsfordifferentusers.Answer:FALSEDiff:2PageRef:310AACSB:UseofITCASE:ComprehensionObjective:8.314)Biometricauthenticationistheuseofphysicalcharacteristicssuchasretinalimagestoprovideidentification.Answer:TRUEDiff:1PageRef:313AACSB:ReflectiveThinkingCASE:ComprehensionObjective:8.415)Packetfilteringcatchesmosttypesofnetworkattacks.Answer:FALSEDiff:2PageRef:315AACSB:UseofITCASE:ComprehensionObjective:8.416)NATconcealstheIPaddressesoftheorganization’sinternalhostcomputerstodetersnifferprograms.Answer:TRUEDiff:2PageRef:315AACSB:UseofITCASE:ComprehensionObjective:8.417)SSLisaprotocolusedtoestablishasecureconnectionbetweentwocomputers.Answer:TRUEDiff:2PageRef:317AACSB:UseofITCASE:ComprehensionObjective:8.44Copyright©2012PearsonEducation,Inc.18)Publickeyencryptionusestwokeys.Answer:TRUEDiff:2PageRef:3127AACSB:ReflectiveThinkingCASE:ComprehensionObjective:8.419)High-availabilitycomputingisalsoreferredtoasfaulttolerance.Answer:FALSEDiff:2PageRef:319AACSB:UseofITCASE:ComprehensionObjective:8.220)Bothsoftwaremetricsandsoftwaretestingaretechniquesusedtoimprovesoftwarequality.Answer:TRUEDiff:2PageRef:320AACSB:UseofITCASE:ComprehensionObjective:8.421)________referstopolicies,procedures,andtechnicalmeasuresusedtopreventunauthorizedaccess,alternation,theft,orphysicaldamagetoinformationsystems.A)SecurityB)ControlsC)BenchmarkingD)AlgorithmsAnswer:ADiff:2PageRef:293AACSB:UseofITCASE:ComprehensionObjective:8.322)________referstoallofthemethods,policies,andorganizationalproceduresthatensurethesafetyoftheorganization'sassets,theaccuracyandreliabilityofitsaccountingrecords,andoperationaladherencetomanagementstandards.A)LegacysystemsB)SSIDstandardsC)VulnerabilitiesD)ControlsAnswer:DDiff:2PageRef:293AACSB:UseofITCASE:ComprehensionObjective:8.35Copyright©2012PearsonEducation,Inc.23)Whichofthefollowingdoesnotposeasecuritythreattowirelessnetworks?A)broadcastedSSIDsB)scannabilityofradiofrequencybandsC)SQLinjectionattacksD)geographicrangeofwirelesssignalsAnswer:CDiff:1PageRef:295-296AACSB:AnalyticSkillsCASE:EvaluationintermsofassessObjective:8.124)Electronicdataaremoresusceptibletodestruction,fraud,error,andmisusebecauseinformationsystemsconcentratedataincomputerfilesthatA)areusuallyboundupinlegacysystemsthataredifficulttoaccessanddifficulttocorrectincaseoferror.B)arenotsecurebecausethetechnologytosecurethemdidnotexistatthetimethefileswerecreated.C)havethepotentialtobeaccessedbylargenumbersofpeopleandbygroupsoutsideoftheorganization.D)arefrequentlyavailableontheInternet.Answer:CDiff:2PageRef:293-294AACSB:AnalyticSkillsCASE:AnalysisintermsofcompareObjective:8.125)Unauthorizedaccessisasecuritychallengethatismostlikelytooccurinwhichofthefollowingpointsofacorporatenetwork?A)clientcompute