管理信息系统英文版第7版题库chapter extension 14.docx
《管理信息系统英文版第7版题库chapter extension 14.docx》由会员分享,可在线阅读,更多相关《管理信息系统英文版第7版题库chapter extension 14.docx(19页珍藏版)》请在冰豆网上搜索。
![管理信息系统英文版第7版题库chapter extension 14.docx](https://file1.bdocx.com/fileroot1/2022-11/20/549a2c44-5996-4f0b-9fcb-ff28d7d5e5cb/549a2c44-5996-4f0b-9fcb-ff28d7d5e5cb1.gif)
管理信息系统英文版第7版题库chapterextension14
ExperiencingMIS,7e(Kroenke)
ChapterExtension14DataBreaches
1)AstudentattheMSAUniversityhackedintotheuniversity'sofficialWebsiteandstolesomeconfidentialinformationaboutthescholarshipprogram.Thisincidentisanexampleof________.
A)adatabreach
B)asynchronouscommunication
C)keyescrow
D)asequenceflow
Answer:
A
AACSB:
ReflectiveThinking
Difficulty:
2:
Moderate
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.1:
Whatisadatabreach?
Classification:
Application
2)Whichofthefollowingisadirectcostofhandlingadatabreach?
A)lossofreputation
B)abnormalcustomerturnover
C)legalfeesandconsultation
D)increasedcustomeracquisitionactivities
Answer:
C
AACSB:
InformationTechnology
Difficulty:
1:
Easy
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.1:
Whatisadatabreach?
Classification:
Concept
3)Samisahackerwhomakesmoneybystealingandsellingcreditcards.Hehastargetedtheemployeesofalocalfirmandislookingfordetailssuchasnames,addresses,datesofbirth,socialsecuritynumbers,creditcardnumbers,orhealthrecords.Inthiscase,Samislookingfor________.
A)firewallsecuritymeasures
B)businesscontinuityplans
C)malwaredefinitions
D)personallyidentifiableinformation
Answer:
D
AACSB:
ReflectiveThinking
Difficulty:
2:
Moderate
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.1:
Whatisadatabreach?
Classification:
Application
4)________referstotheprocessofplacingasmallchargeonacreditcardtoensureitisworking.
A)Hoarding
B)Carding
C)Phishing
D)Creditcardhijacking
Answer:
B
AACSB:
InformationTechnology
Difficulty:
1:
Easy
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.1:
Whatisadatabreach?
Classification:
Concept
5)Directcostsofhandlingadatabreachdonotincludepayingfordetectionofthebreach.
Answer:
FALSE
AACSB:
InformationTechnology
Difficulty:
1:
Easy
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.1:
Whatisadatabreach?
Classification:
Concept
6)AccordingtothereportsinPonemon's2014CostofDataBreachStudy,organizationsaremorelikelytoloselargeramountsofdatathansmalleramountsofdata.
Answer:
FALSE
AACSB:
InformationTechnology
Difficulty:
1:
Easy
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.1:
Whatisadatabreach?
Classification:
Concept
7)Personallyidentifiableinformationincludesaperson'sbankaccountnumbers,personalidentificationnumbers,emailaddress,andsocialsecuritynumbers.
Answer:
TRUE
AACSB:
InformationTechnology
Difficulty:
1:
Easy
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.1:
Whatisadatabreach?
Classification:
Concept
8)Stolencreditcardinformationisvalidatedthroughaprocesscalledcarding.
Answer:
TRUE
AACSB:
InformationTechnology
Difficulty:
1:
Easy
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.1:
Whatisadatabreach?
Classification:
Concept
9)Explainhowhackersuseinformationstolenfromdatabreachesforcreditcardforgery.
Answer:
Over67percentofdatabreachescomefromhackerstryingtomakemoney.Hackersareprimarilylookingforpersonallyidentifiableinformation(PII),ordatathatcanbeusedtoidentifyaperson.Thisincludesnames,addresses,datesofbirth,socialsecuritynumbers,creditcardnumbers,healthrecords,bankaccountnumbers,personalidentificationnumbers,andemailaddresses.Stoleninformationiscommonlyusedforcreditcardfraud.Stolencreditcardinformationisvalidatedthroughaprocesscalledcarding,whereasmallchargeisplacedonthecardtoensureitisworking.Validcardsarethenbundledandsoldontheblackmarket.Thepriceofstolencreditcardscanrunfrom$2to$45percard,dependingonthetypeofaccount.Stolendataiscommonlyusedforidentitytheft,extortion,andindustrialespionage.
AACSB:
InformationTechnology
Difficulty:
2:
Moderate
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.1:
Whatisadatabreach?
Classification:
Concept
10)Thefirststepinprotectingoneselffromdatabreachesis________.
A)securingcreditanddebitcarddetails
B)understandinghowtheyhappen
C)learningthetechnologiesusedfortheseactivities
D)installingnecessarysoftwaretoprotectfrompossiblebreaches
Answer:
B
AACSB:
InformationTechnology
Difficulty:
2:
Moderate
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.2:
Howdodatabreacheshappen?
Classification:
Concept
11)Bob,ahacker,encounteredavulnerabilityinabank'sfirewallwhenhewastryingtohackintoitsWebsite.WhichofthefollowingcanBobusetotakeadvantageofthisliability?
A)exploit
B)attackvector
C)carding
D)wardriver
Answer:
A
AACSB:
ReflectiveThinking
Difficulty:
2:
Moderate
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.2:
Howdodatabreacheshappen?
Classification:
Application
12)Agroupofhackersuseatargetedphishingattacktobreachacompany'sfirewallsandhackintoitssecuritysystem.Whichofthefollowingtechniqueshavethehackersused?
A)pretexting
B)IPspoofing
C)spearphishing
D)phonephishing
Answer:
C
AACSB:
InformationTechnology
Difficulty:
1:
Easy
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.2:
Howdodatabreacheshappen?
Classification:
Concept
13)AgroupofhackersdecidetostealcreditcarddetailsoftheusersofSwiftShoppingInc.,aleadinge-commercecompany.Theyinfectthesecuritysystemofthecompany'sthird-partyvendorandgainaccessintoitsinternalnetwork.TheycompromiseaninternalWindowsserverofthecompanyanduseamalwaretoextractcustomerdata.Whichofthefollowingisillustratedinthisscenario?
A)hardening
B)carding
C)pretexting
D)databreaching
Answer:
D
AACSB:
InformationTechnology
Difficulty:
2:
Moderate
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.2:
Howdodatabreacheshappen?
Classification:
Application
14)Eachtypeofdatabreachisdifferentbecausehackersarecontinuallydevelopingnewtoolsandtechniquesthatenablethemtostealmoredata.
Answer:
TRUE
AACSB:
InformationTechnology
Difficulty:
1:
Easy
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.2:
Howdodatabreacheshappen?
Classification:
Concept
15)Attackvectorsrefertothewayshackersattackatarget.
Answer:
TRUE
AACSB:
InformationTechnology
Difficulty:
1:
Easy
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.2:
Howdodatabreacheshappen?
Classification:
Concept
16)Anexploitisatypeofattackvectorusedbyhackers.
Answer:
TRUE
AACSB:
InformationTechnology
Difficulty:
1:
Easy
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.2:
Howdodatabreacheshappen?
Classification:
Concept
17)Spearphishingisusedbyorganizationstomonitortrafficpassingthroughtheirinternalnetwork.
Answer:
FALSE
AACSB:
InformationTechnology
Difficulty:
1:
Easy
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.2:
Howdodatabreacheshappen?
Classification:
Concept
18)Explainhowdatabreachoccurswithanexample.
Answer:
Hackersarecontinuallydevelopingnewtoolsandtechniquesthatenablethemtostealmoredata.Theyexperimentwithnewattackvectors,orwaysofattackingatarget.InthedatabreachthatoccurredatTargetCorporationinlate2013,attackersfirstpurchasedmalwaredesignedspecificallyfortheattackstheyplannedtocarryout.Theythenusedspearphishing,oratargetedphishingattack,toinfectaTargetthirdpartyvendor'ssystemandgatherkeystrokes,logincredentials,andscreenshotsfromthevendor'susers.TheattackersusedthisinformationtogainaccessintoTarget'sinternalnetwork.OnceinsideTarget'snetwork,theattackerscompromisedaninternalWindowsfileserver.Fromthisserver,theattackersusedmalwarenamedTrojan.POSRAMtoextractcustomerdatafrompoint-of-sale(POS)terminals.CustomerdatawascontinuouslysentfromthePOSterminalstoanextractionserverwithinTarget'snetwork.ItwasthenfunneledoutofTarget'snetworktodropserversinRussia,Brazil,andMiami.Fromthere,thedatawascollectedandsoldontheblackmarket.
AACSB:
InformationTechnology
Difficulty:
3:
Challenging
CourseLO:
Discusstheethicalandsocialissuesraisedbytheuseofinformationsystems.
LearningObj:
LO26.2:
Howdodatabreacheshappen?
Classification:
Concept
19)Stuartworksforafinancialbrokerage.Hisjobinvolveshandlingsensitiveclientinformationsuchasfinancialdetails.StuartillegallytransfersdetailsofsomeclientsfromhisofficecomputertohispersonalemailID,tomisuselater.Withreferencetothissituation,Stuartisguiltyof________.
A)exfiltrating
B)carding
C)hardening
D)pretexting
Answer:
A
AACSB:
ReflectiveThinking
Difficulty:
2:
Moderate
CourseLO:
Describ