2010-9 - MavDISK

2010-9
True/False
Indicate whether the statement is true or false.
____ 1. “Shoulder surfing”occurs when an identity thief simply stands next to someone at a public office, such as the
Bureau of Motor Vehicles, and watches as the person fills out personal information on a form.
____ 2. Originally, a cracker was a person who enjoys computer technology and spends time learning and using
computer systems.
____ 3. Worms can create copies on the same computer or can send the copies to other computers via a network.
____ 4. Some antivirus software is capable of repairing common virus infections automatically, without interrupting
your work.
____ 5. Using a password sniffer, a criminal hacker can gain access to computers and networks to steal data and
information, invade privacy, plant viruses, and disrupt computer operations.
____ 6. Internet-based software piracy occurs whenever software is downloaded from the Internet.
____ 7. A key is a variable value that is applied using an algorithm to a string or block of unencrypted text to produce
encrypted text or to decrypt encrypted text.
____ 8. The length of the key used to encode and decode messages determines the strength of the encryption
algorithm.
____ 9. Biometrics is the most common method on the Internet for authenticating a message sender or encrypting a
message.
____ 10. PKI uses four keys to encode and decode messages.
____ 11. PKI techniques compare a person’s unique characteristics against a stored set to detect differences between
them.
____ 12. Intrusion detection systems send an alarm, often by e-mail or pager, to network security personnel when they
detect an apparent attack.
____ 13. The Sarbanes-Oxley Act is a federal law passed in December 2000 that required federally funded libraries to
use some form of prevention measure (such as Internet filters) to block access to obscene material and other
material considered harmful to minors.
____ 14. A firewall can include both hardware and software that act as a barrier between an organization’s information
system and the outside world.
____ 15. Federal law prohibits employers from monitoring e-mail sent and received by employees.
____ 16. E-mail messages that have been erased from hard disks can be retrieved and used in lawsuits because the laws
of discovery demand that companies produce all relevant business documents.
____ 17. Instead of forcing users to find and read through the privacy policy for each site they visit, P3P software in a
computer’s browser will download the privacy policy from each site, scan it, and notify the user if the policy
does not match his or her preferences.
____ 18. The Children’s Online Privacy Protection Act (COPPA) was passed by Congress in October 2002.
____ 19. There is currently no federal law that bans unsolicited fax advertisements.

____ 20. CTS involves wrist pain, a feeling of tingling and numbness, and difficulty grasping and holding objects.
Multiple Choice
Identify the choice that best completes the statement or answers the question.
____ 21. The goal of the ____ act is to require healthcare organizations to implement cost-effective procedures for
exchanging medical data.
a. PA74
b. Gramm-Leach-Bliley Financial Services Modernization
c. Sarbanes-Oxley
d. HIPAA
____ 22. ____ involves the use of one’s social skills to get computer users to provide you with information to access an
information system and/or its data.
a. Dumpster diving c. Software piracy
b. Social engineering d. Password sniffing
____ 23. Going through the trash cans of an organization to find secret or confidential information, including
information needed to access an information system and/or its data, is known as ____.
a. dumpster diving c. software piracy
b. social engineering d. phishing
____ 24. ____ are employees, disgruntled or otherwise, working solo or in concert with outsiders to compromise
corporate systems.
a. Script bunnies c. Insiders
b. Criminal hackers d. Social engineers
____ 25. A ____ is a computer program file capable of attaching to disks or other files and replicating itself repeatedly,
typically without the user’s knowledge or permission.
a. virus c. PKI
b. worm d. biometric
____ 26. ____ are parasitic computer programs that replicate but do not infect other computer program files.
a. Viruses c. Trojans
b. Worms d. Biometrics
____ 27. A ____ is a nonreplicating malicious program that disguises itself as a useful application and purposefully
does something the user does not expect.
a. virus c. Trojan horse
b. worm d. biometric
____ 28. ____ is the process of converting an original electronic message into a form that can be understood only by
the intended recipients.
a. Decryption c. Intrusion detection
b. Software piracy d. Encryption
____ 29. ____ enables users of an unsecured public network such as the Internet to securely and privately exchange
data through the use of a public and a private cryptographic key pair that is obtained and shared through a
trusted authority.
a. Public key infrastructure c. Social engineering
b. Ergonomics d. Biometrics
____ 30. ____ involves the measurement of one of a person’s traits, whether physical or behavioral.
a. Public key infrastructure c. Social engineering
b. Ergonomics d. Biometrics
____ 31. A(n) ____ monitors system and network resources and notifies network security personnel when it senses a
possible intrusion.

a. password sniffer c. Trojan horse
b. intrusion detection system d. antivirus software
____ 32. The ____ act established a Privacy Study Commission to study existing databases and to recommend rules
and legislation for consideration by Congress.
a. Sarbanes-Oxley c. Gramm-Leach-Bliley
b. PA74 d. USA Patriot
____ 33. The ____ Act was passed in 1999 and required all financial institutions to protect and secure customers’
nonpublic data from unauthorized access or use.
a. USA Patriot c. Gramm-Leach-Bliley
b. PA74 d. Sarbanes-Oxley
____ 34. The terms of the ____ Act assume that all customers approve of the financial institutions’ collecting and
storing their personal information.
a. USA Patriot c. Gramm-Leach-Bliley
b. PA74 d. Sarbanes-Oxley
____ 35. Under the ____ Act, Internet service providers and telephone companies must turn over customer
information, including numbers called, without a court order if the FBI claims that the records are relevant to
a terrorism investigation.
a. USA Patriot c. Gramm-Leach-Bliley
b. PA74 d. Sarbanes-Oxley
____ 36. ____ is the science of designing machines, products, and systems to maximize the safety, comfort, and
efficiency of the people who use them.
a. Biometrics c. Ergonomics
b. PKI d. Encryption
____ 37. ____ is a major component of ergonomics and an important feature of computer devices.
a. Encryption c. Biometrics
b. PKI d. Flexibility
____ 38. Many organizations implement ____ to measure actual results against established goals, such as percentage of
end-user reports produced on time, percentage of data input errors detected, number of input transactions
entered per eight-hour shift, and so on.
a. ergonomics c. biometrics
b. internal audits d. external audits
____ 39. The ____ Act requires public companies to implement procedures to ensure that their audit committees can
document underlying financial data to validate earnings reports.
a. Sarbanes-Oxley c. Gramm-Leach-Bliley
b. PA74 d. HIPPA
____ 40. ____ is charged with coordinating communication among experts during computer security emergencies and
helping to prevent future incidents.
a. DARPA
b. The World Wide Consortium
c. CERT
d. The Software and Information Industry Alliance
____ 41. ____ employees study Internet security vulnerabilities, handle computer security incidents, publish security
alerts, research long-term changes in networked systems, develop information and training to help
organizations improve security at their sites, and conduct an ongoing public awareness campaign.
a. DARPA c. CERT
b. Hewlett Packard d. Google
____ 42. The term ____ is used to describe software programs that, when loaded into a computer system, will destroy,
interrupt, or cause errors in processing.
a. ergonomics c. biometrics

. malware d. PKI
____ 43. The ____ virus gang conspired to infect computers with a virus which would turn each infected machine into
a zombie machine under their control.
a. m75 c. w00g
b. m23 d. m00p
____ 44. The ____ is a security service designed to locate and eliminate critical security vulnerabilities for
organizations that subscribe to this service.
a. Hewlett Packard Active Countermeasures
b. Microsoft Active Countermeasures
c. IBM Active Countermeasures
d. CERT Active Countermeasures
____ 45. ____ was the original antipiracy organization, formed and financed by many of the large software publishers.
a. CERT
b. DARPA
c. The World Wide Consortium
d. The Software and Information Industry Alliance
____ 46. ____, an international industry group whose members include Apple, Commerce One, Ericsson, and
Microsoft, is supporting the development of P3P.
a. CERT
b. DARPA
c. The World Wide Consortium
d. The Software and Information Industry Alliance
____ 47. The specific goals of ____ are to protect children from potentially harmful material, while also safeguarding
free speech on the Internet.
a. CERT
b. DARPA
c. the Internet Content Rating Association
d. the Software and Information Industry Alliance
____ 48. The purpose of the ____ act is to provide certain safeguards for people against an invasion of personal privacy
by requiring federal agencies to permit people to determine what records pertaining to them are collected,
maintained, used, or disseminated by such agencies.
a. PA74
b. HIPPA
c. Gramm-Leach-Bliley Financial Services Modernization
d. Sarbanes-Oxley
____ 49. The 1999 ____ Act requires all financial service institutions to communicate their data privacy rules and
honor customer preferences.
a. PA74
b. Gramm-Leach-Bliley Financial Services Modernization
c. HIPPA
d. Sarbanes-Oxley
____ 50. The hazardous activities associated with poorly designed work environments are collectively referred to as
____.
a. malware c. carpal tunnel syndrome
b. biometrics d. work stressors
Completion
Complete each statement.

Essay
51. A(n) ____________________ is someone who intimidates or coerces a government or organization to
advance his or her political or social objectives by launching computer-based attacks against computers,
networks, and the information stored on them.
52. ____________________ is a crime in which an imposter obtains key pieces of personal identification
information, such as Social Security or driver’s license numbers, in order to impersonate someone else.
53. A(n) ____________________ is a computer-savvy person who attempts to gain unauthorized or illegal access
to computer systems to steal passwords, corrupt files and programs, or even transfer money.
54. ____________________ are wannabe crackers with little technical savvy - crackers who download programs
called scripts - that automate the job of breaking into computers.
55. A(n) ____________________ is a type of Trojan horse that executes when specific conditions occur.
56. A(n) ____________________ is a modified version of a virus that is produced by the virus’s author or
another person who amends the original virus code.
57. ____________________ run in the background to protect your computer from dangers lurking on the Internet
and other possible sources of infected files.
58. A(n) ____________________ is a small program hidden in a network or a computer system that records
identification numbers and passwords.
59. ____________________ is the act of illegally duplicating software.
60. The ________________________________________ is a screening technology that shields users from Web
sites that don’t provide the level of privacy protection they desire.
61. ______________________________ can include tendonitis, tennis elbow, the inability to hold objects, and
sharp pain in the fingers.
62. ______________________________ is the aggravation of the pathway for nerves that travel through the
wrist.
63. The ______________________________ bill requires companies with 15 or more employees who spend at
least four hours a day working with computer screens to give 15-minute breaks every two hours.
64. ____________________ screens provide a much better viewing experience for your eyes by virtually
eliminating flicker and while still being bright without harsh incandescence.
65. Practitioners in many professions subscribe to a(n) ____________________ that states the principles and core
values that are essential to their work and thus governs their behavior.
66. Computer ____________________ involves the inappropriate use of computer technology and resources.
67. Computer-related ____________________ refer to errors, failures, and other computer problems that make
computer output incorrect or not useful, caused mostly by human error.
68. The U.S. Congress passed the ________________________________________ Act of 1998 to fight identity
theft.
69. Under the ________________________________________ Act, the Federal Trade Commission (FTC) is
assigned responsibility to help victims restore their credit and erase the impact of the imposter.
70. The ________________________________________ Act makes identity theft a federal felony punishable by
a prison term ranging from 3 to 25 years.

71. List seven types of computer-related mistakes.
72. Briefly discuss four useful policies that would allow you to minimize computer waste and mistakes.
73. What are some of the questions that you should ask during the systems review process?
74. Briefly discuss three tips that would help to prevent your computer from becoming infected by viruses and
worms.
75. What steps should be taken to aid the prevention of crime on the Internet?