Chat with us, powered by LiveChat Review Questions - Essayabode
Register

13 Mar Review Questions

Posted at 08:41h in General Questions by

Chapter 2:

1. Why is information security a management problem? What can management do that

technology cannot?

2. Why is data the most important asset an organization possesses? What other assets in

the organization require protection?

3. Which management groups are responsible for implementing information security to

protect the organization’s ability to function?

4. Has the implementation of networking technology created more or less risk for businesses that use information technology? Why?

5. What is information extortion? Describe how such an attack can cause losses, using an

example not found in the text.

6. Why are employees one of the greatest threats to information security?

7. How can you protect against shoulder surfing?

8. How has the perception of the hacker changed over recent years? What is the profile of

a hacker today?

9. What is the difference between a skilled hacker and an unskilled hacker, other than

skill levels? How does the protection against each differ?

10. What are the various types of malware? How do worms differ from viruses? Do Trojan

horses carry viruses or worms?

11. Why does polymorphism cause greater concern than traditional malware? How does it

affect detection?

12. What is the most common violation of intellectual property? How does an organization

protect against it? What agencies fight it?

13. What are the various forces of nature? Which type might be of greatest concern to an

organization in Las Vegas? Jakarta? Oklahoma City? Amsterdam? Miami? Tokyo?

14. How is technological obsolescence a threat to information security? How can an organization protect against it?

15. Does the intellectual property owned by an organization usually have value? If so, how

can attackers threaten that value?

16. What are the types of password attacks? What can a systems administrator do to protect against them?

17. What is the difference between a denial-of-service attack and a distributed denialof-service attack? Which is more dangerous? Why?

18. For a sniffer attack to succeed, what must the attacker do? How can an attacker gain

access to a network to use the sniffer system?

19. What methods does a social engineering hacker use to gain information about a user’s

login ID and password? How would this method differ if it targeted an administrator’s

assistant versus a data-entry clerk?

20. What is a buffer overflow, and how is it used against a Web server?

 

 

Chapter 3:

Review Questions

1. What is the difference between law and ethics?

2. What is civil law, and what does it accomplish?

3. What are the primary examples of public law?

4. Which law amended the Computer Fraud and Abuse Act of 1986, and what did it change?

5. Which law was created specifically to deal with encryption policy in the United States?

6. What is privacy in an information security context?

7. What is another name for the Kennedy-Kassebaum Act (1996), and why is it important

to organizations that are not in the healthcare industry?

8. If you work for a financial services organization such as a bank or credit union, which

1999 law affects your use of customer data? What other effects does it have?

9. What is the primary purpose of the USA PATRIOT Act and how has it been revised

since its original passage?

10. What is PCI DSS and why is it important for information security?

11. What is intellectual property (IP)? Is it afforded the same protection in every country of

the world? What laws currently protect IP in the United States and Europe?

12. How does the Sarbanes-Oxley Act of 2002 affect information security managers?

13. What is due care? Why should an organization make sure to exercise due care in its

usual course of operations?

14. How is due diligence different from due care? Why are both important?

15. What is a policy? How is it different from a law?

16. What are the three general categories of unethical and illegal behavior?

17. What is the best method for preventing an illegal or unethical activity?

18. Of the information security organizations listed in this chapter that have codes of

ethics, which has been established for the longest time? When was it founded?

19. Of the organizations listed in this chapter that have codes of ethics, which is focused on

auditing and control?

 

20. How do people from varying ethnic backgrounds differ in their views of computer ethics?

Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.

Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.

Do you need an answer to this or any other questions?