Test Bank + Tech Guide 5 Protecting your information assets | Answer key

Tech Guide 5

Protecting your information assets

Question Type: True/False

1) As businesses improve their information security, organized crime is turning its attention to consumers.

Learning Objective: Explain why it is critical that you protect your information assets.

Section Reference: TG 5.1 Introduction

Difficulty: Easy

2) Social engineering attacks are a threat at work but typically not at home.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

3) You should ask whether your Social Security number is necessary for identification or if any combination of nine numbers and letters will do just as well.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

4) Using credit cards with your face on them will decrease your information security because clerks will look for your signature.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

5) Virtual credit cards cannot be used for in-store purchases that require a traditional plastic card.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

6) You should keep close track of your credit card billing cycles.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

7) You should use debit cards because they are directly linked to your bank account and, therefore, you cannot overspend.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

8) Your credit card company bears the liability for fraudulent charges, regardless of when you notify them.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

9) You should use a Post Office box for your personal mail.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

10) A single-cut shredder is sufficient to shred your documents at home, whereas a cross-cut (confetti) shredder is necessary at work because your work documents are more sensitive.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

11) Companies that provide proactive protection of your personal information allow customers to lock their credit files.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

12) It is possible for criminals to gain information about many people from social networking sites.

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Easy

13) It is OK to open an e-mail attachment as long as you know and trust the person who sent the e-mail.

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Easy

14) You should update your definitions before scanning your system with anti-malware software.

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Easy

15) One strategy for controlling spam is to set up multiple free e-mail accounts.

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Easy

16) It is best to use a straight-line shredder to protect your unused documents.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

17) Credit card companies bear the liability for fraudulent charges, provided that they are notified within 60 days of the theft.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

Question Type: Multiple Choice

18) A _____ offers you the option of shopping online with a disposable credit card number.

a) Credit card

b) Debit card

c) Driver’s license

d) Virtual credit card

e) Bank card

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

19) Which of the following statements is not correct?

a) You should use credit cards with your picture on them.

b) You may use virtual credit cards for additional security.

c) You should use debit cards whenever possible for additional security.

d) You cannot use virtual credit cards for in-store purchases.

e) Signatures on credit cards are often impossible to read.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Medium

20) Your liability with credit cards is typically _____, whereas your liability with debit cards is _____.

a) The amount in your bank account, your credit limit

b) Your credit limit, the amount in your bank account

c) The amount in your bank account, zero

d) Your credit limit, zero

e) Zero, the amount in your bank account

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Medium

21) Which of the following statements about companies that provide proactive protection of your information assets is not correct?

a) These companies allow their customers to lock their credit files.

b) These companies ensure that new lines of credit cannot be opened unless their clients unlock their credit files.

c) These companies operate independently of the three major credit reporting agencies.

d) Signing up with these companies means that merchants and banks must have verbal or written permission from their customers before opening new credit in their names.

e) These companies will proactively monitor their clients’ credit files at the three credit reporting agencies.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Hard

22) If your identity is stolen, what is the first thing you should do?

a) Change all of your credit cards.

b) Get a lawyer.

c) Open a file with all of your paperwork.

d) File a detailed police report.

e) Notify the three major credit-reporting agencies.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Medium

23) A(n) ___________ refers to software installed on your computer that controls communications to and from your computer by permitting or denying communications based on your security settings.

a) Proactive monitoring package

b) Anti-spyware package

c) Content-filtering package

d) Anti-malware package

e) Personal firewall

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Medium

24) Personal firewalls perform all of the following functions except:

a) They should not respond to Internet requests to ports that are not used for common Internet use.

b) They should seek out the origin of malware in an attempt to block it in the future.

c) They should alert you to suspicious behavior.

d) They should block outbound connections that you do not initiate.

e) They should tell you when a program or connection is attempting to do something that you do not want.

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Medium

25) _____ software logs keystrokes, e-mails, applications, windows, Web sites, Internet connection, passwords, chat conversations, Web cams, and screenshots.

a) Firewall

b) Anti-malware

c) Monitoring

d) Content-filtering

e) Anti-spyware

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Easy

26) Content-filtering software performs all of the following functions except:

a) Blocking access to undesirable Web sites.

b) Recording all Web sites visited.

c) Proactively monitoring computers to protect against malware attacks.

d) Recording both sides of chat conversations.

e) Enabling users to selectively filter content.

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Medium

27) Which of the following is not a reason to install proactive intrusion detection and prevention software on your computer?

a) Anti-malware software is reactive.

b) This software reduces your vulnerability to zero-day attacks.

c) Anti-malware software requires you to update malware signatures on a regular basis.

d) This software reduces your vulnerability to distributed denial-of-service attacks.

e) None of these

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Hard

28) Which of the following attacks is most closely associated with downloading and installing patches immediately?

a) Denial-of-service

b) Zero-day attacks

c) Distributed denial-of-service

d) Viruses

e) Worms

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Hard

29) Methods you should use to protect your portable devices and information include all of the following except:

a) Using two-factor authentication.

b) Making certain not to leave your portable devices in plain view in a car.

c) Keeping your portable devices in an inconspicuous container.

d) Encrypting the hard drive of your laptop.

e) All of these are legitimate protection methods.

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Medium

30) A(n) _____ is a computer to which you connect, that in turn connects to the Web site you wish to visit.

a) Proxy server

b) Internet server

c) Intermediate server

d) Backbone server

e) E-mail server

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Easy

31) A _____ cookie either originates on, or is sent to, the Web site that you are currently viewing.

a) Tracking

b) Monitoring

c) Second-party

d) Third-party

e) First-party

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Easy

32) A _____ cookie either originates on, or is sent to, a different Web site than the one you are currently viewing.

a) Tracking cookie

b) Monitoring cookie

c) Second-party cookie

d) Third-party cookie

e) First-party cookie

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Easy

33) For security in your wireless computing, you should use the _____ encryption standard, rather than the older _____ encryption standard.

a) WPA, WEP

b) WPA2, WPA

c) WEP, WPA

d) WPA2, WEP

e) WEP, WPB

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Easy

34) Which of the following is a good password?

a) Your last name

b) Your birth date

c) Your mother’s name and her birth date

d) Your driver’s license number

e) Your social security number

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

35) Your little brother came for a visit and used your laptop. You didn’t think anything of it at the time, but now your laptop is running really slow. Which of the following statements is false?

a) It can’t be a worm because your anti-malware software would have blocked it.

b) It can’t be a Trojan horse because your anti-spam software would have blocked it.

c) It can’t be your brother’s fault because he only visited Web sites, and he didn’t open any files.

d) Your brother admits to opening a joke file on his e-mail, but the file was from a good friend, so it can’t be your brother’s fault.

e) All of these statements are false.

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Medium

36) You got careless and left your laptop in a taxi back from the airport. However, you aren’t too worried about your information. Which of the following should not a reason for your attitude?

a) You back up all your files every Monday night.

b) You encrypt all of your personal information.

c) Your operating system requires a password at start-up.

d) You have trace software on your laptop.

e) You named the file that contains your list of passwords BirthdaysToRemember.

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Hard

37) _____________ is an example of a behavioral action you can take to protect your information assets.

a) Having your picture on your credit card

b) Opening e-mails only from people you know and trust

c) Running security checks

d) Installing antivirus software

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section: Behavioral Actions to Protect Your Information Assets

Difficulty: Medium

38) _____________ is an example of a behavioral action you can take to protect your information assets.

a) Don’t download files/software from web sites you don’t know or trust

b) Limit your use of debit cards

c) Never post personal information about yourself on social networking sites

d) Update your privacy settings on Facebook, Twitter, etc.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section: Behavioral Actions to Protect Your Information Assets

Difficulty: Medium

39) The first step to recover from identity theft is ____________.

a) call your credit card company

b) change all your credit cards

c) get a lawyer

d) fill out fraud affidavits for creditors

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section: Behavioral Actions to Protect Your Information Assets

Difficulty: Medium

40) _____________ is an example of a computer-based action you can take to protect your information assets.

a) Having your picture on your credit card

b) Limiting your use of debit cards

c) Knowing your credit card billing cycles

d) Installing antivirus software

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section: Behavioral Actions to Protect Your Information Assets

Difficulty: Medium

41) ________________ is an example of a computer-based action you can take to protect your information assets.

a) Never posting personal information about yourself on social networking sites

b) Frequently getting new credit card numbers

c) Not using your “snail-mail” mailbox at home

d) Shredding your documents

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section: Behavioral Actions to Protect Your Information Assets

Difficulty: Medium

42) Which of the following is a computer action you can take to prevent malware infections?

a) Install a security suite on your computer

b) Install a firewall on your computer

c) Install monitoring software on your computer

d) All of the above

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section: Behavioral Actions to Protect Your Information Assets

Difficulty: Medium

43) The worst browser to use to protect yourself from malware infections is ________.

a) Chrome

b) Firefox

c) Internet Explorer

d) Opera

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section: Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

44) Using both a token/biometric and your personal password is an example of ________.

a) Two-factor authentication

b) Two-factor authorization

c) Multi-factor authentication

d) Multi-factor authorization

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section: Behavioral Actions to Protect Your Information Assets

Difficulty: Easy

Question Type: Essay

45) Describe the functions of anti-malware software on your computer.

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Medium

46) What functions should a personal firewall provide for you?

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Medium

47) What functions should you expect from monitoring software on your computer?

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Medium

48) What functions should you expect from content-filtering software on your computer?

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Medium

49) Describe the steps you should take to protect yourself when computing wirelessly.

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Medium

50) It’s hard to remember lots of passwords, so why not use just one?

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Medium

51) Why is it so important to protect your information assets?

Learning Objective: Explain why it is critical that you protect your information assets.

Section Reference: TG 5.1 Introduction

Difficulty: Hard

52) Discuss the pros and cons of using credit cards vs. debit cards.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Hard

53) Discuss the benefits of using the services of companies that provide proactive protection of your personal information.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Hard

54) List and explain the actions you should take if your identity is stolen.

Learning Objective: Identify the various behavioral actions you can take to protect your information assets.

Section Reference: TG 5.2 Behavioral Actions to Protect Your Information Assets

Difficulty: Hard

55) Discuss the dangers of social networking Web sites.

Learning Objective: Identify the various computer-based actions you can take to protect your information assets.

Section Reference: TG 5.3 Computer-Based Actions to Protect Your Information Assets

Difficulty: Hard

Legal Notice

Copyright © 2014 by John Wiley & Sons Canada, Ltd. or related companies. All rights reserved.

The data contained in these files are protected by copyright. This manual is furnished under licence and may be used only in accordance with the terms of such licence.

The material provided herein may not be downloaded, reproduced, stored in a retrieval system, modified, made available on a network, used to create derivative works, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise without the prior written permission of John Wiley & Sons Canada, Ltd.