MIS BPI Exam 2 CH6,7,10
Insiders - correct answer ✔legitimate users who purposely or accidentally
misuse their access to the environment and cause some kind of business-
affecting incident
Social engineering - correct answer ✔hackers use their social skills to trick
people into revealing access credentials or other valuable information
dumpster diving - correct answer ✔Looking through people's trash, another
way hackers obtain information.
Pretexting - correct answer ✔a form of social engineering in which one
individual lies to obtain confidential data about another individual
Information Security policies - correct answer ✔identify the rules required to
maintain information security, such as requiring users to log off before leaving
for lunch or meetings, never sharing passwords with anyone, and changing
passwords every 30 days
Information security plan - correct answer ✔details how an organization will
implement the information security policies
Destructive agents - correct answer ✔are malicious agents designed by
spammers and other Internet attackers to farm email addresses off websites
or deposit spyware on machines
Three Areas of information security - correct answer ✔People-authentication
and authorization
Data-prevention and resistance
, Attacks-detection and response
Identity Theft - correct answer ✔is the forging of someones identity for the
purpose of fraud
Information secrecy - correct answer ✔is the category of computer security
that addresses the protection of data from unauthorized disclosure and
confirmation of data source authenticity.
Phishing - correct answer ✔a technique to gain personal information for the
purpose of identity theft, usually by means of fraudulent e-mail
Phishing expedition - correct answer ✔is a masquerading attack that
combines spam with spoofing
Spear phishing - correct answer ✔a phishing expedition in which the emails
are carefully designed to target a particular person or organization
vishing (voice phishing) - correct answer ✔a phone scam that attempts to
defraud people by asking them to call a bogus telephone number to confirm
their account information
Pharming - correct answer ✔Reroutes requests for legitimate websites to
false websites
Zombie - correct answer ✔a program that secretly takes over another
computer for the purpose of launching attacks on other computers
Zombie farm - correct answer ✔a group of computers on which a hacker has
planted zombie programs
Insiders - correct answer ✔legitimate users who purposely or accidentally
misuse their access to the environment and cause some kind of business-
affecting incident
Social engineering - correct answer ✔hackers use their social skills to trick
people into revealing access credentials or other valuable information
dumpster diving - correct answer ✔Looking through people's trash, another
way hackers obtain information.
Pretexting - correct answer ✔a form of social engineering in which one
individual lies to obtain confidential data about another individual
Information Security policies - correct answer ✔identify the rules required to
maintain information security, such as requiring users to log off before leaving
for lunch or meetings, never sharing passwords with anyone, and changing
passwords every 30 days
Information security plan - correct answer ✔details how an organization will
implement the information security policies
Destructive agents - correct answer ✔are malicious agents designed by
spammers and other Internet attackers to farm email addresses off websites
or deposit spyware on machines
Three Areas of information security - correct answer ✔People-authentication
and authorization
Data-prevention and resistance
, Attacks-detection and response
Identity Theft - correct answer ✔is the forging of someones identity for the
purpose of fraud
Information secrecy - correct answer ✔is the category of computer security
that addresses the protection of data from unauthorized disclosure and
confirmation of data source authenticity.
Phishing - correct answer ✔a technique to gain personal information for the
purpose of identity theft, usually by means of fraudulent e-mail
Phishing expedition - correct answer ✔is a masquerading attack that
combines spam with spoofing
Spear phishing - correct answer ✔a phishing expedition in which the emails
are carefully designed to target a particular person or organization
vishing (voice phishing) - correct answer ✔a phone scam that attempts to
defraud people by asking them to call a bogus telephone number to confirm
their account information
Pharming - correct answer ✔Reroutes requests for legitimate websites to
false websites
Zombie - correct answer ✔a program that secretly takes over another
computer for the purpose of launching attacks on other computers
Zombie farm - correct answer ✔a group of computers on which a hacker has
planted zombie programs
