Module 05: Protecting Information Resources
RATIONALE: Correct. A denial-of-service (DoS) attack floods a network or server with service requests
to prevent legitimate users’ access to the system. It can be thought of as 5,000 people
surrounding a store and blocking customers who want to enter; the store is open, but it
cannot provide service to legitimate customers. See 5-3: Security Threats: An Overview
POINTS: 1
DIFFICULTY: Easy
REFERENCES: Identify the nine most common intentional security threats.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.4
TOPICS: Security risks and threats
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
51. In the context of security, is an attack that takes advantage of the human element of security systems.
a. disk mirroring
b. weblogging
c. voice recognition
d. social engineering
ANSWER: d
RATIONALE: Correct. In the context of security, social engineering means using “people skills”-such as
being a good listener and assuming a friendly, unthreatening air-to trick others into
revealing private information. Social engineering attacks take advantage of the human
element of security systems. See 5-3: Security Threats: An Overview
POINTS: 1
DIFFICULTY: Easy
REFERENCES: Identify the nine most common intentional security threats.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.4
TOPICS: Security risks and threats
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
52. Which of the following is a biometric security measure?
a. Terminal resource security
b. A corner bolt
c. A callback modem
d. Signature analysis
ANSWER: d
RATIONALE: Correct. Signature analysis is a biometric security measure. It involves checking a user’s
signature as well as deviations in pen pressure, speed, and length of time used to sign the
name. See 5-4: Security Measures and Enforcement: An Overview
Copyright Cengage Learning. Powered by Cognero. Page 24
,Module 05: Protecting Information Resources
POINTS: 1
DIFFICULTY: Easy
REFERENCES: Describe the nine security measures and enforcement that a comprehensive
security system should include.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.5
TOPICS: Biometric access systems
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
53. Which biometric security measure compares the length of each finger, the translucence of fingertips, and the webbing
between fingers against stored data to verify users’ identities?
a. Hand geometry
b. Fingerprint recognition
c. Vein analysis
d. Palm prints
ANSWER: a
RATIONALE: Correct. Hand geometry is a biometric security measure that compares the length of each
finger, the translucence of fingertips, and the webbing between fingers against stored data
to verify users’ identities. See 5-4: Security Measures and Enforcement: An Overview
POINTS: 1
DIFFICULTY: Easy
REFERENCES: Describe the nine security measures and enforcement that a comprehensive
security system should include.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.5
TOPICS: Biometric access systems
Security protection
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
54. Which is a nonbiometric security measure?
a. Electronic trackers
b. Retinal scanning
c. Callback modems
d. Signature analysis
ANSWER: c
RATIONALE: Correct. The three main nonbiometric security measures are callback modems, firewalls,
and intrusion detection systems. A callback modem verifies whether a user’s access is
valid by logging the user off (after he or she attempts to connect to the network) and then
calling the user back at a predetermined number. See 5-4: Security Measures and
Enforcement: An Overview
Copyright Cengage Learning. Powered by Cognero. Page 25
,Module 05: Protecting Information Resources
POINTS: 1
DIFFICULTY: Easy
REFERENCES: Describe the nine security measures and enforcement that a comprehensive
security system should include.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.5
TOPICS: Security protection
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
55. Which statement is true of application-filtering firewalls?
a. They are less secure than packet-filtering firewalls.
b. They filter viruses less effectively than packet-filtering firewalls.
c. They filter faster than packet-filtering firewalls.
d. They are more expensive than packet-filtering firewalls.
ANSWER: d
RATIONALE: Correct. Application-filtering firewalls are more expensive than packet-filtering firewalls.
They are generally more secure and flexible than packet-filtering firewalls. See 5-4:
Security Measures and Enforcement: An Overview
POINTS: 1
DIFFICULTY: Moderate
REFERENCES: Describe the nine security measures and enforcement that a comprehensive
security system should include.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.5
TOPICS: Security protection
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
56. In the context of firewall as a nonbiometric security measure, a is software that acts as an intermediary between
two systems.
a. logic bomb
b. callback modem
c. proxy server
d. block multiplexer
ANSWER: c
RATIONALE: Correct. A proxy server is software that acts as an intermediary between two systems-
between network users and the Internet, for example. It is often used to help protect a
network against unauthorized access from outside the network by hiding the network
addresses of internal systems. See 5-4: Security Measures and Enforcement: An Overview
POINTS: 1
Copyright Cengage Learning. Powered by Cognero. Page 26
, Module 05: Protecting Information Resources
DIFFICULTY: Easy
REFERENCES: Describe the nine security measures and enforcement that a comprehensive
security system should include.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.5
TOPICS: Security protection
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
57. Which statement is true of firewalls?
a. They protect against external access, but they leave networks unprotected from internal intrusions.
b. They can identify attack signatures, trace patterns, and generate alarms for a network administrator.
c. They monitor network traffic and use the “prevent, detect, and react” approach to security.
d. They cause routers to terminate connections with suspicious sources.
ANSWER: a
RATIONALE: Correct. Firewalls protect against external access, but they leave networks unprotected
from internal intrusions. An intrusion detection system can protect against both external
and internal access. See 5-4: Security Measures and Enforcement: An Overview
POINTS: 1
DIFFICULTY: Moderate
REFERENCES: Describe the nine security measures and enforcement that a comprehensive
security system should include.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.5
TOPICS: Security protection
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
58. are usually placed in front of a firewall and can identify attack signatures, trace patterns, generate alarms for a
network administrator, and cause routers to terminate connections with suspicious sources.
a. Intrusion detection systems
b. Proxy servers
c. Identification badges
d. Virtual private networks
ANSWER: a
RATIONALE: Correct. An intrusion detection system can protect against both external and internal
access. It is usually placed in front of a firewall and can identify attack signatures, trace
patterns, generate alarms for a network administrator, and cause routers to terminate
connections with suspicious sources. See 5-4: Security Measures and Enforcement: An
Overview
POINTS: 1
Copyright Cengage Learning. Powered by Cognero. Page 27
RATIONALE: Correct. A denial-of-service (DoS) attack floods a network or server with service requests
to prevent legitimate users’ access to the system. It can be thought of as 5,000 people
surrounding a store and blocking customers who want to enter; the store is open, but it
cannot provide service to legitimate customers. See 5-3: Security Threats: An Overview
POINTS: 1
DIFFICULTY: Easy
REFERENCES: Identify the nine most common intentional security threats.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.4
TOPICS: Security risks and threats
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
51. In the context of security, is an attack that takes advantage of the human element of security systems.
a. disk mirroring
b. weblogging
c. voice recognition
d. social engineering
ANSWER: d
RATIONALE: Correct. In the context of security, social engineering means using “people skills”-such as
being a good listener and assuming a friendly, unthreatening air-to trick others into
revealing private information. Social engineering attacks take advantage of the human
element of security systems. See 5-3: Security Threats: An Overview
POINTS: 1
DIFFICULTY: Easy
REFERENCES: Identify the nine most common intentional security threats.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.4
TOPICS: Security risks and threats
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
52. Which of the following is a biometric security measure?
a. Terminal resource security
b. A corner bolt
c. A callback modem
d. Signature analysis
ANSWER: d
RATIONALE: Correct. Signature analysis is a biometric security measure. It involves checking a user’s
signature as well as deviations in pen pressure, speed, and length of time used to sign the
name. See 5-4: Security Measures and Enforcement: An Overview
Copyright Cengage Learning. Powered by Cognero. Page 24
,Module 05: Protecting Information Resources
POINTS: 1
DIFFICULTY: Easy
REFERENCES: Describe the nine security measures and enforcement that a comprehensive
security system should include.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.5
TOPICS: Biometric access systems
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
53. Which biometric security measure compares the length of each finger, the translucence of fingertips, and the webbing
between fingers against stored data to verify users’ identities?
a. Hand geometry
b. Fingerprint recognition
c. Vein analysis
d. Palm prints
ANSWER: a
RATIONALE: Correct. Hand geometry is a biometric security measure that compares the length of each
finger, the translucence of fingertips, and the webbing between fingers against stored data
to verify users’ identities. See 5-4: Security Measures and Enforcement: An Overview
POINTS: 1
DIFFICULTY: Easy
REFERENCES: Describe the nine security measures and enforcement that a comprehensive
security system should include.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.5
TOPICS: Biometric access systems
Security protection
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
54. Which is a nonbiometric security measure?
a. Electronic trackers
b. Retinal scanning
c. Callback modems
d. Signature analysis
ANSWER: c
RATIONALE: Correct. The three main nonbiometric security measures are callback modems, firewalls,
and intrusion detection systems. A callback modem verifies whether a user’s access is
valid by logging the user off (after he or she attempts to connect to the network) and then
calling the user back at a predetermined number. See 5-4: Security Measures and
Enforcement: An Overview
Copyright Cengage Learning. Powered by Cognero. Page 25
,Module 05: Protecting Information Resources
POINTS: 1
DIFFICULTY: Easy
REFERENCES: Describe the nine security measures and enforcement that a comprehensive
security system should include.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.5
TOPICS: Security protection
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
55. Which statement is true of application-filtering firewalls?
a. They are less secure than packet-filtering firewalls.
b. They filter viruses less effectively than packet-filtering firewalls.
c. They filter faster than packet-filtering firewalls.
d. They are more expensive than packet-filtering firewalls.
ANSWER: d
RATIONALE: Correct. Application-filtering firewalls are more expensive than packet-filtering firewalls.
They are generally more secure and flexible than packet-filtering firewalls. See 5-4:
Security Measures and Enforcement: An Overview
POINTS: 1
DIFFICULTY: Moderate
REFERENCES: Describe the nine security measures and enforcement that a comprehensive
security system should include.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.5
TOPICS: Security protection
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
56. In the context of firewall as a nonbiometric security measure, a is software that acts as an intermediary between
two systems.
a. logic bomb
b. callback modem
c. proxy server
d. block multiplexer
ANSWER: c
RATIONALE: Correct. A proxy server is software that acts as an intermediary between two systems-
between network users and the Internet, for example. It is often used to help protect a
network against unauthorized access from outside the network by hiding the network
addresses of internal systems. See 5-4: Security Measures and Enforcement: An Overview
POINTS: 1
Copyright Cengage Learning. Powered by Cognero. Page 26
, Module 05: Protecting Information Resources
DIFFICULTY: Easy
REFERENCES: Describe the nine security measures and enforcement that a comprehensive
security system should include.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.5
TOPICS: Security protection
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
57. Which statement is true of firewalls?
a. They protect against external access, but they leave networks unprotected from internal intrusions.
b. They can identify attack signatures, trace patterns, and generate alarms for a network administrator.
c. They monitor network traffic and use the “prevent, detect, and react” approach to security.
d. They cause routers to terminate connections with suspicious sources.
ANSWER: a
RATIONALE: Correct. Firewalls protect against external access, but they leave networks unprotected
from internal intrusions. An intrusion detection system can protect against both external
and internal access. See 5-4: Security Measures and Enforcement: An Overview
POINTS: 1
DIFFICULTY: Moderate
REFERENCES: Describe the nine security measures and enforcement that a comprehensive
security system should include.
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: MIS.10e.5.5
TOPICS: Security protection
KEYWORDS: Understand
DATE CREATED: 10/22/2019 1:29 PM
DATE MODIFIED: 10/22/2019 1:29 PM
58. are usually placed in front of a firewall and can identify attack signatures, trace patterns, generate alarms for a
network administrator, and cause routers to terminate connections with suspicious sources.
a. Intrusion detection systems
b. Proxy servers
c. Identification badges
d. Virtual private networks
ANSWER: a
RATIONALE: Correct. An intrusion detection system can protect against both external and internal
access. It is usually placed in front of a firewall and can identify attack signatures, trace
patterns, generate alarms for a network administrator, and cause routers to terminate
connections with suspicious sources. See 5-4: Security Measures and Enforcement: An
Overview
POINTS: 1
Copyright Cengage Learning. Powered by Cognero. Page 27
