IS 435 CH4 11E EXAM QUESTIONS ANSWERED CORRECTLY LATEST UPDATE 2026

IS 435 CH4 11E EXAM QUESTIONS ANSWERED CORRECTLY LATEST UPDATE 2026 A debit card is secure because it requires two credentials for authentication-the card itself and a PIN. This is called ________. A) segmentation B) redundancy C) two-factor authentication D) none of the above - Answers C) two-factor authentication In antivirus filtering, the best ways to filter currently use ________. A) application awareness B) stateful inspection C) signature detection D) behavioral detection - Answers D) behavioral detection Antivirus programs are designed to detect ________. A) viruses B) worms C) both A and B D) neither A nor B - Answers C) both A and B Which of the following is the most frustrating to use? A) IDSs B) opaque filtering C) SPI firewalls D) NGFW firewalls - Answers A) IDSs If a packet is highly suspicious but not a provable attack packet, an ________ may drop it. A) SPI firewall B) IDS C) NGFW D) none of the above - Answers D) none of the above In general, what should an employer do whenever an employee leaves the firm? A) Their accounts should be disabled instantly B) They should be given no prior notice that they are being released C) both A and B D) neither A nor B - Answers A) Their accounts should be disabled instantly The Target attackers probably first broke into Target using the credentials of a(n) ________. A) low-level Target employee B) Target IT employee C) Target security employee D) employee in a firm outside Target - Answers D) employee in a firm outside Target The Target attackers sold stolen card information to ________. A) crimeware shops B) card shops C) card counterfeiters D) all of the above - Answers B) card shops Which of the following probably suffered the most financial damage from the Target breach? A) Target B) banks C) consumers D) retailers - Answers D) retailers Which of the following were able to recoup most of the money they lost from Target? A) credit card companies B) retailers C) both A and B D) neither A nor B - Answers A) credit card companies For consumers who suffered credit card fraud because of the Target breach and acted quickly, which of the following is true? A) They received no compensation. B) They received compensation from Target. C) The credit card companies did not charge them for fraudulent purchasers. D) The United States Treasury compensated them from an insurance fund. - Answers C) The credit card companies did not charge them for fraudulent purchasers. In ________ thinking, the opponent is primarily an intelligent attacker. A) networking B) security C) both A and B D) neither A nor B - Answers B) security The general term for evil software is ________. A) virus B) worm C) malware D) all of the above - Answers C) malware ________ is the most frequent type of company attack. A) DoS B) Hacking C) Ransomware D) Malware - Answers D) Malware Users typically can eliminate a vulnerability in one of their programs by ________. A) installing a patch B) using an antivirus program C) both A and B D) neither A nor B - Answers A) installing a patch Vulnerability-based attacks that occur before a patch is available are called ________ attacks. A) indefensible B) stealth C) malware D) zero-day - Answers D) zero-day What kind of attack is most likely to succeed against a system with no technological vulnerabilities? A) malware B) social engineering C) both A and B D) neither A nor B - Answers B) social engineering A spear phishing attack is usually aimed at ________. A) an individual B) a group C) everyone D) all of the above - Answers A) an individual ________ are full programs. A) Viruses B) Worms C) both A and B D) neither A nor B - Answers B) Worms Which of the following attach themselves to other programs? A) viruses B) worms C) both A and B D) neither A nor B - Answers A) viruses Viruses and worms propagate through ________. A) social engineering B) exploiting vulnerabilities C) both A and B D) neither A nor B - Answers C) both A and B Which of the following sometimes uses direct propagation between computers? A) viruses B) worms C) Trojan horses D) downloaders - Answers B) worms Malware programs that masquerade as system files are called ________. A) viruses B) scripts C) root malware D) Trojan horses - Answers D) Trojan horses Trojan horses can spread by ________. A) e-mailing themselves to victim computers B) directly propagating to victim computers C) both A and B D) neither A nor B - Answers D) neither A nor B Pieces of code that are executed after the virus or worm has spread are called ________. A) vulnerabilities B) exploits C) compromises D) payloads - Answers D) payloads ________ is the general name for malware on a user's PC that collects sensitive information and sends this information to an attacker. A) A keystroke logger B) Anti-privacy software C) Spyware D) Data mining software - Answers C) Spyware ________ is a program that can capture passwords as you enter them. A) A keystroke logger B) Data mining software C) both A and B D) neither A nor B - Answers A) A keystroke logger In which type of attack does the attacker gather extensive sensitive personal information about its victim? A) identity theft B) credit card number theft C) both A and B D) neither A nor B - Answers A) identity theft Which is more harmful to the victim? A) identity theft B) credit card number theft C) both A and B are about equally harmful - Answers A) identity theft T/F Hacking is defined as using a computer resource without authorization or in excess of authorization. - Answers FALSE Which of the following meets the definition of hacking? A) to intentionally use a computer resource without authorization B) to intentionally use a computer on which you have an account but use it for unauthorized purposes C) both A and B D) neither A nor B - Answers C) both A and B If you see a username and password on a Post-It note that anyone can see on a monitor, is it hacking if you use this information to log in? A) yes B) no C) We cannot say from the information given. - Answers A) yes You accidentally discover that you can get into other e-mail accounts after you have logged in under your account and only spend a few minutes looking at another user's mail. Is that hacking? A) yes B) no C) We cannot say from the information given. - Answers A) yes DoS attacks attempt to ________. A) hack a computer B) reduce the availability of a computer C) steal information from a computer D) delete files on a computer - Answers B) reduce the availability of a computer In a DDoS attack, a ________ sends messages directly to the victim. A) botmaster B) bot C) command and control server D) all of the above - Answers B) bot Advanced persistent threats are ________. A) inexpensive for the attacker B) extremely dangerous for the victim C) both A and B D) neither A nor B - Answers B) extremely dangerous for the victim ________ attacks typically extend over a period of months. A) DDoS B) Malware C) APT D) Spear phishing - Answers C) APT What type of attacker are most attackers today? A) disgruntled employees and ex-employees B) career criminals C) hackers motivated by a sense of power D) cyberterrorists - Answers B) career criminals ________ attackers are often well-funded. A) Disgruntled employee B) Cybercriminal C) both A and B D) neither A nor B - Answers B) Cybercriminal Why are employees especially dangerous? A) They are technically sophisticated. B) They are trusted. C) both A and B D) neither A nor B - Answers B) They are trusted. Who are the most dangerous types of employees? A) financial employees B) manufacturing employees C) IT security employees D) former employees - Answers C) IT security employees