WGU C724 Information Systems
Management Unit 7 Test
False Correct answer- [True/False] Information is a valuable asset and not everyone in
the world can be trusted with it. Therefore, we need to protect our valuable information
from those with poor intentions. The protection of our information assets is a discipline
known as data security.
a.) True
b.) False
Black Hat Correct answer- Organizations are constantly encountering cyber-attacks
from intruders. For instance, in late 2013, the security system of Target Stores, Inc.,
was compromised by which of the following type of attacker?
a.) Grey Hat
b.) Black Hat
c.) White Hat
Phishing Correct answer- Criminals use which method to send legitimate-looking emails
to innocent victims, which direct them to a Website where they are asked to input
personal information such as user logon and password?
a.) Identity theft
b.) Pharming
c.) Social engineering
d.) Phishing
Financial Services Modernization Act (aka Gramm-Leach-Bliley Act) of 1999 Correct
answer- Organizations must follow procedures to store or transfer their financial
information as outlined in which of the following legislation?
a.) Public Company Accounting Reform and Investor Act (aka Sarbanes-Oxley Act) of
2002
b.) Health Insurance Portability and Accountability Act (HIPAA) of 1996
c.) Financial Services Modernization Act (aka Gramm-Leach-Bliley Act) of 1999
Auditing can only be used by the accounting department Correct answer- Security
policies are output from an organization's risk assessment process, which cover an
, organization's need for various levels of security. Auditing is an example of a security
policies control. Which of the following is FALSE regarding auditing?
a.) Auditing is used by many divisions and departments within an organization
b.) Auditing can only be used by the accounting department
c.) An IS auditor may penetrate security policies to determine their adequacy or need for
training
False Correct answer- [True/False] The process of turning information into an
unreadable format to prevent unauthorized access is known as decryption.
a.) True
b.) False
Hot sites Correct answer- Organizations need to include redundancy in their business
disaster recovery plan by creating duplicate facilities. Which of the following sites offer
offsite office space that allow recovery within minutes to hours?
a.) Warm sites
b.) Shared hot sites
c.) Cold sites
d.) Hot sites
A and B Correct answer- (Select all that apply). What are some of the actions that savvy
users do to protect their privacy?
a.) Delete cookies from the computer periodically
b.) Enable popup blockers
c.) Do not use anonymous browsing
Consult legal counsel and retain documentation of all stolen information Correct
answer- If your identity has been stolen, what should you do?
a.) Protect access to your information assets
b.) Understand the methods that criminals used to steal the personal information
c.) Understand which assets are irreplaceable and how they are vulnerable
d.) Consult legal counsel and retain documentation of all stolen information
A small business owner installs Microsoft Office suite on all the computers in his office
Correct answer- Which of the following action is considered ethical, social, and legally
acceptable?
Management Unit 7 Test
False Correct answer- [True/False] Information is a valuable asset and not everyone in
the world can be trusted with it. Therefore, we need to protect our valuable information
from those with poor intentions. The protection of our information assets is a discipline
known as data security.
a.) True
b.) False
Black Hat Correct answer- Organizations are constantly encountering cyber-attacks
from intruders. For instance, in late 2013, the security system of Target Stores, Inc.,
was compromised by which of the following type of attacker?
a.) Grey Hat
b.) Black Hat
c.) White Hat
Phishing Correct answer- Criminals use which method to send legitimate-looking emails
to innocent victims, which direct them to a Website where they are asked to input
personal information such as user logon and password?
a.) Identity theft
b.) Pharming
c.) Social engineering
d.) Phishing
Financial Services Modernization Act (aka Gramm-Leach-Bliley Act) of 1999 Correct
answer- Organizations must follow procedures to store or transfer their financial
information as outlined in which of the following legislation?
a.) Public Company Accounting Reform and Investor Act (aka Sarbanes-Oxley Act) of
2002
b.) Health Insurance Portability and Accountability Act (HIPAA) of 1996
c.) Financial Services Modernization Act (aka Gramm-Leach-Bliley Act) of 1999
Auditing can only be used by the accounting department Correct answer- Security
policies are output from an organization's risk assessment process, which cover an
, organization's need for various levels of security. Auditing is an example of a security
policies control. Which of the following is FALSE regarding auditing?
a.) Auditing is used by many divisions and departments within an organization
b.) Auditing can only be used by the accounting department
c.) An IS auditor may penetrate security policies to determine their adequacy or need for
training
False Correct answer- [True/False] The process of turning information into an
unreadable format to prevent unauthorized access is known as decryption.
a.) True
b.) False
Hot sites Correct answer- Organizations need to include redundancy in their business
disaster recovery plan by creating duplicate facilities. Which of the following sites offer
offsite office space that allow recovery within minutes to hours?
a.) Warm sites
b.) Shared hot sites
c.) Cold sites
d.) Hot sites
A and B Correct answer- (Select all that apply). What are some of the actions that savvy
users do to protect their privacy?
a.) Delete cookies from the computer periodically
b.) Enable popup blockers
c.) Do not use anonymous browsing
Consult legal counsel and retain documentation of all stolen information Correct
answer- If your identity has been stolen, what should you do?
a.) Protect access to your information assets
b.) Understand the methods that criminals used to steal the personal information
c.) Understand which assets are irreplaceable and how they are vulnerable
d.) Consult legal counsel and retain documentation of all stolen information
A small business owner installs Microsoft Office suite on all the computers in his office
Correct answer- Which of the following action is considered ethical, social, and legally
acceptable?
