MBA 6207 Midterm Exam Actual Exam
MBA 6207 MIDTERM EXAM ACTUAL EXAM NEWEST 2025/2026
COMPLETE QUESTIONS AND CORRECT DETAILED ANSWERS
(VERIFIED ANSWERS) |BRAND NEW VERSION!!
Which statement about the drivers that help set information system
organizational strategy is false?
a. They include innovative thinkers inside, but not outside, the organization.
b. They include more general organizational strategies at the corporate level.
c. They include technology innovations in hardware and software.
d. They include the perception of the IS organization by the rest of the
organization - Correct Answer-They include innovative thinkers inside, but not
outside, the organization.
Why would Claire, who has a Certified Information Systems Security Professional
credential, object to shadow IT efforts at her company? - Correct Answer-Shadow
IT systems and processes may lack necessary levels of security required to meet
compliance standards
_____ is/are considered to be the most important element in computer-based
information systems. - Correct Answer-People
Botnet - Correct Answer-network of computers that send out access requests to
servers repeatedly
1|Page
, MBA 6207 Midterm Exam Actual Exam
Hacktivist - Correct Answer-hacks computers or Web sites in an attempt to
promote a political ideology
After a successful cyberattack, the funds spent on repairing affected systems,
restoring lost data, and performing a post-incident analysis are considered part of
the _____. - Correct Answer-Recovery cost
An attack that takes place before the security community and/or software
developers become aware of and fix a security vulnerability is called a zero-day
attack. - Correct Answer-True
Because some threats, such as insider fraud, are more likely to occur than others,
step 3 of the risk assessment process is to _____. - Correct Answer-assess the
frequency of events or the likelihood of each potential threat
Imagine you are conducting a security self-assessment. Which of the following
might indicate one of your account passwords is too weak? - Correct Answer-
Contains LESS than 12 characters
In computing, an attack on an information system that takes advantage of a
particular system vulnerability is called a(n) _______. - Correct Answer-Exploit
Kenneth is assisting with step 7 of his organization's security risk assessment. He
and his team compare the risks of potential security breaches against the
estimated costs of preventing them from happening. Why is this an important
step? - Correct Answer-No amount of resources can guarantee a perfect security
system, so one must balance risks with prevention costs
2|Page
, MBA 6207 Midterm Exam Actual Exam
Scanning a computer's hard drive for viruses is essential, but scanning live
memory is only important in certain situations. - Correct Answer-False! Should
always scan
The US-CERT newsletter has alerted you about a specific vulnerability in some
software installed on your organization's computers. To detect any attempts at
exploiting this vulnerability, you employ a(n) ____-based intrusion detection
system. - Correct Answer-Knowledge
The final step in the security risk assessment process is to _____. - Correct
Answer-decide whether or not to implement particular countermeasures
There are laws that require businesses to prove that their data are secure. -
Correct Answer-True
To successfully fight computer crime in a court of law, prosecutors and victims
depend on a properly handled _____. - Correct Answer-computer forensics
investigation
Role of an MSSP (Managed Security Service Provider) - Correct Answer-
monitoring, managing, and maintaining computer and network security
Which of the following activities does the USA Patriot Act define? - Correct
Answer-Cyberterrorism
3|Page
MBA 6207 MIDTERM EXAM ACTUAL EXAM NEWEST 2025/2026
COMPLETE QUESTIONS AND CORRECT DETAILED ANSWERS
(VERIFIED ANSWERS) |BRAND NEW VERSION!!
Which statement about the drivers that help set information system
organizational strategy is false?
a. They include innovative thinkers inside, but not outside, the organization.
b. They include more general organizational strategies at the corporate level.
c. They include technology innovations in hardware and software.
d. They include the perception of the IS organization by the rest of the
organization - Correct Answer-They include innovative thinkers inside, but not
outside, the organization.
Why would Claire, who has a Certified Information Systems Security Professional
credential, object to shadow IT efforts at her company? - Correct Answer-Shadow
IT systems and processes may lack necessary levels of security required to meet
compliance standards
_____ is/are considered to be the most important element in computer-based
information systems. - Correct Answer-People
Botnet - Correct Answer-network of computers that send out access requests to
servers repeatedly
1|Page
, MBA 6207 Midterm Exam Actual Exam
Hacktivist - Correct Answer-hacks computers or Web sites in an attempt to
promote a political ideology
After a successful cyberattack, the funds spent on repairing affected systems,
restoring lost data, and performing a post-incident analysis are considered part of
the _____. - Correct Answer-Recovery cost
An attack that takes place before the security community and/or software
developers become aware of and fix a security vulnerability is called a zero-day
attack. - Correct Answer-True
Because some threats, such as insider fraud, are more likely to occur than others,
step 3 of the risk assessment process is to _____. - Correct Answer-assess the
frequency of events or the likelihood of each potential threat
Imagine you are conducting a security self-assessment. Which of the following
might indicate one of your account passwords is too weak? - Correct Answer-
Contains LESS than 12 characters
In computing, an attack on an information system that takes advantage of a
particular system vulnerability is called a(n) _______. - Correct Answer-Exploit
Kenneth is assisting with step 7 of his organization's security risk assessment. He
and his team compare the risks of potential security breaches against the
estimated costs of preventing them from happening. Why is this an important
step? - Correct Answer-No amount of resources can guarantee a perfect security
system, so one must balance risks with prevention costs
2|Page
, MBA 6207 Midterm Exam Actual Exam
Scanning a computer's hard drive for viruses is essential, but scanning live
memory is only important in certain situations. - Correct Answer-False! Should
always scan
The US-CERT newsletter has alerted you about a specific vulnerability in some
software installed on your organization's computers. To detect any attempts at
exploiting this vulnerability, you employ a(n) ____-based intrusion detection
system. - Correct Answer-Knowledge
The final step in the security risk assessment process is to _____. - Correct
Answer-decide whether or not to implement particular countermeasures
There are laws that require businesses to prove that their data are secure. -
Correct Answer-True
To successfully fight computer crime in a court of law, prosecutors and victims
depend on a properly handled _____. - Correct Answer-computer forensics
investigation
Role of an MSSP (Managed Security Service Provider) - Correct Answer-
monitoring, managing, and maintaining computer and network security
Which of the following activities does the USA Patriot Act define? - Correct
Answer-Cyberterrorism
3|Page
