Chapter 4: Information Ethics in Business

Questions and Answers

What type of malware is designed to trick victims into giving up personal information to purchase or download useless software?

• Ransomware
• Sniffer
• Spyware
• Scareware (correct)

Which security threat involves forging the return email address to mask the actual sender?

• Hoaxes
• Spoofing (correct)
• Elevation of privilege
• Sniffer

What type of adware collects user data and transmits it without permission?

• Scareware
• Ransomware
• Sniffer
• Spyware (correct)

Which malware is a form of malicious software that demands money after infecting a computer?

Ransomware (B)

What should organizations develop to outline the rules required for maintaining information security?

Information security policies (D)

Which program or device can monitor data transmitted over a network?

Sniffer (A)

What is the term used for the process of confirming users' identities?

Authentication (B)

Which technique involves rerouting requests for legitimate websites to false websites?

Pharming (D)

What type of authentication technique involves using fingerprints or voice?

Something that is part of the user (B)

What is the purpose of astroturfing in the context of security?

To artificially stimulate demand for a product (C)

What role do tokens play in authentication?

Changing user passwords automatically (B)

Which category of authentication techniques includes a smart card or token?

Something the user has (D)

What type of attack involves attackers granting themselves a higher access level to the network?

Vertical privilege escalation (D)

Which technology scrambles information into an alternative form that requires a key or password to decrypt?

Encryption (C)

What type of prevention technology filters content to prevent the transmission of unauthorized information?

Content filtering (B)

In which situation would horizontal privilege escalation occur?

When attackers grant themselves the same access levels but assume another user's identity (B)

What is the purpose of intrusion detection software?

To monitor network traffic for suspicious patterns (A)

Which technology is used to guard a private network by analyzing incoming and outgoing information for correct markings?

Firewalls (A)

What is a recommended way to obscure your email address when posting to a web forum or newsgroup?

Insert something obvious into your email address (C)

Why is it advised not to reply to spam messages?

To confirm that your email address is active (A)

What is one reason given to remove your email address from your website's pages?

To prevent spammers' robots from collecting your email address (D)

What action can help in avoiding ending up on a spammer's mailing list?

Offering a web-based mail form instead of displaying your email address (A)

What risk does replying to spam messages pose?

Providing spammers with active email addresses (C)

What is the main focus of information ethics?

Moral issues arising from information technologies (D)

Which of the following is NOT a tool to prevent information misuse as mentioned in the text?

Information ethics (B)

What is the main difference between privacy and confidentiality as explained in the text?

Privacy involves control over personal possessions, while confidentiality ensures authorized viewing of information. (A)

What is the purpose of an Ethical Computer Use Policy according to the text?

To guide user behavior based on ethical principles (C)

Which of the following is NOT a business issue related to information ethics mentioned in the text?

Privacy (B)

What is the key aspect that organizations aim for regarding ePolicies based on the text?

Building a corporate culture based on ethical principles (A)