Computer Incidents and Productivity

Questions and Answers

What is a major reason why many problems arise in business environments?

Not verifying users' identities or authorization

What is a consequence of the shift from client-server to peer-to-peer environments?

Increased system complexity

What do companies need to do to keep up with the pace of technological change?

Perform an ongoing assessment of new security risks

What is a common problem faced by help desks in business environments?

Sharing of login IDs and passwords

What is a major factor contributing to the prevalence of computer incidents?

Higher computer user expectations

What is a characteristic of modern business environments?

Moving towards e-commerce

What is the primary purpose of Step 2 in the security risk assessment process?

To identify the loss events or risks

What is the primary goal of Step 5 in the security risk assessment process?

To mitigate threats and reduce their impact

Why do organizations typically focus on threats with a high frequency and impact?

Because they have a high frequency and impact

What is the primary purpose of assessing the frequency of events in Step 3?

To determine the likelihood of each potential threat

What is the consequence of a threat that has a high impact on the organization?

It could keep the organization from carrying out its mission for a lengthy period of time

What is an example of how to mitigate a threat, as mentioned in Step 5?

Installing virus protection on all computers

What is the primary goal of implementing a multilayer process for managing security vulnerabilities?

To identify and address security vulnerabilities

Which type of attack is characterized by a flood of traffic to a website or network in an attempt to overwhelm it?

Distributed denial-of-service attack

What is the term for a person who uses their legitimate access to a computer system to cause harm or commit fraud?

Malicious insider

Which of the following is a type of malware that disguises itself as a legitimate program?

Trojan horse

What is the role of computer forensics in fighting computer crime?

To analyze evidence in a court of law

Who is responsible for leading the effort to implement security measures in an organization?

IT department

What is the primary function of an Intrusion Detection System (IDS)?

To monitor system and network resources and notify security personnel of potential threats

What should be done to prevent attacks by malicious insiders?

Delete computer accounts, login IDs, and passwords of departing employees and contractors

What is the main goal of the Department of Homeland Security (DHS)?

To secure critical infrastructure and information systems

What should be prioritized when fixing vulnerabilities?

High-impact vulnerabilities first

What is the purpose of an antivirus software?

To scan for specific virus signatures

What is a security audit intended to evaluate?

Whether an organization has a well-considered security policy in place

What is a major security concern for companies?

Malicious insiders

What type of fraud involves adding extra money to an approved payment?

Collusion fraud

What is a common way that frauds are discovered?

Chance discovery

What is an example of a type of fraud involving bidding processes?

Bid rigging

What is a consequence of collusion between an employee and an outsider?

All of the above

What is a type of fraud that involves stealing company assets?

Theft of assets