Information Security Chapter 04

Questions and Answers

What does Business Impact Analysis primarily identify?

• The efficiency of current operations
• Critical business functions and impact of disasters (correct)
• Recent technology risks
• All available software solutions

What is an emergency notification service used for?

• For delivering marketing messages
• To recover data after loss
• To analyze business risk
• For notifying people during emergencies (correct)

What can typically result from technology failure?

• Destruction of vital data (correct)
• Improved operational efficiency
• Enhanced system reliability
• Successful disaster recovery

What is the focus of technology recovery strategies?

Prioritizing the order for restoring technology (A)

What is the term for the period during which a system is unavailable?

Downtime (C)

Which of the following is NOT a characteristic of Agile MIS Infrastructure?

Profitability (C)

Which of the following is NOT a consequence of downtime?

Software updates (D)

What does the term 'cybersecurity' refer to?

The prevention, detection, and response to cyberattacks (A)

What does maintainability in MIS Infrastructure refer to?

The system's ability to support environmental changes (B)

Which element is included in the technology recovery strategies?

Data center recovery (A)

What is a 'botnet'?

Malware that controls a network of devices (A)

Which of the following best defines networking in the context of technology recovery strategies?

Connectivity through various technologies (A)

Which of the following best describes hackers?

Those who break into systems for profit or challenge (A)

Which of the following is a type of software intended to cause damage?

Virus (C)

What is the main purpose of information security?

To protect information from misuse (B)

What does drive-by hacking involve?

Accessing a network without permission (D)

What is the primary purpose of authorization in a system?

To grant permissions and access levels (C)

Which of the following is NOT a category of authentication techniques?

Something the user sees (D)

What is an example of something the user has for authentication?

Smart card (C)

What defines biometrics in the context of authentication?

Identifying users based on physical characteristics (C)

What is a limitation of biometric authentication techniques like voiceprints?

They can be intrusive and costly (A)

What is the goal of implementing multiple levels of authentication?

To inhibit unauthorized access effectively (A)

Which type of authentication is characterized by requiring only a username and password?

Single-factor authentication (A)

Which of the following statements about tokens is accurate?

They automatically change user passwords (C)

What is one advantage of blockchain technology?

Immutability (C)

Which term refers to the first block created in a blockchain?

Genesis block (D)

What does proof-of-work involve?

Mining and complex computations (B)

What do the hashes in a blockchain represent?

Encrypted links connecting blocks (B)

What is a primary function of a network?

Providing shared resources (A)

Which of the following best describes proof-of-stake?

An algorithm that has a different approach than proof-of-work (C)

Which digital currency operates independently of a central bank?

Bitcoin (A)

What type of graphs and charts goes beyond basic Excel tools for data visualization?

Pie charts, controls, and time-series graphs (B)

What does a local area network (LAN) connect?

Computers in close proximity, such as in an office or home (D)

Which of the following characterizes a wide area network (WAN)?

Spans a large geographic area like a province or country (D)

What technology allows devices to connect wirelessly to a local area network?

Wi-Fi (B)

What is the bit rate?

The number of bits transferred or received per unit of time (B)

What does Bluetooth technology enable?

Wireless PAN communication over short distances (B)

In wireless networks, what is referred to as bandwidth?

The maximum amount of data that can pass in a unit of time (B)

Which of the following describes a personal area network (PAN)?

A network that provides communication over a short distance for a single user (D)

What does a WLAN stand for?

Wireless Local Area Network (B)

Flashcards are hidden until you start studying

Study Notes

Information Security Overview

• Downtime refers to periods when a system is unavailable, affecting financial performance, revenue, reputation, and incurring other expenses.
• Cybersecurity involves prevention, detection, and response to cyberattacks, which can impact individuals, organizations, and nations.
• Cyberattacks are malicious attempts to access or harm computer systems.

Types of Cyber Threats

• Hackers use their technical expertise to break into systems for profit or challenge.
• Malware includes any software designed to damage or disable systems.
• Drive-by hacking targets unsecured wireless networks for unauthorized access.
• Botnets refer to networks of infected devices controlled by a hacker.

Authentication and Authorization

• Authorization grants users permission and access levels within a system.
• Three categories of authentication:
  • Something the user knows (e.g., passwords).
  • Something the user has (e.g., smart cards, tokens).
  • Something that is part of the user (e.g., biometrics like fingerprints or voiceprints).
• Voiceprints are unique measurable characteristics of a voice but can be costly and intrusive.

Security Strategies and Impact Analysis

• Single-factor authentication relies solely on user ID and passwords.
• Business Impact Analysis identifies critical functions and potential disaster effects.
• Technology recovery strategies prioritize restoring hardware, software, and data post-disruption.

Agile MIS Infrastructure Characteristics

• Accessibility, availability, maintainability, portability, reliability, and scalability are essential attributes for an effective MIS.

Blockchain and Distributed Ledger Technology

• Blockchain is a tamper-proof distributed ledger technology.
• Advantages include immutability, digital trust, and integration with the Internet of Things.
• Proof-of-work refers to computational challenges to add transactions to the blockchain.
• Bitcoin operates independently of central banks; Ethereum offers smart contract capabilities.

Connectivity Fundamentals

• Networks enhance communication and sharing resources.
• Types of networks:
  • Local Area Network (LAN): connects devices in close proximity.
  • Wide Area Network (WAN): spans large geographic areas.
  • Metropolitan Area Network (MAN): typically covers a city.
• Mobile technology allows users to access information on portable devices.

Wireless Communication

• Wi-Fi enables wireless connections between devices via radio waves, supported by infrastructure like transmitters and access points.
• Key wireless performance metrics include bandwidth (data transfer capabilities) and bit rate (data per unit time), measured in kilobits (Kb), megabits (Mb), and gigabits (Gb).

Personal Area Networks

• Personal Area Networks (PANs) facilitate short-distance communication for devices owned by a single user.
• Bluetooth technology is commonly used for wireless communication between devices over short distances.