IT Risk Management: Natural Disasters and Human Error

Questions and Answers

What type of espionage is illegal?

Industrial espionage

Where can instances of shoulder surfing occur?

Anywhere a person accesses confidential information

What is the primary goal of hackers?

To gain access to information illegally

What type of threat is considered among the most dangerous?

Forces of Nature

What is the difference between competitive intelligence and industrial espionage?

Competitive intelligence is legal, while industrial espionage is illegal

What is the primary method used by hackers to gain access to information?

Using skill, guile, or fraud to bypass controls

What type of event can disrupt the storage, transmission, and use of information?

Natural disasters

What is the primary goal of an attacker in information extortion?

To demand compensation for the return of stolen data

What is a common consequence of employee mistakes?

Revelation of classified data

What type of threat can make an organization more vulnerable to losses when other threats lead to attacks?

Missing or inadequate policy planning

What is a common type of data breach?

Credit card number theft

What is a major threat to an organization's data?

Employee mistakes

What is a potential security risk associated with shortcuts left by programmers in software codes?

Trap doors

What is a consequence of using outdated infrastructure in technology?

Loss of data integrity

What is a characteristic of intermittent errors in equipment?

They only periodically manifest themselves

Why is it essential for management to analyze the technology currently in use?

To prevent technology from becoming obsolete

What is a consequence of not resolving all bugs in software codes before publication?

New bugs are revealed

What should management do when technology becomes obsolete?

Take immediate action