Questions are multiple choice and fill-in. Select the best answer by circling
Questions are multiple choice and fill-in. Select the best answer by circling the best multiple-choice answer. Fill-in is a short response. Each question is worth 3 points unless indicated otherwise.
1. Recently, there was an outbreak of a computer virus, known as the Melissa virus. The FBI is determining whether the virus meets the requirements in the criminal code for an investigation. Which legal justification should be used by the FBI to pursue this matter?
a. Creation of computer viruses are illegal.
b. Approval from Microsoft was not granted using Microsoft’s Outlook program to spread the virus.
c. The transmission of a program, information, code, or command that intentionally causes damage without authorization, to a protected computer.
2. As a systems administrator, where can you go, On-Line, to obtain solutions to computer viruses.
a. Federal Bureau of Investigation (FBI)
b. National Security Agency
c. Carnegie Mellon’s Computer Emergency Response Team (CERT)
d. John’s Hopkins Applied Physics Laboratory
3. The Electronic Communications Privacy Act includes all the following statements except:
a. Forbids trespass by all persons and businesses, not just government, where they “obtain or alter data, or prevent authorized access
b. Requires intent to defraud
c. Does not require a specified minimum dollar value of damages
d. Up to one year in prison and US$ 250K fines if for personal or commercial gain
4. In 1992, Federal law enforcement agents arrested five members of a hacker group. They were charged with breaking into the personnel department’s computer system and changing some evaluations. What was the computer security threat in this scenario?
a. Fraud
b. Data Modification
c. Theft
5. List 6 of the 8 security Incident Response steps and explain why they are necessary. (This question is worth 6 points)
6. List 3 signs of a security incident and explain why these are a security concern.
7. The article “Tale of a Virus Attack” emphasizes which aspect of Information Security?
a. Legal Issues
b. Risk Management
c. Response and Recovery
d. Access Control
8. Identify three FISMA security controls that can be used to mitigate a threat for a wireless network.
9. Select three wireless protocols that provide strong authentication and/or access control.
10. Review the attached amendment (see attached in BlackBoard Documents) to a United States Code that address fraud and related activities in connection with computers. You are representing the United States Government as the prosecuting attorney. You have sufficient evidence that the individual committed fraud against a financial institution, causing damage that resulted in a loss of data. What punishment will you recommend and why? (answer with 400 – 500 words)
11. Identify and describe current email privacy laws and compliance regulations. (answer with 300 – 500 words)
12. Identify the security features for a commercial product that provides PKI as a Service (do not use the Symantec CPS). Is this product/service FISMA compliant? Provide your rationale. (answer with a minimum 500 words)
13. Identify the effectiveness of the five wireless authentication protocols against the two attack techniques in the matrix. Complete the matrix by selecting whether the effectiveness of a type of wireless authentication protocol is high or low (provide a rationale for your selection) against the two types of threats identified in the matrix. (answer with a minimum a of 500 words)
Leave a Reply