Chapter 9 Multiple Choice and True/False Answer Keys for Parts 1 and 2 Part 1: Check Your Understanding Instructions: Answer the questions below for more practice with key terms and concepts from Part 1. Visit www.pearsonhighered.com/techinaction to check your answers and to find other activities related to the chapter. Multiple Choice 1. When a hacker steals personal information with the intent of impersonating another individual to commit fraud, this is known as a. impersonation theft. b. scareware theft. c. identity theft. d. malware theft. 2. Viruses that compress files and then demand money to restore them are known as a. boot-sector viruses. b. script viruses. c. polymorphic viruses. d. encryption viruses. 3. Software designed to close logical ports in your computer is known as a(n) a. firewall. b. packet filter. c. antimalware blocker. d. network address translator. 4. Which tool do hackers use to gain access to and take control of your computer? a. stealth viruses b. backdoor programs c. scareware d. phishing software 5. A computer that a hacker has gained control of in order to launch DoS attacks is known as a __________ computer. a. rootkit b. compromised c. zombie d. breached True–False _____ 1. Password strength is only determined by the length of the password. (FALSE) _____ 2. Hackers that break into systems for non-malicious reasons, such as to test security systems, are known as white-hat hackers. (TRUE) Part 1: Critical Thinking 1. Protecting Your Data from Data Breaches You most likely have provided personal information to many websites and companies. Consider the following: a. What information have you provided to companies that you wish you had never disclosed? What types of information have companies asked you that you believe was unnecessary? List specific companies and examples of the extraneous information. b. If customers’ personal information is exposed in a data breach: • How should customers be informed of the breach (e-mail, snail mail, phone call)? What reassurances should the company provide? • If information is exposed that might lead to identity theft, should the company be responsible for compensating affected customers? Should the company be required to provide credit report monitoring to affected customers to help detect potential identity theft? For what period of time should the company accept responsibility for any identity theft that occurs? Student responses will vary based upon their experiences in this area. Students may believe that only the bare minimum of information (name, address, credit card info for purchases, etc.) should be required, while others may be more comfortable revealing much more information (educational and income levels, likes and dislikes, and other types of demographic information), however students should understand the necessity of not revealing highly confidential information such as passwords, account numbers, social security numbers, and other details that would enable identity theft. Most students will probably agree that multiple forms of notification would be appropriate and even necessary to ensure potential victims are notified of their heightened risk. Students may believe that companies should provide as much information as possible regarding the type of breach, number of compromised accounts, type of information revealed, and date of the attack. Additionally, students will probably agree that the company should shoulder their share of responsibility for the breach and take the necessary precautions to help ensure their customers’ continued safety and privacy, including credit monitoring and reimbursement of any losses incurred. Students may also believe that additional safeguards should be put into place. Incentives or good will gestures from the company may also be suggested, along with some level of long-term protection. 2. Password Protection You know from reading this chapter that secure passwords are essential to protecting your digital information. Consider the following: a. How many online accounts do you have that have passwords? List them. Are the passwords for these accounts secure, based on the suggestions proposed in this chapter? Do you change your passwords on a regular basis? b. How do you keep track of all of your passwords? Do you use password-management features in your browser? If so, which browser are you using? If you don’t use password-management in your browser, what methodology do you use for remembering and tracking your passwords? Students should list the number of sites they visit that require passwords. They should discuss the need for changing the password regularly and what makes a strong or weak password based on what they learned in this chapter. Students may use various methods of tracking passwords ranging from handwritten cheat sheets to digital lists to the use of password management software (either stand- alone or through an antivirus product) to management features available from the browser. The pros and cons of using password management software should be considered. Part 2 Check Your Understanding Instructions: Answer the questions below for practice with key terms and concepts from Part 2. Visit www.pearsonhighered.com/techinaction to check your answers and to find other activities related to the chapter. Multiple Choice 1. Programs that attempt to trick you into buying software by pretending your computer is infected with a virus fall into the class of malware known as a. virusware. b. scareware. c. spyware. d. adware. 2. A backup of all files on your computer which is essentially a snapshot of exactly how your computer looks at a particular point in time is known as a(n) a. total backup. b. incremental backup. c. image backup. d. global backup. 3. Software that transmits information about you, such as your Internet surfing habits, back to a third party is known as a. scareware. b. spyware. c. adware. d. trackingware. 4. Small text files that some websites automatically store on your computer’s hard drive are known as a. greyware. b. spam. c. adware. d. cookies. 5. A social engineering technique in which you create a scenario to gain someone’s trust is known as: a. pretexting. b. phishing. c. pharming. d. spear phishing. True–False 1. Sending e-mails to lure people into revealing personal information is a technique known as phishing. (TRUE) 2. Encrypting data is not an appropriate measure for protecting mobile devices such as tablets. (FALSE) Part 2 Critical Thinking 3. Restricting Information to Keep You Safe Many countries, such as China, have laws that control the content of the Internet and restrict their citizens’ access to information. The United States, with the exception of specific areas such as cyberbullying and child pornography, doesn’t currently take steps to restrict its citizens’ access to the Internet. Unfortunately, this freedom of information does carry some cost because some information on the web can potentially be dangerous to the general public. a. Do you think the U.S. government should censor information on the web, such as instructions for making weapons, to protect the general public? Why or why not? If you think there should be some censorship, do you think such a law would violate the First Amendment right to free speech? Explain your answer. b. Would you be willing to live with a lower level of information access to increase your sense of well-being? What topics do you feel would make you feel more secure if they were censored? These are questions critical to our society. While some information is dangerous or harmful, students need to also grapple with who would make the determination of what is dangerous or harmful. Is it possible to have just a little censorship and not have the threat of it growing out of control? Can ideas be dangerous? If so, should they be controlled? To whom are ideas dangerous? Why are they dangerous? Students will benefit from spending some time in recognizing the issues that are involved in these questions, and how these issues were dealt with by the writers of our governing documents during earlier times with less sophisticated technology. Students should consider whether this country would be better off with new amendments or from revising existing amendments. Students should support their viewpoints. Consensus is probably not possible or realistic!