a. Dishonest employees

b. Disgruntled employees

c. Errors and omissions

d. Outsiders

160. c. Users, data entry clerks, system operators, and programmers frequently make errors that contribute directly or indirectly to security problems. In some cases, the error is the threat, such as a data entry error or a programming error that crashes a system. In other cases, the errors create vulnerabilities. Errors can occur during all phases of the system life cycle. Many studies indicate that 65 percent of losses to organizations are the result of errors and omissions followed by dishonest employees (13%), disgruntled employees (6%), and outsiders/hackers (3%).

161. Which one of the following situations renders backing up program and data files ineffective?

a. When catastrophic accidents happen

b. When disruption to the network occurs

c. When viruses are timed to activate at a later date

d. When backups are performed automatically

161. c. Computer viruses that are timed to activate at a later date can be copied onto the backup media thereby infecting backup copies as well. This makes the backup copy ineffective, unusable, or risky. Backups are useful and effective (i) in the event of a catastrophic accident, (ii) in case of disruption to the network, and (iii) when they are performed automatically. Human error is eliminated.

162. What does an ineffective local-area-network backup strategy include?

a. Backing up servers daily

b. Securing the backup workstations

c. Scheduling backups during regular work hours

d. Using file recovery utility programs

162. c. It is not a good operating practice to schedule backups during regular work hours because it interrupts the business functions. It is advised to schedule backups during off hours to avoid file contention (when files are open and the backup program is scheduled to run). As the size and complexity of local-area networks (LANs) increase, backups have assumed greater importance with many options available. It is a common practice to back up servers daily, taking additional backups when extensive database changes occur. It is good to secure the backup workstations to prevent interruption of backup processes that can result in the loss of backup data. It is a better practice to use the network operating system’s file recovery utility for immediate restoration of accidentally deleted files before resorting to the time consuming process of file recovery from backup tapes.

163. Which one of the following types of restores is used when performing system upgrades and reorganizations?

a. Full restores

b. Individual file restores

c. Redirected restores

d. Group file restores

163. a. Full restores are used to recover from catastrophic events or when performing system upgrades and system reorganizations and consolidations. All the data on media is fully restored.

Individual file restores, by their name, restore the last version of a file that was written to media because it was deleted by accident or ruined. Redirected restores store files on a different location or system than the one they were copied from during the backup operations. Group file restores handle two or more files at a time.

164. Which of the following file backup strategies is preferred when a full snapshot of a server is required prior to upgrading it?

a. Full backups

b. Incremental backups

c. Differential backups

d. On-demand backups

164. d. On-demand backups refer to the operations that are done outside of the regular backup schedule. This backup method is most useful when backing up a few files/directories or when taking a full snapshot of a server prior to upgrading it. On-demand backups can act as a backup for regular backup schedules.

Full backups are incorrect because they copy all data files and programs. It is a brute force method providing a peace of mind at the expense of valuable time. Incremental backups are incorrect because they are an inefficient method and copy only those files that have changed since the last backup. Differential backups are incorrect because they copy all data files that have changed since the last full backup. Only two files are needed to restore the entire system: the last full backup and the last differential backup.

165. Which one of the following database backup strategies is executed when a database is running in a local-area-network environment?

a. Cold backup

b. Hot backup

c. Logical backup

d. Offline backup

165. b. Hot backups are taken when the database is running and updates are being written to it. They depend heavily on the ability of log files to stack up transaction instructions without actually writing any data values into database records. While these transactions are stacking up, the database tables are not being updated, and therefore can be backed up with integrity. One major problem is that if the system crashes in the middle of the backup, all the transactions stacking up in the log file are lost.

The idea of cold backup is to shut down the database and back it up while no end users are working on the system. This is the best approach where data integrity is concerned, but it does not service the customer (end user) well.

Logical backups use software techniques to extract data from the database and write the results to an export file, which is an image file. The logical backup approach is good for incremental backups. Offline backup is another term for cold backup.

166. Contrary to best practices, information systems’ security training is usually not given to which of the following parties?

a. Information systems security staff

b. Functional users

c. Computer operations staff

d. Corporate internal audit staff

166. c. The information systems’ security training program should be specifically tailored to meet the needs of computer operations staff so that they can deal with problems that have security implications. However, the computer operations staff is usually either taken for granted or completely forgotten from training plans.

The information systems’ security staff is provided with periodic training to keep its knowledge current. Functional users will definitely be given training so that they know how to practice security. Corporate internal audit staff is given training because it needs to review the IT security goals, policies, procedures, standards, and practices.

167. Which one of the following is a direct example of social engineering from a computer security viewpoint?

a. Computer fraud

b. Trickery or coercion techniques

c. Computer theft

d. Computer sabotage

167. b. Social engineering is a process of tricking or coercing people into divulging their passwords. Computer fraud involves deliberate misrepresentation, alteration, or disclosure of data to obtain something of value. Computer theft involves stealing of information, equipment, or software for personal gain. Computer sabotage includes planting a Trojan horse, trapdoor, time bomb, virus, or worm to perform intentional harm or damage. The difference in the other three choices is that there is no trickery or coercion involved.