Chapter 8 Securing Information Systems Question 1) The potential for unauthorized access is usually limited to the communications lines of a network. 2) Large public networks, such as the Internet, are less vulnerable than internal networks because they are virtually open to anyone. 3) Malicious software programs are referred to as badware and include a variety of threats, such as computer viruses, worms, and Trojan horses. 4) A computer bacteriais a rogue software program that attaches itself to other software programs or data files in order to be executed, usually without user knowledge or permission. 5) Web 2.0 applications, such as blogs, wikis, and social networking sites such as Facebook and MySpace, have are not conduits for malware or spyware. 6) A Trojan horseis a software program that appears threatening but is really benign. 7) Keyloggersrecord every keystroke made on a computer to steal serial numbers for software, to launch Internet attacks, to gain access to e-mail accounts, to obtain passwords to protected computer systems, or to pick up personal information such as credit card numbers. 8) A hackeris an individual who intends to gain unauthorized access to a computer system. 9) The term “cracker”is typically used to denote a hacker with criminal intent. 10) The term “cybervandalism” is the intentional disruption, defacement, or even destruction of a Web site or corporate information system. 11) Computer crimeis defined as “any criminal activity involving the copy of, use of, removal of, interference with, access to, manipulation of computer systems, and/or their related functions, data or programs.” 12) Identity theft is a crime in which an imposter obtains key pieces of personal information, such as social insurance numbers, driver’s licence numbers, or credit card numbers, to impersonate someone else. 13) Pharming redirects users to a bogus Web page, even when the individual types the correct Web page address into his or her browser. 14) One increasingly popular tactic is a form of spoofing called phishing.