1. Fill in the blank: A preference in favor of or against a person, group of people, or thing is called _____. It is an error in data analytics that can systematically skew results in a certain direction.
- data collection
- data interoperability
- data bias
- data anonymization
2. Which type of bias is the tendency to always construe ambiguous situations in a positive or negative way?
- Observer
- Confirmation
- Sampling
- Interpretation
3. Which of the following are qualities of unreliable data? Select all that apply.
- Biased
- Inaccurate
- Vetted
- Incomplete
4. Fill in the blank: Data _____ refers to well-founded standards of right and wrong that dictate how data is collected, shared, and used.
- ethics
- privacy
- credibility
- anonymization
5. Ownership is a key issue in data ethics. Who owns data?
- The organization that invests time and money collecting, processing, and analyzing the data
- The government that passes data-protection legislation
- The individual who originally generates the data
- The law enforcement agencies that enforce data protection laws
6. An employer accesses an employee’s credit report without their consent. This is not a violation of the employee’s privacy because they work at the company.
- True
- False
7. What is the process of protecting people’s private or sensitive data by eliminating identifying information?
- Data governance
- Data design
- Data ethics
- Data anonymization
8. A key aspect of open data is free access to people’s personal information.
- True
- False
9. A clinic surveys a group of male and female patients about their experience with physical therapy. The survey does not include people with disabilities. Is the survey data biased?
- Yes
- No
10. A university surveys its student-athletes about their experience in college sports. The survey only includes student-athletes with scholarships. What type of bias is this an example of?
- Interpretation bias
- Observer bias
- Confirmation bias
- Sampling bias
11. An individual who provides their data has the right to know and understand all of the data-processing activities and algorithms used on that data. This is called ownership.
- True
- False
12. The right to inspect, update, or correct your own data is part of which aspect of data ethics?
- Data openness
- Data ownership
- Data consent
- Data privacy
13. Interoperability is key to open data’s success. Which of the following is an example of interoperability?
- A website charges a fee to access a database
- An analyst removes all personally identifiable information from a database
- Different databases use common formats and terminology
- A company restricts the use of a database to its own employees
14. Which of the following situations are examples of bias? Select all that apply.
- A researcher who surveys a sample group that is representative of the population
- A scholar who only reads sources that support their argument
- A dancing competition judge who is a close friend of the dancer who wins the competition
- A daycare that won’t hire men for childcare positions
15. Which of the following “C’s” describe qualities of good data? Select all that apply.
- Comprehensive
- Cited
- Current
- Consequential
16. If a company uses your personal data as part of a financial transaction, you should be made aware of the nature and scale of the transaction. What concept of data ethics does this refer to?
- Privacy
- Currency
- Ownership
- Consent
17. Data anonymization applies to both text and images.
- True
- False
18. The government of a large city collects data on the quality of the city’s infrastructure. Any business, nonprofit organization, or person can access the government’s databases and re-use or redistribute the data. Is this an example of open data?
- Yes
- No
19. Which of the following are types of data bias often encountered in data analytics? Select all that apply.
- Observer bias
- Interpretation bias
- Educational bias
- Confirmation bias
20. In general, the usefulness of data decreases as time passes.
- True
- False
21. Ownership is a key issue in data ethics. Who owns data?
- The law enforcement agencies that enforce data protection laws
- The organization that invests time and money collecting, processing, and analyzing the data
- The individual who originally generates the data
- The government that passes data-protection legislation
22. Which of the following are commonly used methods for anonymizing data? Select all that apply.
- Masking
- Hashing
- Deleting
- Blanking
23. An individual who provides their data has the right to know and understand all of the data-processing activities and algorithms used on that data. This concept refers to which aspect of data ethics?
- Currency
- Consent
- Ownership
- Transaction transparency
24. In data ethics, consent gives an individual the right to know the answers to which of the following questions? Select all that apply.
- How long will my data be stored?
- Why am I being forced to share my data?
- How will my data be used?
- Why is my data being collected?
26. What kind of attack keeps trying different combinations of characters and letters until it gets password access to a system?
- An Injection attack
- A phishing attack
- A dictionary attack
- A brute force attack
27. An email message tells a user there is a problem with the user’s bank account. The email directs the user to a login page that steals the user’s information. What is this called?
- Phishing
- Tailgating
- Injection
- Denial of Service
28. Which of the following is an example of the CIA triad’s confidentiality principle in action?
- Preventing an unwanted download
- Making sure data hasn’t been tampered with
- Protecting online accounts with a password
- Preventing data loss
29. Which of the following is an example of a zero-day vulnerability?
- A user accidentally loads malware onto a computer that logs the user’s keypresses and uses them to get confidential information.
- After a user downloads and starts a piece of software, it starts showing ads and collecting data.
- A group of hackers finds a flaw in a new software product and takes advantage of it before the vendor or developer finds it.
- A user voluntarily downloads a piece of software hoping it will be useful, but instead it lets hackers access the user’s computer.
30. What kind of malware can block access to data and decrease the availability of security by holding the system hostage?
- Spyware
- A logic bomb
- Ransomware
- Adware
31. What is it called when a hacker gets into a system through a secret entryway to gain remote access to the computer?
- Ransomware
- A backdoor
- Adware
- A Trojan
32. Which of the following best helps you strengthen your password?
- Use passwords from a precompiled list
- Incorporate symbols, numbers, and capital letters
- Choose the name of a favorite movie as a password
- Use the name of a beloved pet as a password
33. An attacker leaves a flash drive loaded with malware on a table. Someone plugs the drive into their computer to see what’s on it and accidentally installs malware. What kind of attack is this?
- Baiting
- DDoS
- Phishing
- Tailgating
34. What’s the difference between a virus and a worm?
- Worms replicate through files, but viruses live on their own.
- Viruses do not replicate, but worms do.
- Worms replicate, but viruses do not.
- Viruses replicate through files, but worms live on their own.
35. An employee at a company plugs a router into the corporate network to make a simple wireless network. An attacker outside the building uses it to get access to the corporate network. What is the name of this type of attack?
- SYN flood attack
- A rogue AP (Access Point) attack
- A Denial-of-Service (DoS) attack
- A DNS cache poisoning attack
36. Which of the following can occur during a ping of death (POD) attack? Select all that apply.
- Phishing
- Baiting
- A buffer overflow
- Execution of malicious code
37. What is it called when a hacker takes down multiple services very quickly with the help of botnets?
- Distributed denial-of-service (DDoS)
- Cross-site Scripting (XSS)
- A SQL injection
- A password attack
38. If a hacker targets a vulnerable website by running commands that delete the website’s data in its database, what type of attack did the hacker perform?
- Cross-site Scripting (XSS)
- SQL injection
- A dictionary attack
- A Denial-of-Service (DoS) attack
39. Fill in the blank: Phishing, spoofing, and tailgating are examples of ________ attacks.
- Network
- Social engineering
- Malware
- Injection
40. In the terminology of information security, what is a vulnerability?
- The possibility of suffering a loss in the event of an attack
- A program that entices users to download it, then installs malware on their systems
- A piece of malware that records each keypress by the user and gathers confidential information
- A flaw in the code of an application that can be exploite
41. What is a tool that protects passwords by checking whether the input is coming from a machine or a human?
- A firewall
- A CAPTCHA
- A key logger
- Antimalware software
42. Which one of the following is a type of DoS attack?
- A brute force attack
- A rogue AP attack
- A SYN flood attack
- A DNS cache poisoning attack
