Questões de Concurso Público TCE-SC 2022 para Auditor Fiscal de Controle Externo - Ciência da Computação
Foram encontradas 100 questões
Julgue o item a seguir, a respeito da NBR ISO/IEC n.º 27001:2013.
Segundo a referida norma, um incidente de segurança da
informação é uma ocorrência identificada de um estado de
sistema, serviço ou rede, que indica uma possível falha no
sistema de gestão da informação.
Julgue o item seguinte, acerca de controle de acesso.
No controle de acesso, somente os usuários que tenham sido
especificamente autorizados podem usar e receber acesso às
redes e aos seus serviços.
Julgue o próximo item, que se refere a desenvolvimento e manutenção de sistemas.
Mudanças em sistemas dentro do ciclo de vida de
desenvolvimento devem ser controladas utilizando-se
procedimentos formais de controle de mudanças.
Julgue o item subsequente, a respeito de políticas para o uso de dispositivo móvel.
A ameaça em segurança dos dispositivos móveis da empresa
denominada ataques de engenharia social é caracterizada
pelo mau uso dos recursos de rede, dispositivo ou identidade,
como, por exemplo, ataques de negação de serviço.
Julgue o item a seguir, acerca de segurança para trabalho remoto.
A rede privada virtual, ou VPN (virtual private network), é
uma tecnologia de rede implementada para conectar um ou
mais computadores a uma rede privada pela Internet.
Com relação a segurança em recursos humanos, julgue o seguinte item.
Na NBR n.º 27001:2013, está previsto que as
responsabilidades pela segurança da informação
permaneçam válidas após um encerramento ou mudança da
contratação, devendo ser definidas, comunicadas aos
funcionários ou partes externas e cumpridas.
No que tange a gestão de riscos e continuidade do negócio, julgue o próximo item.
Segundo a NBR n.º 27005:2019, a abordagem da gestão de
riscos de segurança da informação define que se deve adotar
um método de fazer a gestão da segurança para todos os
processos existentes para facilitar o treinamento dos
colaboradores.
Julgue o próximo item, relativo ao que estabelecem as Leis n.º 13.303/2016 e n.º 10.520/2002.
A fase externa do pregão será iniciada desde que haja pelo
menos três propostas apresentadas, sendo consideradas
somente aquelas cujas ofertas não possuam valores
superiores a 10% em relação à oferta de valor mais baixo.
Julgue o próximo item, relativo ao que estabelecem as Leis n.º 13.303/2016 e n.º 10.520/2002.
Se a empresa XYZ for uma empresa pública cuja maioria do
capital votante seja de propriedade do Distrito Federal, será
admitida, nesse caso, a participação de entidades da
administração indireta dos estados no capital dessa empresa.
Com relação à gestão de contratação de soluções de TI e aos atos normativos do ME/SLTI Instrução Normativa n.º 1/2019, julgue o item a seguir.
Na fase de gestão de contratação de soluções de TI, o gestor
do contrato, com o apoio da equipe de planejamento da
contratação, acompanha e tem como objetivo garantir a
adequada prestação dos serviços durante todo o período de
execução do contrato.
Com relação à gestão de contratação de soluções de TI e aos atos normativos do ME/SLTI Instrução Normativa n.º 1/2019, julgue o item a seguir.
Na gestão e fiscalização do contrato de fornecimento da
solução de TI, devem-se estipular os critérios de aceitação
dos serviços prestados, abrangendo, entre outros aspectos, os
níveis mínimos de serviços com os valores adequados aos
elementos que compõem essa solução.
Com relação à gestão de contratação de soluções de TI e aos atos normativos do ME/SLTI Instrução Normativa n.º 1/2019, julgue o item a seguir.
A análise de riscos se inicia na fase de gestão do contrato, na
qual a equipe de fiscalização do contrato, sob coordenação
do gestor do contrato, realiza a análise dos principais riscos e
acompanha as ações de tratamento desses riscos.
Julgue o próximo item, relativo à Lei n.º 13.709/2018 (Lei Geral de Proteção de Dados atualizada).
Em caso de cumprimento de obrigação regulatória pelo
controlador, permite-se o tratamento de dados pessoais.
Julgue o próximo item, relativo à Lei n.º 13.709/2018 (Lei Geral de Proteção de Dados atualizada).
Competem ao controlador, e não a encarregado, as decisões
referentes ao tratamento de dados pessoais.
During a ransomware hack, attackers infiltrate a target’s computer system and encrypt its data. They then demand a payment before they will release the decryption key to free the system. This type of extortion has existed for decades, but in the 2010s it exploded in popularity, with online gangs holding local governments, infrastructure and even hospitals hostage. Ransomware is a collective problem—and solving it will require collaborative action from companies, the government and international partners.
As long as victims keep paying, hackers will keep profiting from this type of attack. But cybersecurity experts are divided on whether the government should prohibit the paying of ransoms. Such a ban would disincentivize hackers, but it would also place some organizations in a moral quandary. For, say, a hospital, unlocking the computer systems as quickly as possible could be a matter of life or death for patients, and the fastest option may be to pay up.
Collective action can help. If all organizations that fall victim to ransomware report their attacks, they will contribute to a trove of valuable data, which can be used to strike back against attackers. For example, certain ransomware gangs may use the exact same type of encryption in all their attacks. “White hat” hackers can and do study these trends, which allows them to retrieve and publish the decryption keys for specific types of ransomware. Many companies, however, remain reluctant to admit they have experienced a breach, wishing to avoid potential bad press. Overcoming that reluctance may require legislation, such as a bill introduced in the Senate last year that would require companies to report having paid a ransom within 24 hours of the transaction.
Internet:<www.scientificamerican.com>
Judge the following items according to the text above.
It can be inferred from the text that ransomware is a type of
malicious software designed to block access to a computer
system until a sum of money is paid.
During a ransomware hack, attackers infiltrate a target’s computer system and encrypt its data. They then demand a payment before they will release the decryption key to free the system. This type of extortion has existed for decades, but in the 2010s it exploded in popularity, with online gangs holding local governments, infrastructure and even hospitals hostage. Ransomware is a collective problem—and solving it will require collaborative action from companies, the government and international partners.
As long as victims keep paying, hackers will keep profiting from this type of attack. But cybersecurity experts are divided on whether the government should prohibit the paying of ransoms. Such a ban would disincentivize hackers, but it would also place some organizations in a moral quandary. For, say, a hospital, unlocking the computer systems as quickly as possible could be a matter of life or death for patients, and the fastest option may be to pay up.
Collective action can help. If all organizations that fall victim to ransomware report their attacks, they will contribute to a trove of valuable data, which can be used to strike back against attackers. For example, certain ransomware gangs may use the exact same type of encryption in all their attacks. “White hat” hackers can and do study these trends, which allows them to retrieve and publish the decryption keys for specific types of ransomware. Many companies, however, remain reluctant to admit they have experienced a breach, wishing to avoid potential bad press. Overcoming that reluctance may require legislation, such as a bill introduced in the Senate last year that would require companies to report having paid a ransom within 24 hours of the transaction.
Internet:<www.scientificamerican.com>
Judge the following items according to the text above.
The text says that, in order to avoid bad press, companies
should be required by law to report having paid ransom.
During a ransomware hack, attackers infiltrate a target’s computer system and encrypt its data. They then demand a payment before they will release the decryption key to free the system. This type of extortion has existed for decades, but in the 2010s it exploded in popularity, with online gangs holding local governments, infrastructure and even hospitals hostage. Ransomware is a collective problem—and solving it will require collaborative action from companies, the government and international partners.
As long as victims keep paying, hackers will keep profiting from this type of attack. But cybersecurity experts are divided on whether the government should prohibit the paying of ransoms. Such a ban would disincentivize hackers, but it would also place some organizations in a moral quandary. For, say, a hospital, unlocking the computer systems as quickly as possible could be a matter of life or death for patients, and the fastest option may be to pay up.
Collective action can help. If all organizations that fall victim to ransomware report their attacks, they will contribute to a trove of valuable data, which can be used to strike back against attackers. For example, certain ransomware gangs may use the exact same type of encryption in all their attacks. “White hat” hackers can and do study these trends, which allows them to retrieve and publish the decryption keys for specific types of ransomware. Many companies, however, remain reluctant to admit they have experienced a breach, wishing to avoid potential bad press. Overcoming that reluctance may require legislation, such as a bill introduced in the Senate last year that would require companies to report having paid a ransom within 24 hours of the transaction.
Internet:<www.scientificamerican.com>
Judge the following items according to the text above.
The author of the text claims that the solution to ransomware
is to stop paying ransoms.
During a ransomware hack, attackers infiltrate a target’s computer system and encrypt its data. They then demand a payment before they will release the decryption key to free the system. This type of extortion has existed for decades, but in the 2010s it exploded in popularity, with online gangs holding local governments, infrastructure and even hospitals hostage. Ransomware is a collective problem—and solving it will require collaborative action from companies, the government and international partners.
As long as victims keep paying, hackers will keep profiting from this type of attack. But cybersecurity experts are divided on whether the government should prohibit the paying of ransoms. Such a ban would disincentivize hackers, but it would also place some organizations in a moral quandary. For, say, a hospital, unlocking the computer systems as quickly as possible could be a matter of life or death for patients, and the fastest option may be to pay up.
Collective action can help. If all organizations that fall victim to ransomware report their attacks, they will contribute to a trove of valuable data, which can be used to strike back against attackers. For example, certain ransomware gangs may use the exact same type of encryption in all their attacks. “White hat” hackers can and do study these trends, which allows them to retrieve and publish the decryption keys for specific types of ransomware. Many companies, however, remain reluctant to admit they have experienced a breach, wishing to avoid potential bad press. Overcoming that reluctance may require legislation, such as a bill introduced in the Senate last year that would require companies to report having paid a ransom within 24 hours of the transaction.
Internet:<www.scientificamerican.com>
Judge the following items according to the text above.
It can be concluded from the text that the quickest option for
hospitals being under attack of ransomware would be to pay
more than the amount the attackers demand.
During a ransomware hack, attackers infiltrate a target’s computer system and encrypt its data. They then demand a payment before they will release the decryption key to free the system. This type of extortion has existed for decades, but in the 2010s it exploded in popularity, with online gangs holding local governments, infrastructure and even hospitals hostage. Ransomware is a collective problem—and solving it will require collaborative action from companies, the government and international partners.
As long as victims keep paying, hackers will keep profiting from this type of attack. But cybersecurity experts are divided on whether the government should prohibit the paying of ransoms. Such a ban would disincentivize hackers, but it would also place some organizations in a moral quandary. For, say, a hospital, unlocking the computer systems as quickly as possible could be a matter of life or death for patients, and the fastest option may be to pay up.
Collective action can help. If all organizations that fall victim to ransomware report their attacks, they will contribute to a trove of valuable data, which can be used to strike back against attackers. For example, certain ransomware gangs may use the exact same type of encryption in all their attacks. “White hat” hackers can and do study these trends, which allows them to retrieve and publish the decryption keys for specific types of ransomware. Many companies, however, remain reluctant to admit they have experienced a breach, wishing to avoid potential bad press. Overcoming that reluctance may require legislation, such as a bill introduced in the Senate last year that would require companies to report having paid a ransom within 24 hours of the transaction.
Internet:<www.scientificamerican.com>
In the second paragraph of the text,
the word “quandary” could be correctly replaced by
dilemma without any change in the meaning of the sentence.
During a ransomware hack, attackers infiltrate a target’s computer system and encrypt its data. They then demand a payment before they will release the decryption key to free the system. This type of extortion has existed for decades, but in the 2010s it exploded in popularity, with online gangs holding local governments, infrastructure and even hospitals hostage. Ransomware is a collective problem—and solving it will require collaborative action from companies, the government and international partners.
As long as victims keep paying, hackers will keep profiting from this type of attack. But cybersecurity experts are divided on whether the government should prohibit the paying of ransoms. Such a ban would disincentivize hackers, but it would also place some organizations in a moral quandary. For, say, a hospital, unlocking the computer systems as quickly as possible could be a matter of life or death for patients, and the fastest option may be to pay up.
Collective action can help. If all organizations that fall victim to ransomware report their attacks, they will contribute to a trove of valuable data, which can be used to strike back against attackers. For example, certain ransomware gangs may use the exact same type of encryption in all their attacks. “White hat” hackers can and do study these trends, which allows them to retrieve and publish the decryption keys for specific types of ransomware. Many companies, however, remain reluctant to admit they have experienced a breach, wishing to avoid potential bad press. Overcoming that reluctance may require legislation, such as a bill introduced in the Senate last year that would require companies to report having paid a ransom within 24 hours of the transaction.
Internet:<www.scientificamerican.com>
In the second paragraph of the text,
the word “disincentivize” could be correctly replaced by
deter without any change in the meaning of the sentence.