Infosec Final Study Guide Exam Questions and Answers | Latest Updated 2026 | Guaranteed Success

Infosec Final Study Guide Exam Questions and Answers | Latest Updated 2026 | Guaranteed Success A Smurf attack is when a computer sends a broadcast message to a bunch of computers in a network spoofing to be the victim computer. This results in the computers in the network all responding to the victim computer. This is an example of a _________ - answer-Distributed denial of service attack (DDoS) Information security is the protection of ________, ________, and _______ - answer-Confidentiality, Integrity, and Availability When a company claims they can provide 5-9s this is focused on which of the CIA triad? _______ - answer-Availability ALE = ____________ * ___________ - answer-Single Loss Expectancy (SLE) * Annualized Rate of Occurrence (ARO) Risk = ____________ * ___________ - answer-Likelihood * Impact ___________ has the ability to have an adverse impact on resources - answer-Threat ___________ is a weakness in security - answer-Vulnerability 3 States of data are ____________, _____________, and ____________ - answer-Storage, Processing, Transmission3 Countermeasures are __________, _____________, and ____________ - answer-Policy, Education, Technology 4 methods of managing risk are __________, _____________, _____________, and ____________ - answer-Accept, Avoid, Mitigate, Transfer A method of attempting every combination to figure out a password - answer-Brute force Using exposed username/password on other accounts - answer-Credential stuffing Allows you to request information from federal government, What is this in Ohio? - answer-FOIA (Freedom of Information Act), Sunshine Law _________: an adverse event which manifests as a real threat - answer-Incident _________: planning for unexpected adverse events - answer-Contingency _________: planning how the business will continue to operate during an incident - answer-BCP (business continuity plan) _________: reviewing and documenting the business process and their criticality - answer-BIA (business impact analysis) _________: how to recover data and systems during an event - answer-Disaster recovery plan You, as a user, notice a possible incident. You should: ____________ - answer-Report it You, working the helpdesk, notice a possible incident. You should: ____________ - answer-Report it _________: How long it takes to recover systems/data during an incident - answer-RTO (recovery time objective)_________: Time before an event where data can be recovered - answer-RPO (Recovery Point Objective) _________: The max amount of time that a business can tolerate being in a hybrid recovery state - answer-MTD (maximum tolerable downtime)