TEST BANK FOR CORPORATE COMPUTER
SECURITY 5TH EDITION BY RANDALL BOYLE
RAYMOND PANKO ALL CHAPTERS UPDATED 2026
,Corporate Computer Security — 5th Edition (Contents)
1. The Threat Environment
2. Planning and Policy
3. Cryptography
4. Secure Networks
5. Access Control
6. Firewalls
7. Host Hardening
8. Application Security
9. Data Protection
10.Incident and Disaster Response
,CHAPTER 1: THE THREAT ENVIRONMENT
Summary
This chapter explores the modern corporate threat environment, including threat
actors, attack vectors, vulnerabilities, and risk. It emphasizes how cyber threats
exploit technical, human, and organizational weaknesses. Understanding threat
sources, motivations, and impacts enables professionals to prioritize controls,
reduce risk, support security planning, and protect organizational assets, data,
operations, and continuity in complex and evolving digital environments.
1. Which statement best defines a threat in the context of computer security?
A. A confirmed security breach
B. Any potential danger that could exploit a vulnerability
C. A software flaw in a system
D. An intentional criminal act only
CORRECT ANSWER - B
Rationale: A threat is any potential source of harm that could exploit a
vulnerability, whether intentional or accidental, not just confirmed attacks
or crimes.
2. Which group is most likely motivated by financial gain?
A. Hacktivists
B. Script kiddies
C. Organized crime groups
D. Nation-state actors
CORRECT ANSWER - C
Rationale: Organized crime groups primarily target systems for financial
profit, whereas other actors are driven by ideology, curiosity, or political
objectives.
, 3. A hospital network experiences ransomware that encrypts patient records.
Which threat characteristic is most directly demonstrated?
A. Availability impact
B. Confidentiality breach only
C. Authentication failure
D. Physical security failure
CORRECT ANSWER - A
Rationale: Ransomware primarily affects availability by denying access
to data, even if confidentiality or integrity may also be threatened.
4. Which factor most increases an organization’s exposure to threats?
A. Strong encryption
B. Limited internet access
C. Unpatched systems
D. Multi-factor authentication
CORRECT ANSWER - C
Rationale: Unpatched systems contain known vulnerabilities that
attackers commonly exploit, significantly increasing exposure to threats.
5. An employee unknowingly clicks a malicious email link. This is an
example of which attack vector?
A. Physical intrusion
B. Social engineering
C. Denial-of-service
D. Network sniffing
CORRECT ANSWER - B
Rationale: Social engineering manipulates human behavior to gain
access, often bypassing technical controls through deception.
6. Which term describes a weakness that can be exploited by a threat?
A. Asset
SECURITY 5TH EDITION BY RANDALL BOYLE
RAYMOND PANKO ALL CHAPTERS UPDATED 2026
,Corporate Computer Security — 5th Edition (Contents)
1. The Threat Environment
2. Planning and Policy
3. Cryptography
4. Secure Networks
5. Access Control
6. Firewalls
7. Host Hardening
8. Application Security
9. Data Protection
10.Incident and Disaster Response
,CHAPTER 1: THE THREAT ENVIRONMENT
Summary
This chapter explores the modern corporate threat environment, including threat
actors, attack vectors, vulnerabilities, and risk. It emphasizes how cyber threats
exploit technical, human, and organizational weaknesses. Understanding threat
sources, motivations, and impacts enables professionals to prioritize controls,
reduce risk, support security planning, and protect organizational assets, data,
operations, and continuity in complex and evolving digital environments.
1. Which statement best defines a threat in the context of computer security?
A. A confirmed security breach
B. Any potential danger that could exploit a vulnerability
C. A software flaw in a system
D. An intentional criminal act only
CORRECT ANSWER - B
Rationale: A threat is any potential source of harm that could exploit a
vulnerability, whether intentional or accidental, not just confirmed attacks
or crimes.
2. Which group is most likely motivated by financial gain?
A. Hacktivists
B. Script kiddies
C. Organized crime groups
D. Nation-state actors
CORRECT ANSWER - C
Rationale: Organized crime groups primarily target systems for financial
profit, whereas other actors are driven by ideology, curiosity, or political
objectives.
, 3. A hospital network experiences ransomware that encrypts patient records.
Which threat characteristic is most directly demonstrated?
A. Availability impact
B. Confidentiality breach only
C. Authentication failure
D. Physical security failure
CORRECT ANSWER - A
Rationale: Ransomware primarily affects availability by denying access
to data, even if confidentiality or integrity may also be threatened.
4. Which factor most increases an organization’s exposure to threats?
A. Strong encryption
B. Limited internet access
C. Unpatched systems
D. Multi-factor authentication
CORRECT ANSWER - C
Rationale: Unpatched systems contain known vulnerabilities that
attackers commonly exploit, significantly increasing exposure to threats.
5. An employee unknowingly clicks a malicious email link. This is an
example of which attack vector?
A. Physical intrusion
B. Social engineering
C. Denial-of-service
D. Network sniffing
CORRECT ANSWER - B
Rationale: Social engineering manipulates human behavior to gain
access, often bypassing technical controls through deception.
6. Which term describes a weakness that can be exploited by a threat?
A. Asset
