ITN 263 FINAL EXAM QUESTIONS
AND ANSWERS (GRADED A)
Which of the following characteristics relates to access control? - ANSWER-C. The
process or mechanism of granting or denying use of resources; typically applied to
users or generic network traffic
Which term describes an object, computer, program, piece of data, or other logical or
physical component you use in a business process to accomplish a business task? -
ANSWER-A. Asset
3. When conducting an audit, the auditor should be which of the following? -
ANSWER-D. An external person who is independent of the organization under audit
4. Which of the following describes authentication? - ANSWER-A. The process of
confirming the identity of a user
5. Which term describes when a system is usable for its intended purpose? -
ANSWER-D. Availability
6. Which of the following is the name given to unauthorized access to a system? -
ANSWER-B. Backdoor
7. Which of the following describes a blacklist? - ANSWER-B. A type of filtering in
which all activities or entities are permitted except those identified
8. Which term describes a network device that forwards traffic between networks
based on the MAC - ANSWER-C. Bridge
9. Which of the following describes caching? - ANSWER-B. Retention of Internet
content by a proxy server
10. Which of the following refers to a host on a network that supports user interaction
with the network? - ANSWER-D. Client
11. Which name is given to the security service of preventing access to resources by
unauthorized users while supporting access to authorized users? - ANSWER-A.
Confidentiality
12. Which of the following characteristics relates to a demilitarized zone (DMZ)? -
ANSWER-B. A type of perimeter network used to host resources designated as
accessible by the public from the Internet
13. Which of the following refers to a form of attack that attempts to compromise
availability? - ANSWER-C. Denial of service (DoS)
, 14. Which term is used to describe a network service that maintains a searchable
index or database of network hosts and shared resources? - ANSWER-A. Directory
Service
15. Which of the following refers to filtering traffic as it attempts to leave a network,
which can include monitoring for spoofed addresses, malformed packets,
unauthorized ports and protocols, and blocked destinations? - ANSWER-B. Egress
filtering
Which of the following is a malicious software program distributed by a hacker to
take control of a victim's computers? - ANSWER-D. Agent
Which term describes the calculation of the total loss potential across a year for a
given asset and a specific threat? - ANSWER-A. Annualized loss expectancy (ALE)
Which of the following refers to a form of encryption also known as point-to-point or
host-to-host encryption? - ANSWER-C. Transport mode encryption
Which name is given to a probability prediction based on statistics and historical
occurrences on the likelihood of how many times in the next year a threat is going to
cause harm? - ANSWER-C. Annualized rate of occurrence (ARO)
Which of the following describes an appliance firewall? - ANSWER-B. A hardened
hardware firewall
Which of the following characteristics describes the application layer? - ANSWER-B.
The top or seventh layer of the OSI model, which is responsible for enabling
communications with host software, including the operating system
Which of the following refers to a type of firewall that filters on a specific application's
content and session information? - ANSWER-C. Application firewall
Which term describes the cumulative value of an asset based on both tangible and
intangible values? - ANSWER-A. Asset value (AV)
Which malicious software program is distributed by hackers to take control of victims'
computers? - ANSWER-C. Bots
Which of the following is not a consideration when placing firewalls on the network? -
ANSWER-D. Where hackers are located
1. Which of the following characteristics relates to the term algorithm? - ANSWER-D.
A set of rules and procedures—usually mathematical in nature—that can define how
the encryption
2. Which of the following refers to encoding and decoding information using related
but different keys for each process? - ANSWER-B. Asymmetric cryptography
AND ANSWERS (GRADED A)
Which of the following characteristics relates to access control? - ANSWER-C. The
process or mechanism of granting or denying use of resources; typically applied to
users or generic network traffic
Which term describes an object, computer, program, piece of data, or other logical or
physical component you use in a business process to accomplish a business task? -
ANSWER-A. Asset
3. When conducting an audit, the auditor should be which of the following? -
ANSWER-D. An external person who is independent of the organization under audit
4. Which of the following describes authentication? - ANSWER-A. The process of
confirming the identity of a user
5. Which term describes when a system is usable for its intended purpose? -
ANSWER-D. Availability
6. Which of the following is the name given to unauthorized access to a system? -
ANSWER-B. Backdoor
7. Which of the following describes a blacklist? - ANSWER-B. A type of filtering in
which all activities or entities are permitted except those identified
8. Which term describes a network device that forwards traffic between networks
based on the MAC - ANSWER-C. Bridge
9. Which of the following describes caching? - ANSWER-B. Retention of Internet
content by a proxy server
10. Which of the following refers to a host on a network that supports user interaction
with the network? - ANSWER-D. Client
11. Which name is given to the security service of preventing access to resources by
unauthorized users while supporting access to authorized users? - ANSWER-A.
Confidentiality
12. Which of the following characteristics relates to a demilitarized zone (DMZ)? -
ANSWER-B. A type of perimeter network used to host resources designated as
accessible by the public from the Internet
13. Which of the following refers to a form of attack that attempts to compromise
availability? - ANSWER-C. Denial of service (DoS)
, 14. Which term is used to describe a network service that maintains a searchable
index or database of network hosts and shared resources? - ANSWER-A. Directory
Service
15. Which of the following refers to filtering traffic as it attempts to leave a network,
which can include monitoring for spoofed addresses, malformed packets,
unauthorized ports and protocols, and blocked destinations? - ANSWER-B. Egress
filtering
Which of the following is a malicious software program distributed by a hacker to
take control of a victim's computers? - ANSWER-D. Agent
Which term describes the calculation of the total loss potential across a year for a
given asset and a specific threat? - ANSWER-A. Annualized loss expectancy (ALE)
Which of the following refers to a form of encryption also known as point-to-point or
host-to-host encryption? - ANSWER-C. Transport mode encryption
Which name is given to a probability prediction based on statistics and historical
occurrences on the likelihood of how many times in the next year a threat is going to
cause harm? - ANSWER-C. Annualized rate of occurrence (ARO)
Which of the following describes an appliance firewall? - ANSWER-B. A hardened
hardware firewall
Which of the following characteristics describes the application layer? - ANSWER-B.
The top or seventh layer of the OSI model, which is responsible for enabling
communications with host software, including the operating system
Which of the following refers to a type of firewall that filters on a specific application's
content and session information? - ANSWER-C. Application firewall
Which term describes the cumulative value of an asset based on both tangible and
intangible values? - ANSWER-A. Asset value (AV)
Which malicious software program is distributed by hackers to take control of victims'
computers? - ANSWER-C. Bots
Which of the following is not a consideration when placing firewalls on the network? -
ANSWER-D. Where hackers are located
1. Which of the following characteristics relates to the term algorithm? - ANSWER-D.
A set of rules and procedures—usually mathematical in nature—that can define how
the encryption
2. Which of the following refers to encoding and decoding information using related
but different keys for each process? - ANSWER-B. Asymmetric cryptography
