12/2/24, 9:26 PM Quiz: Final Exam
Final Exam
Started: Dec 2 at 10:47am
Quiz Instructions
Final Exam.
The exam is worth 200 points total. 90 minute time limit.
For all multiple choice questions, choose the best answer. This exam contains 71 multiple choice
questions, most questions are worth 3 points, with some worth 2 points.
Exam Coverage: The exam covers the entire class, all the modules, chapters, videos, readings,
etc.
Question 1 2 pts
The CIA Triad, also known as the CIA Triangle, is a fundamental framework that outlines the three
key objectives of information security
What does the A stand for?
Accessibility
Authorization
Authentication
Auditing
Availability
Question 2 3 pts
You are examining a list of IP addresses. Some are internal, some are external, and some are not
valid. Which of the following is not a valid IP address?
245.200.11.1
131.156.5.2
295.253.254.01
,12/2/24, 9:26 PM Quiz: Final Exam
127.0.0.1
Question 3 3 pts
Understanding the various types of DoS attacks and their symptoms is crucial. Which type of attack is
indicated by the symptom of leaving a connection half-open?
Partial attack
SYN flood attack
Smurf attack
DDoS attack
Question 4 3 pts
Bob is attempting to explain what a virus is to Alice. What is the BEST answer that would explain to
Alice what a virus is?
A program that causes harm on your computer
A program that slows down networks
A program used in a DoS attack
A program that self-replicates
Question 5 3 pts
What is the most stealthy way to find out what type of server a website is running?
Use Speedtest.net
Use www.netcraft.com.
Use www.archive.org.
Use Cain & Abel.
,12/2/24, 9:26 PM Quiz: Final Exam
Use Nmap.
Question 6 3 pts
Which of the following is the best reason users should be prohibited from installing software in an
organization?
They may not install it correctly, which could cause security problems for the workstation.
If a user’s account does not have installation privileges, then it is likely that a Trojan horse will not be inadvertently
installed under their account.
They may install software that circumvents security.
Software installation is often complex and should be done by professionals.
Question 7 3 pts
What type of attack involves inserting malicious code into a web application's input fields to
manipulate the database and gain unauthorized access to data? It often will look like this below:
select column1, column2 from tablename
or:
select * from tablename;
Conditions:
select columns from tablename where condition;
Same answer for both blanks.
HTML
Python
CERT
DNS
, 12/2/24, 9:26 PM Quiz: Final Exam
SQL
Question 8 3 pts
The following tool is used for what type of attack?
HTTP Injection
Reflection DNS
Satellite Smasher
SQL
DoS
Question 9 3 pts
Bob is testing the security of Alice's network and wants to challenge her antivirus software with a virus
that completely rewrites its own code during each replication, ensuring that its signatures change
from one generation to the next while maintaining the same core functionality. What type of virus is
Bob attempting to use to test the system's detection capabilities?
Metamorphic
Final Exam
Started: Dec 2 at 10:47am
Quiz Instructions
Final Exam.
The exam is worth 200 points total. 90 minute time limit.
For all multiple choice questions, choose the best answer. This exam contains 71 multiple choice
questions, most questions are worth 3 points, with some worth 2 points.
Exam Coverage: The exam covers the entire class, all the modules, chapters, videos, readings,
etc.
Question 1 2 pts
The CIA Triad, also known as the CIA Triangle, is a fundamental framework that outlines the three
key objectives of information security
What does the A stand for?
Accessibility
Authorization
Authentication
Auditing
Availability
Question 2 3 pts
You are examining a list of IP addresses. Some are internal, some are external, and some are not
valid. Which of the following is not a valid IP address?
245.200.11.1
131.156.5.2
295.253.254.01
,12/2/24, 9:26 PM Quiz: Final Exam
127.0.0.1
Question 3 3 pts
Understanding the various types of DoS attacks and their symptoms is crucial. Which type of attack is
indicated by the symptom of leaving a connection half-open?
Partial attack
SYN flood attack
Smurf attack
DDoS attack
Question 4 3 pts
Bob is attempting to explain what a virus is to Alice. What is the BEST answer that would explain to
Alice what a virus is?
A program that causes harm on your computer
A program that slows down networks
A program used in a DoS attack
A program that self-replicates
Question 5 3 pts
What is the most stealthy way to find out what type of server a website is running?
Use Speedtest.net
Use www.netcraft.com.
Use www.archive.org.
Use Cain & Abel.
,12/2/24, 9:26 PM Quiz: Final Exam
Use Nmap.
Question 6 3 pts
Which of the following is the best reason users should be prohibited from installing software in an
organization?
They may not install it correctly, which could cause security problems for the workstation.
If a user’s account does not have installation privileges, then it is likely that a Trojan horse will not be inadvertently
installed under their account.
They may install software that circumvents security.
Software installation is often complex and should be done by professionals.
Question 7 3 pts
What type of attack involves inserting malicious code into a web application's input fields to
manipulate the database and gain unauthorized access to data? It often will look like this below:
select column1, column2 from tablename
or:
select * from tablename;
Conditions:
select columns from tablename where condition;
Same answer for both blanks.
HTML
Python
CERT
DNS
, 12/2/24, 9:26 PM Quiz: Final Exam
SQL
Question 8 3 pts
The following tool is used for what type of attack?
HTTP Injection
Reflection DNS
Satellite Smasher
SQL
DoS
Question 9 3 pts
Bob is testing the security of Alice's network and wants to challenge her antivirus software with a virus
that completely rewrites its own code during each replication, ensuring that its signatures change
from one generation to the next while maintaining the same core functionality. What type of virus is
Bob attempting to use to test the system's detection capabilities?
Metamorphic
