MISY 5325 MS EXCEL MIDTERM EXAM
STUDY GUIDE 2026 CERTIFICATION TEST
SCRIPT 2026 FULL QUESTIONS AND
SOLUTIONS GRADED A+
⩥ right, permission. Answer: A __________ grants the authority to
perform an action on a system. A __________ grants access to a
resource.
⩥ security plan. Answer: A business continuity plan (BCP) is an
example of a(n):
⩥ a packet analyzer. Answer: A hacker wants to launch an attack on an
organization. The hacker uses a tool to capture data sent over the
network in cleartext, hoping to gather information that will help make
the attack successful. What tool is the hacker using?
⩥ assessments. Answer: A threat is any activity that represents a possible
danger, which includes any circumstances or events with the potential to
cause an adverse impact on all of the following, except:
⩥ exploit. Answer: A(n) ____________ assessment attempts to identify
vulnerabilities that can be exploited.
,⩥ Social engineering. Answer: An access control such as a firewall or
intrusion prevention system cannot protect against which of the
following?
⩥ input validation. Answer: Another term for data range and
reasonableness checks is:
⩥ procedural controls.. Answer: Background checks, software testing,
and awareness training are all categories of:
⩥ Public key infrastructure (PKI). Answer: Bill is a security
professional. He is in a meeting with co-workers and describes a system
that will make web sessions more secure. He says when a user connects
to the web server and starts a secure session, the server sends a
certificate to the user. The certificate includes a public key. The user can
encrypt data with the public key and send it to the server. Because the
server holds the private key, it can decrypt the data. Because no other
entity has the private key, no one else can decrypt the data. What is Bill
describing?
⩥ Insurance. Answer: Bonding is a type of __________ that covers
against losses by theft, fraud, or dishonesty.
⩥ Vulnerability × Threat .. Answer: Complete the equation for the
relationship between risk, vulnerabilities, and threats: Risk equals:
, ⩥ Software Development. Answer: Functionality testing is primarily
used with:
⩥ Before writing an application or deploying a system. Answer: Ideally,
when should you perform threat modeling?
⩥ read sections of a database or a whole database without authorization..
Answer: In a SQL injection attack, an attacker can:
⩥ Tailgating. Answer: Piggybacking is also known as:
⩥ Weather Conditions; Natural Disasters. Answer: Primary
considerations for assessing threats based on historical data in your local
area are __________ and ___________.
⩥ share, transfer. Answer: Purchasing insurance is the primary way for
an organization to __________ or ___________ risk.
⩥ Preventative, detective, corrective. Answer: Some controls are
identified based on the function they perform. What are the broad classes
of controls based on function?
⩥ technical. Answer: System logs and audit trails are a type of ________
control.
STUDY GUIDE 2026 CERTIFICATION TEST
SCRIPT 2026 FULL QUESTIONS AND
SOLUTIONS GRADED A+
⩥ right, permission. Answer: A __________ grants the authority to
perform an action on a system. A __________ grants access to a
resource.
⩥ security plan. Answer: A business continuity plan (BCP) is an
example of a(n):
⩥ a packet analyzer. Answer: A hacker wants to launch an attack on an
organization. The hacker uses a tool to capture data sent over the
network in cleartext, hoping to gather information that will help make
the attack successful. What tool is the hacker using?
⩥ assessments. Answer: A threat is any activity that represents a possible
danger, which includes any circumstances or events with the potential to
cause an adverse impact on all of the following, except:
⩥ exploit. Answer: A(n) ____________ assessment attempts to identify
vulnerabilities that can be exploited.
,⩥ Social engineering. Answer: An access control such as a firewall or
intrusion prevention system cannot protect against which of the
following?
⩥ input validation. Answer: Another term for data range and
reasonableness checks is:
⩥ procedural controls.. Answer: Background checks, software testing,
and awareness training are all categories of:
⩥ Public key infrastructure (PKI). Answer: Bill is a security
professional. He is in a meeting with co-workers and describes a system
that will make web sessions more secure. He says when a user connects
to the web server and starts a secure session, the server sends a
certificate to the user. The certificate includes a public key. The user can
encrypt data with the public key and send it to the server. Because the
server holds the private key, it can decrypt the data. Because no other
entity has the private key, no one else can decrypt the data. What is Bill
describing?
⩥ Insurance. Answer: Bonding is a type of __________ that covers
against losses by theft, fraud, or dishonesty.
⩥ Vulnerability × Threat .. Answer: Complete the equation for the
relationship between risk, vulnerabilities, and threats: Risk equals:
, ⩥ Software Development. Answer: Functionality testing is primarily
used with:
⩥ Before writing an application or deploying a system. Answer: Ideally,
when should you perform threat modeling?
⩥ read sections of a database or a whole database without authorization..
Answer: In a SQL injection attack, an attacker can:
⩥ Tailgating. Answer: Piggybacking is also known as:
⩥ Weather Conditions; Natural Disasters. Answer: Primary
considerations for assessing threats based on historical data in your local
area are __________ and ___________.
⩥ share, transfer. Answer: Purchasing insurance is the primary way for
an organization to __________ or ___________ risk.
⩥ Preventative, detective, corrective. Answer: Some controls are
identified based on the function they perform. What are the broad classes
of controls based on function?
⩥ technical. Answer: System logs and audit trails are a type of ________
control.
