JMU CIS 425 Exam 1 Guide 2026
Exam Questions and Correct
Answers | New Update
Chief Information Security Officer (CISO) - 🧠 ANSWER ✔✔This person
reports directly to the CIO. This person is responsible for assessing,
managing, and implementing security.
Security Manager - 🧠 ANSWER ✔✔reports to the CISO and supervises
technicians, administrators, and security staff
,Security Administrator - 🧠 ANSWER ✔✔Has both technical knowledge and
managerial skills. Manages daily operations of security technology, and
may analyze and design security solutions within a specific entity as well as
identifying users' needs
Security Technician - 🧠 ANSWER ✔✔The position of ____ is generally an
entry-level position for a person who has the necessary technical skills.
Silver Bullet - 🧠 ANSWER ✔✔An action that provides an immediate solution
to a problem by cutting through the complexity that surrounds it.
Lack of Vendor Support - 🧠 ANSWER ✔✔Some devices have no support
from the company that made the device, meaning no effort is made to fix
any found vulnerabilities.
End-of-Life Systems - 🧠 ANSWER ✔✔Systems are so old that vendors
have dropped all support for security updates, or else charge an exorbitant
fee to provide updates.
Race Condition - 🧠 ANSWER ✔✔Occurs when two concurrent threads of
execution access a shared resource simultaneously, resulting in
unintended consequences.
,Zero Day Attack - 🧠 ANSWER ✔✔An attacker finds a vulnerability and
initiates an attack to take advantage of the weakness before users or
security professionals are aware of the vulnerability. No days of warning
ahead of a new threat.
What is the relationship between security and convenience? - 🧠 ANSWER
✔✔Inverse; as security is increased, convenience is often decreased.
Goal of IS? - 🧠 ANSWER ✔✔To ensure that protective measures are
properly implemented to ward off attacks and prevent the total collapse of
the system when a successful attack does occur.
3 extensions that must be protected over information? - 🧠 ANSWER
✔✔Confidentiality, integrity, and availability
Threat Actor - 🧠 ANSWER ✔✔A person or element that has the power to
carry out a threat.
Risk - 🧠 ANSWER ✔✔A situation that involves exposure to some type of
danger.
Risk response techniques? - 🧠 ANSWER ✔✔Accept, transfer, avoid, and
mitigate
COPYRIGHT©NINJANERD 2025/2026. YEAR PUBLISHED 2026. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
3
, Stuxnet - 🧠 ANSWER ✔✔Best hack of the decade. Worm is discovered in
July 2010 which targeted industrial software and equipment.
Cyberterrorism - 🧠 ANSWER ✔✔A premeditated, politically motivated
attack against information, computer systems, computer programs, and
data that results in violence.
Script Kiddies - 🧠 ANSWER ✔✔Individuals who want to attack computers
yet they lack the knowledge of computers and networks needed to do so.
(They use open-source scripts)
Hactivists - 🧠 ANSWER ✔✔A group that is strongly motivated by ideology.
Nation State Actors - 🧠 ANSWER ✔✔State-sponsored attackers employed
by a government for launching computer attacks against foes.
Advanced Persistent Threat (APT) - 🧠 ANSWER ✔✔Attacks that use
innovative tools to attack and once a system becomes infected ___ silently
extracts data over a persistent period.
Brokers - 🧠 ANSWER ✔✔Sell their knowledge of a vulnerability to other
attackers or governments.
5 fundamental security principles... - 🧠 ANSWER ✔✔-Layering
Exam Questions and Correct
Answers | New Update
Chief Information Security Officer (CISO) - 🧠 ANSWER ✔✔This person
reports directly to the CIO. This person is responsible for assessing,
managing, and implementing security.
Security Manager - 🧠 ANSWER ✔✔reports to the CISO and supervises
technicians, administrators, and security staff
,Security Administrator - 🧠 ANSWER ✔✔Has both technical knowledge and
managerial skills. Manages daily operations of security technology, and
may analyze and design security solutions within a specific entity as well as
identifying users' needs
Security Technician - 🧠 ANSWER ✔✔The position of ____ is generally an
entry-level position for a person who has the necessary technical skills.
Silver Bullet - 🧠 ANSWER ✔✔An action that provides an immediate solution
to a problem by cutting through the complexity that surrounds it.
Lack of Vendor Support - 🧠 ANSWER ✔✔Some devices have no support
from the company that made the device, meaning no effort is made to fix
any found vulnerabilities.
End-of-Life Systems - 🧠 ANSWER ✔✔Systems are so old that vendors
have dropped all support for security updates, or else charge an exorbitant
fee to provide updates.
Race Condition - 🧠 ANSWER ✔✔Occurs when two concurrent threads of
execution access a shared resource simultaneously, resulting in
unintended consequences.
,Zero Day Attack - 🧠 ANSWER ✔✔An attacker finds a vulnerability and
initiates an attack to take advantage of the weakness before users or
security professionals are aware of the vulnerability. No days of warning
ahead of a new threat.
What is the relationship between security and convenience? - 🧠 ANSWER
✔✔Inverse; as security is increased, convenience is often decreased.
Goal of IS? - 🧠 ANSWER ✔✔To ensure that protective measures are
properly implemented to ward off attacks and prevent the total collapse of
the system when a successful attack does occur.
3 extensions that must be protected over information? - 🧠 ANSWER
✔✔Confidentiality, integrity, and availability
Threat Actor - 🧠 ANSWER ✔✔A person or element that has the power to
carry out a threat.
Risk - 🧠 ANSWER ✔✔A situation that involves exposure to some type of
danger.
Risk response techniques? - 🧠 ANSWER ✔✔Accept, transfer, avoid, and
mitigate
COPYRIGHT©NINJANERD 2025/2026. YEAR PUBLISHED 2026. COMPANY REGISTRATION NUMBER: 619652435. TERMS OF USE. PRIVACY
STATEMENT. ALL RIGHTS RESERVED
3
, Stuxnet - 🧠 ANSWER ✔✔Best hack of the decade. Worm is discovered in
July 2010 which targeted industrial software and equipment.
Cyberterrorism - 🧠 ANSWER ✔✔A premeditated, politically motivated
attack against information, computer systems, computer programs, and
data that results in violence.
Script Kiddies - 🧠 ANSWER ✔✔Individuals who want to attack computers
yet they lack the knowledge of computers and networks needed to do so.
(They use open-source scripts)
Hactivists - 🧠 ANSWER ✔✔A group that is strongly motivated by ideology.
Nation State Actors - 🧠 ANSWER ✔✔State-sponsored attackers employed
by a government for launching computer attacks against foes.
Advanced Persistent Threat (APT) - 🧠 ANSWER ✔✔Attacks that use
innovative tools to attack and once a system becomes infected ___ silently
extracts data over a persistent period.
Brokers - 🧠 ANSWER ✔✔Sell their knowledge of a vulnerability to other
attackers or governments.
5 fundamental security principles... - 🧠 ANSWER ✔✔-Layering
