CIST Final Exam Question Answers
Question 1
4 out of 4 points
A Trojan horse is a malicious program that tricks users into running it
—often through social engineering.
Selected Tru
Answer: e
Answers: Tru
e
False
Question 2
4 out of 4 points
A backdoor is a program that allows unauthorized access.
Selected Tru
Answer: e
Answers: Tru
e
False
Question 3
4 out of 4 points
A computer environment is also referred to as IT Infrastructure.
Selected Tru
Answer: e
Answers: Tru
e
False
Question 4
4 out of 4 points
A device (such as a fence, door, lock, or fire extinguisher) that limits
access or otherwise protects a resource is a:
Selected
Answer:
physical
control.
Answers: preventive
control.
detective
control.
, physical
control.
corrective
control.
Question 5
4 out of 4 points
A device or process (such as user authentication, antivirus software,
and firewalls) that limits access to a resource is referred to as a:
Selected
Answer: technical
control.
Answers: preventive
control.
physical
control.
detective
control.
technical
control.
Question 6
4 out of 4 points
A threat is any action that could lead to damage or loss.
Selected Tru
Answer: e
Answers: Tru
e
False
Question 7
4 out of 4 points
An attacker is any person or program that attempts to interact with a
computer information system in an unauthorized manner.
Selected Tru
Answer: e
Answers: Tru
e
False
Question 8
4 out of 4 points
Any action that could lead to damage or loss is referred to as a:
Selected
, Answers: vulnerabilit
y.
weakness.
risk.
threat.
Question 9
4 out of 4 points
Controls (such as locked doors, firewall rules, and user passwords)
that stop an action before it occurs are referred to as:
Selected
Answer: preventive
controls.
Answers: logical controls.
preventive
controls.
physical
controls.
detective
controls.
Question 10
4 out of 4 points
Hacktivists are hackers who are motivated by monetary gain and use
hacking skills to enhance their financial position.
Selected Fals
Answer: e
Answers: True
Fals
e
Question 11
4 out of 4 points
In the analysis step of the process for addressing attacks, all abnormal
activity or suspect activity is bad.
Selected Fals
Answer: e
Answers: True
Fals
e
Question 12
4 out of 4 points
, Integrity means the assurance that information can be accessed and
viewed only by authorized users.
Selected Fals
Answer: e
Answers: True
Fals
e
Question 13
4 out of 4 points
Malicious software is software that is designed to infiltrate a target
computer and make it do something the attacker has instructed it to
do.
Selected Tru
Answer: e
Answers: Tru
e
False
Question 14
4 out of 4 points
Microsoft recommends not using security patches on infected systems
after worm removal.
Selected Fals
Answer: e
Answers: True
Fals
e
Question 15
4 out of 4 points
Security controls are methods and mechanisms used to disseminate
information.
Selected Fals
Answer: e
Answers: True
Fals
e
Question 16
4 out of 4 points
Smoke detectors, log monitors, and system audits are examples of:
Selected
Answer:
detective
controls.
Answers: corrective
controls.
Question 1
4 out of 4 points
A Trojan horse is a malicious program that tricks users into running it
—often through social engineering.
Selected Tru
Answer: e
Answers: Tru
e
False
Question 2
4 out of 4 points
A backdoor is a program that allows unauthorized access.
Selected Tru
Answer: e
Answers: Tru
e
False
Question 3
4 out of 4 points
A computer environment is also referred to as IT Infrastructure.
Selected Tru
Answer: e
Answers: Tru
e
False
Question 4
4 out of 4 points
A device (such as a fence, door, lock, or fire extinguisher) that limits
access or otherwise protects a resource is a:
Selected
Answer:
physical
control.
Answers: preventive
control.
detective
control.
, physical
control.
corrective
control.
Question 5
4 out of 4 points
A device or process (such as user authentication, antivirus software,
and firewalls) that limits access to a resource is referred to as a:
Selected
Answer: technical
control.
Answers: preventive
control.
physical
control.
detective
control.
technical
control.
Question 6
4 out of 4 points
A threat is any action that could lead to damage or loss.
Selected Tru
Answer: e
Answers: Tru
e
False
Question 7
4 out of 4 points
An attacker is any person or program that attempts to interact with a
computer information system in an unauthorized manner.
Selected Tru
Answer: e
Answers: Tru
e
False
Question 8
4 out of 4 points
Any action that could lead to damage or loss is referred to as a:
Selected
, Answers: vulnerabilit
y.
weakness.
risk.
threat.
Question 9
4 out of 4 points
Controls (such as locked doors, firewall rules, and user passwords)
that stop an action before it occurs are referred to as:
Selected
Answer: preventive
controls.
Answers: logical controls.
preventive
controls.
physical
controls.
detective
controls.
Question 10
4 out of 4 points
Hacktivists are hackers who are motivated by monetary gain and use
hacking skills to enhance their financial position.
Selected Fals
Answer: e
Answers: True
Fals
e
Question 11
4 out of 4 points
In the analysis step of the process for addressing attacks, all abnormal
activity or suspect activity is bad.
Selected Fals
Answer: e
Answers: True
Fals
e
Question 12
4 out of 4 points
, Integrity means the assurance that information can be accessed and
viewed only by authorized users.
Selected Fals
Answer: e
Answers: True
Fals
e
Question 13
4 out of 4 points
Malicious software is software that is designed to infiltrate a target
computer and make it do something the attacker has instructed it to
do.
Selected Tru
Answer: e
Answers: Tru
e
False
Question 14
4 out of 4 points
Microsoft recommends not using security patches on infected systems
after worm removal.
Selected Fals
Answer: e
Answers: True
Fals
e
Question 15
4 out of 4 points
Security controls are methods and mechanisms used to disseminate
information.
Selected Fals
Answer: e
Answers: True
Fals
e
Question 16
4 out of 4 points
Smoke detectors, log monitors, and system audits are examples of:
Selected
Answer:
detective
controls.
Answers: corrective
controls.
