ITEC 462 EXAMPREP 2026 COMPLETE
QUESTIONS AND ANSWERS GRADED A+
●● Many practitioners feel that a system, once compromised, can never
be restored to a trusted state. Answer: True
●● Once a compromised system is disconnected, it is safe from further
damage. Answer: False
●● The term unauthorized access is a synonym for hacking. Answer:
False
●● Automated IR systems to facilitate IR documentation are available
through a number of vendors. Answer: True
●● Known as ____, procedures for regaining control of systems and
restoring operations to normalcy are the heart of the IR plan and the
CSIRT's operations. Answer: IR reaction strategies
●● The CSIRT may not wish to "tip off" attackers that they have been
detected, especially if the organization is following a(n) ____ approach.
Answer: apprehend and prosecute
, ●● Clifford Stoll's book, ____, provides an excellent story about a real-
world incident that turned into an international tale of espionage and
intrigue. Answer: The Cuckoo's Egg
●● When a second attack, using the means and methods of the first
attack is undertaken while the first attack is still underway, this is
considered a(n) ____ recurrence. Answer: Concurrent
●● ____ is a tactic that deliberately permits an attack to continue while
the entire event is observed and additional evidence is collected.
Answer: Watchful waiting
●● A ____ attack is much more substantial than a DoS attack because of
the use of multiple systems to simultaneously attack a single target.
Answer: distributed denial-of-service
●● There are a number of professional IR agencies, such as ____, that
can provide additional resources to help prevent and detect DoS
incidents. Answer: US-CERT
●● ____ is a common indicator of a DoS attack. Answer: User reports of
system unavailability
●● A ____ is a small quantity of data kept by a Web site as a means of
recording that a system has visited that Web site. Answer: Cookie
QUESTIONS AND ANSWERS GRADED A+
●● Many practitioners feel that a system, once compromised, can never
be restored to a trusted state. Answer: True
●● Once a compromised system is disconnected, it is safe from further
damage. Answer: False
●● The term unauthorized access is a synonym for hacking. Answer:
False
●● Automated IR systems to facilitate IR documentation are available
through a number of vendors. Answer: True
●● Known as ____, procedures for regaining control of systems and
restoring operations to normalcy are the heart of the IR plan and the
CSIRT's operations. Answer: IR reaction strategies
●● The CSIRT may not wish to "tip off" attackers that they have been
detected, especially if the organization is following a(n) ____ approach.
Answer: apprehend and prosecute
, ●● Clifford Stoll's book, ____, provides an excellent story about a real-
world incident that turned into an international tale of espionage and
intrigue. Answer: The Cuckoo's Egg
●● When a second attack, using the means and methods of the first
attack is undertaken while the first attack is still underway, this is
considered a(n) ____ recurrence. Answer: Concurrent
●● ____ is a tactic that deliberately permits an attack to continue while
the entire event is observed and additional evidence is collected.
Answer: Watchful waiting
●● A ____ attack is much more substantial than a DoS attack because of
the use of multiple systems to simultaneously attack a single target.
Answer: distributed denial-of-service
●● There are a number of professional IR agencies, such as ____, that
can provide additional resources to help prevent and detect DoS
incidents. Answer: US-CERT
●● ____ is a common indicator of a DoS attack. Answer: User reports of
system unavailability
●● A ____ is a small quantity of data kept by a Web site as a means of
recording that a system has visited that Web site. Answer: Cookie
