IT 341 FINAL GMU – PRACTICE QUESTIONS AND CORRECT ANSWERS (VERIFIED ANSWERS) PLUS RATIONALES 2026 Q&A | INSTANT
DOWNLOAD PDF.
*Core Domains*
*Network Security Fundamentals*
*Access Control Systems*
*Risk Management and Compliance*
*Encryption and Cryptography*
*Cloud and Virtualization Security*
*Identity and Access Management*
*Incident Response and Recovery*
*Legal and Ethical IT Standards*
*Introduction*
*This comprehensive practice assessment is designed to prepare students for the IT 341 final examination, focusing on the core
SECTION ONE: QUESTIONS 1–100
1. Which security principle ensures that information is accessible only to those authorized to have access?
A. Integrity
B. Availability
🟢 C. Confidentiality
D. Non-repudiation
🔴 RATIONALE: Confidentiality prevents the unauthorized disclosure of sensitive information, ensuring only legitimate users can view protected
data.
2. A network administrator is implementing a system that requires a password and a physical token to log in. What is this called?
A. Single Sign-On
🟢 B. Multi-factor Authentication
C. Mandatory Access Control
D. Biometric Verification
,🔴 RATIONALE: Multi-factor authentication (MFA) requires two or more independent credentials for identity verification, increasing security over
single-factor methods.
3. Which layer of the OSI model is primarily responsible for routing packets across different networks?
A. Data Link Layer
B. Transport Layer
🟢 C. Network Layer
D. Physical Layer
🔴 RATIONALE: The Network Layer (Layer 3) handles logical addressing and determines the best physical path for data to travel using routers.
4. In the context of Risk Management, what does the term "Residual Risk" refer to?
🟢 A. The risk remaining after security controls have been applied
B. The total risk before any safeguards are implemented
C. The likelihood of a specific threat occurring
D. The financial impact of a successful breach
🔴 RATIONALE: Residual risk is the level of threat that persists even after all planned mitigation strategies and controls are in place.
5. Which protocol is used to securely manage and configure network devices over an encrypted connection?
A. Telnet
B. FTP
🟢 C. SSH
D. HTTP
🔴 RATIONALE: Secure Shell (SSH) provides a secure, encrypted channel over an unsecure network for remote command-line login and execution.
6. An attacker floods a server with a high volume of SYN packets to exhaust its resources. What type of attack is this?
A. Man-in-the-Middle
🟢 B. Denial of Service
C. SQL Injection
D. Phishing
🔴 RATIONALE: A SYN flood is a form of Denial of Service (DoS) attack that aims to make a server unavailable to legitimate traffic by consuming
connection resources.
7. Which cryptographic algorithm uses the same key for both encryption and decryption?
, 🟢 A. AES
B. RSA
C. Diffie-Hellman
D. ECC
🔴 RATIONALE: Advanced Encryption Standard (AES) is a symmetric-key algorithm, meaning the sender and receiver share the same secret key.
8. Which regulatory framework specifically governs the protection of personal health information in the United States?
A. GDPR
B. SOX
🟢 C. HIPAA
D. PCI DSS
🔴 RATIONALE: The Health Insurance Portability and Accountability Act (HIPAA) establishes national standards for the security and privacy of
health data.
9. What is the primary purpose of a DMZ (Demilitarized Zone) in network architecture?
A. To store highly sensitive internal databases
🟢 B. To host public-facing services while isolating the internal network
C. To provide a high-speed backbone for internal traffic
D. To encrypt all traffic leaving the organization
🔴 RATIONALE: A DMZ acts as a subnetwork that exposes an organization's external-facing services to a larger, untrusted network, usually the
Internet.
10. Which type of malware records every stroke made on a keyboard to steal credentials?
A. Ransomware
B. Rootkit
🟢 C. Keylogger
D. Trojan Horse
🔴 RATIONALE: Keyloggers are designed to covertly record keyboard input, allowing attackers to capture passwords and other sensitive
information.
11. What does the "I" in the CIA Triad represent?
A. Identification
🟢 B. Integrity
C. Infrastructure
DOWNLOAD PDF.
*Core Domains*
*Network Security Fundamentals*
*Access Control Systems*
*Risk Management and Compliance*
*Encryption and Cryptography*
*Cloud and Virtualization Security*
*Identity and Access Management*
*Incident Response and Recovery*
*Legal and Ethical IT Standards*
*Introduction*
*This comprehensive practice assessment is designed to prepare students for the IT 341 final examination, focusing on the core
SECTION ONE: QUESTIONS 1–100
1. Which security principle ensures that information is accessible only to those authorized to have access?
A. Integrity
B. Availability
🟢 C. Confidentiality
D. Non-repudiation
🔴 RATIONALE: Confidentiality prevents the unauthorized disclosure of sensitive information, ensuring only legitimate users can view protected
data.
2. A network administrator is implementing a system that requires a password and a physical token to log in. What is this called?
A. Single Sign-On
🟢 B. Multi-factor Authentication
C. Mandatory Access Control
D. Biometric Verification
,🔴 RATIONALE: Multi-factor authentication (MFA) requires two or more independent credentials for identity verification, increasing security over
single-factor methods.
3. Which layer of the OSI model is primarily responsible for routing packets across different networks?
A. Data Link Layer
B. Transport Layer
🟢 C. Network Layer
D. Physical Layer
🔴 RATIONALE: The Network Layer (Layer 3) handles logical addressing and determines the best physical path for data to travel using routers.
4. In the context of Risk Management, what does the term "Residual Risk" refer to?
🟢 A. The risk remaining after security controls have been applied
B. The total risk before any safeguards are implemented
C. The likelihood of a specific threat occurring
D. The financial impact of a successful breach
🔴 RATIONALE: Residual risk is the level of threat that persists even after all planned mitigation strategies and controls are in place.
5. Which protocol is used to securely manage and configure network devices over an encrypted connection?
A. Telnet
B. FTP
🟢 C. SSH
D. HTTP
🔴 RATIONALE: Secure Shell (SSH) provides a secure, encrypted channel over an unsecure network for remote command-line login and execution.
6. An attacker floods a server with a high volume of SYN packets to exhaust its resources. What type of attack is this?
A. Man-in-the-Middle
🟢 B. Denial of Service
C. SQL Injection
D. Phishing
🔴 RATIONALE: A SYN flood is a form of Denial of Service (DoS) attack that aims to make a server unavailable to legitimate traffic by consuming
connection resources.
7. Which cryptographic algorithm uses the same key for both encryption and decryption?
, 🟢 A. AES
B. RSA
C. Diffie-Hellman
D. ECC
🔴 RATIONALE: Advanced Encryption Standard (AES) is a symmetric-key algorithm, meaning the sender and receiver share the same secret key.
8. Which regulatory framework specifically governs the protection of personal health information in the United States?
A. GDPR
B. SOX
🟢 C. HIPAA
D. PCI DSS
🔴 RATIONALE: The Health Insurance Portability and Accountability Act (HIPAA) establishes national standards for the security and privacy of
health data.
9. What is the primary purpose of a DMZ (Demilitarized Zone) in network architecture?
A. To store highly sensitive internal databases
🟢 B. To host public-facing services while isolating the internal network
C. To provide a high-speed backbone for internal traffic
D. To encrypt all traffic leaving the organization
🔴 RATIONALE: A DMZ acts as a subnetwork that exposes an organization's external-facing services to a larger, untrusted network, usually the
Internet.
10. Which type of malware records every stroke made on a keyboard to steal credentials?
A. Ransomware
B. Rootkit
🟢 C. Keylogger
D. Trojan Horse
🔴 RATIONALE: Keyloggers are designed to covertly record keyboard input, allowing attackers to capture passwords and other sensitive
information.
11. What does the "I" in the CIA Triad represent?
A. Identification
🟢 B. Integrity
C. Infrastructure
