CYB 220 COMPREHENSIVE STUDY GUIDE
2026 FULL QUESTIONS AND SOLUTIONS
GRADED A+
◍ Privacy Act of 1974.
Answer: Which of the following was created by Congress to protect data
collected by the government?
◍ The misuse and abuse of information has a major impact on the lives of
individuals and their privacy..
Answer: Which of the following statements best captures the reason U.S.
compliance laws came about?
◍ Children's Internet Protection Act (CIPA).
Answer: Which of the following ensures that minors can't accidentally view
obscene or objectionable material from school or library computers?
◍ Baseline.
Answer: What type of standard states a minimum level of behavior or
actions that must be met to comply with a policy?
◍ BYOD Issues.
Answer: Instances of employees bringing their personal devices to work in
order to interface with the corporate network.
◍ Sniffing.
Answer: This allows individuals to capture data as it is transmitted over a
network. This technique is used by network professionals to diagnose
network issues, and by malicious users to capture unencrypted data, like
passwords and usernames (PC Magazine, 2018).
◍ Permanent numeric identification assigned by the network administrator to a
, node in a TCP/IP network.
Answer: Static IPA permanent numeric identification assigned by the
network administrator to a node in a TCP/IP network. These addresses are
used for shared resources such as web servers, PBXs, and webcams (PC
Magazine, 2018).
◍ Input.
Answer: The internet of things acts as a(n) __________ to large-scale data
analytics.
◍ Cost and impact.
Answer: When a framework is being implemented, the two main
considerations for implementation are
◍ Beyond a reasonable doubt.
Answer: Which of the following phrases best fits the highest burden of
proof?
◍ The central office implementation of a firewall has which of the following
common elements?- A firewall that hosts many hub locations- A firewall
separating multiple DMZs- A firewall that handles the majority of the
company's internet access- A firewall that takes the place of a decentralized
router.
Answer: A firewall that handles the majority of the company's internet
access
◍ True or False? After imaging a drive, you must always create a hash of the
original and the copy..
Answer: True
◍ 2000-2009.
Answer: During which decade were the least number of legal and policy
frameworks created?
◍ Fair Information Practice Principles.
Answer: The basis of privacy compliance policies and procedures governing
the use of personally identifiable information.
,◍ Users having an interface to interact with the system behind the scenes; the
user should not be worried about the nuts and bolts behind the scenes, only
the modes of access presented to them- Information Hiding- Virtualization-
Virtual Memory- Proxy Server- Open Design.
Answer: Information Hiding
◍ A computer system or router that breaks the connection between sender and
receiver- Information Hiding- Virtualization- Virtual Memory- Proxy
Server- Open Design.
Answer: Proxy Server
◍ Wireshark is categorized as a:- Firewall- Malware- Network configuration
tool- Protocol analyzer.
Answer: Protocol analyzer
◍ Driver's Privacy Protection Act.
Answer: Which of the following is not included the Electronic
Communications Privacy Act?
◍ Guidelines provide those who implement standards/baselines more detailed
information such as hints, tips, and processes to ensure compliance..
Answer: Which of the following statements captures the function of
guidelines presented in guidance documents for IT security?
◍ They are nominated by the president..
Answer: Which of the following is true about U.S. Supreme Court justices?
◍ Individual Participation.
Answer: A person's role in protecting fair information.
◍ Man-in-the-Middle (MITM) Attacks.
Answer: An unauthorized interception of network traffic. The packets are
viewed or modified by the perpetrator and sent on to the recipient, who is
unaware of the intrusion. This can be used to intercept an encrypted message
exchange and spoof the recipient into thinking the message is intact from a
legitimate sender. In such a case, the attackers replace the public key from
, the original sender with their own public key in order to decrypt the message
that will be sent back from the unsuspecting recipient (PC Magazine, 2018).
◍ Privacy.
Answer: Which term refers to an individual's right to control the use and
disclosure of his or her own personal data?
◍ Encryption.
Answer: The reversible transformation of data from the original (plaintext)
to a difficult-to-interpret format (ciphertext) as a mechanism for protecting
its confidentiality, integrity, and sometimes its authenticity.
◍ CISSP and CISM.
Answer: The two recommended certifications for CIOs and CISOs are
◍ What is the underlying premise of a honeypot?- All network traffic is
suspicious- A proxy server used for web browsing- A server used for email-
All network traffic is nonthreatening.
Answer: All network traffic is suspicious
◍ Policy.
Answer: A formal __________ is executive management's high-level
statement of information security direction and goals.
◍ Family Educational Rights and Privacy Act (FERPA).
Answer: Which of the following requires schools to protect students'
records?
◍ Common law.
Answer: Which term describes a body of law developed because of legal
tradition and court cases?
◍ HIPAA.
Answer: Which of the following forbids a new employer's health plan from
denying health coverage for some reasons and prohibits discrimination
against workers based on certain conditions such as pregnancy?
◍ Cybersecurity.
2026 FULL QUESTIONS AND SOLUTIONS
GRADED A+
◍ Privacy Act of 1974.
Answer: Which of the following was created by Congress to protect data
collected by the government?
◍ The misuse and abuse of information has a major impact on the lives of
individuals and their privacy..
Answer: Which of the following statements best captures the reason U.S.
compliance laws came about?
◍ Children's Internet Protection Act (CIPA).
Answer: Which of the following ensures that minors can't accidentally view
obscene or objectionable material from school or library computers?
◍ Baseline.
Answer: What type of standard states a minimum level of behavior or
actions that must be met to comply with a policy?
◍ BYOD Issues.
Answer: Instances of employees bringing their personal devices to work in
order to interface with the corporate network.
◍ Sniffing.
Answer: This allows individuals to capture data as it is transmitted over a
network. This technique is used by network professionals to diagnose
network issues, and by malicious users to capture unencrypted data, like
passwords and usernames (PC Magazine, 2018).
◍ Permanent numeric identification assigned by the network administrator to a
, node in a TCP/IP network.
Answer: Static IPA permanent numeric identification assigned by the
network administrator to a node in a TCP/IP network. These addresses are
used for shared resources such as web servers, PBXs, and webcams (PC
Magazine, 2018).
◍ Input.
Answer: The internet of things acts as a(n) __________ to large-scale data
analytics.
◍ Cost and impact.
Answer: When a framework is being implemented, the two main
considerations for implementation are
◍ Beyond a reasonable doubt.
Answer: Which of the following phrases best fits the highest burden of
proof?
◍ The central office implementation of a firewall has which of the following
common elements?- A firewall that hosts many hub locations- A firewall
separating multiple DMZs- A firewall that handles the majority of the
company's internet access- A firewall that takes the place of a decentralized
router.
Answer: A firewall that handles the majority of the company's internet
access
◍ True or False? After imaging a drive, you must always create a hash of the
original and the copy..
Answer: True
◍ 2000-2009.
Answer: During which decade were the least number of legal and policy
frameworks created?
◍ Fair Information Practice Principles.
Answer: The basis of privacy compliance policies and procedures governing
the use of personally identifiable information.
,◍ Users having an interface to interact with the system behind the scenes; the
user should not be worried about the nuts and bolts behind the scenes, only
the modes of access presented to them- Information Hiding- Virtualization-
Virtual Memory- Proxy Server- Open Design.
Answer: Information Hiding
◍ A computer system or router that breaks the connection between sender and
receiver- Information Hiding- Virtualization- Virtual Memory- Proxy
Server- Open Design.
Answer: Proxy Server
◍ Wireshark is categorized as a:- Firewall- Malware- Network configuration
tool- Protocol analyzer.
Answer: Protocol analyzer
◍ Driver's Privacy Protection Act.
Answer: Which of the following is not included the Electronic
Communications Privacy Act?
◍ Guidelines provide those who implement standards/baselines more detailed
information such as hints, tips, and processes to ensure compliance..
Answer: Which of the following statements captures the function of
guidelines presented in guidance documents for IT security?
◍ They are nominated by the president..
Answer: Which of the following is true about U.S. Supreme Court justices?
◍ Individual Participation.
Answer: A person's role in protecting fair information.
◍ Man-in-the-Middle (MITM) Attacks.
Answer: An unauthorized interception of network traffic. The packets are
viewed or modified by the perpetrator and sent on to the recipient, who is
unaware of the intrusion. This can be used to intercept an encrypted message
exchange and spoof the recipient into thinking the message is intact from a
legitimate sender. In such a case, the attackers replace the public key from
, the original sender with their own public key in order to decrypt the message
that will be sent back from the unsuspecting recipient (PC Magazine, 2018).
◍ Privacy.
Answer: Which term refers to an individual's right to control the use and
disclosure of his or her own personal data?
◍ Encryption.
Answer: The reversible transformation of data from the original (plaintext)
to a difficult-to-interpret format (ciphertext) as a mechanism for protecting
its confidentiality, integrity, and sometimes its authenticity.
◍ CISSP and CISM.
Answer: The two recommended certifications for CIOs and CISOs are
◍ What is the underlying premise of a honeypot?- All network traffic is
suspicious- A proxy server used for web browsing- A server used for email-
All network traffic is nonthreatening.
Answer: All network traffic is suspicious
◍ Policy.
Answer: A formal __________ is executive management's high-level
statement of information security direction and goals.
◍ Family Educational Rights and Privacy Act (FERPA).
Answer: Which of the following requires schools to protect students'
records?
◍ Common law.
Answer: Which term describes a body of law developed because of legal
tradition and court cases?
◍ HIPAA.
Answer: Which of the following forbids a new employer's health plan from
denying health coverage for some reasons and prohibits discrimination
against workers based on certain conditions such as pregnancy?
◍ Cybersecurity.
