ITSY 2341 EXAM 1 QUESTIONS AND ANSWERS
Which type of attack involves sending a large number of connection or information
requests to a target? - Answer -Denial-of-service (DoS)
A malware program that hides its true nature and reveals its designed behavior only
when activated is called a ____________. - Answer -Trojan horse
When solving problems, what is the first step? - Answer -Recognize and define the
problem.
A long-term interruption in electrical power availability is known as a ____________. -
Answer -blackout
What function will an audit log provide when it is configured to track user activity on an
information system? - Answer -Accountability
An act where people enter real or virtual premises or systems they have not been
authorized to enter is called ____________. - Answer -trespass
A feature left behind by system designers or maintenance staff or that is placed by a
hacker once they have compromised a system to allow quick access to a system at a
later time by bypassing access controls is a ____________? - Answer -back door
The C.I.A. triad for computer security includes which of these characteristics? - Answer
-Availability
Which of the following functions of information security management seeks to dictate
certain behavior within the organization through a set of organizational guidelines? -
Answer -Policy
A type of attack where the adversary intercepts network packets, modifies them, and
inserts them back into the network is called a ____________. - Answer -man-in-the-
middle
The protection of voice and data components, connections, and content is known as
____________ security. - Answer -Network
An intentional or unintentional act that can damage or otherwise compromise
information and the systems that support it is known as a(n) ___________ - Answer -
attack
"4-1-9" fraud is an example of a ____________ attack. - Answer -social engineering
,Which of the 12 categories of Threats best describes a situation where the adversary
removes data from a victims computer? - Answer -theft
Blackmail threat of informational disclosure is an example of which threat category? -
Answer -Information extortion
Communications security involves the protection of which of the following? - Answer -
media, technology, and content
Technology services are usually arranged with an agreement defining minimum service
levels known as a(n) - Answer -SLA
A ____________ is an attack in which a coordinated stream of requests is launched
against a target from many locations at the same time. - Answer -DDOS
Which of the following is NOT an approach to password cracking?
a) ransomware
b) brute force
c) dictionary attacks
d) social engineering attacks - Answer -a) ransomware
Which of the following is not among the deadly sins of software security?
a) Extortion sins
b) Implementation sins
c) Web application sins
d) Networking sins - Answer -a) Extortion sins
Any event or circumstance that has the potential to adversely affect operations and
assets is known as a(n) ____________. - Answer -threat
An attack that uses Phishing techniques along with specialized forms of malware to
encrypt the victim's data files is known as ___________. - Answer -ransomware
Which function of Infosec management encompasses security personnel as well as
aspects of the SETA program? - Answer -People
A short term interruption in electrical power availability is known as a _____________. -
Answer -Fault
"4-1-9" fraud is one form of a(n) ___________ fraud. - Answer -advance fee
Which of the following is compensation for a wrong committed by an individual or
organization? - Answer -Restitution
, Which of the following is an international effort to reduce the impact of copyright,
trademark, and privacy infringement, especially via the removal of technological
copyright protection measures? - Answer -DMCA
What are three general categories of unethical behavior that organizations and society
should seek to eliminate. - Answer -Ignorance, Accident, and Intent
Which of the following is the best method for preventing an illegal or unethical activity?
Examples include laws, policies, and technical controls. - Answer -Deterrence
Any court can impose its authority over an individual or organization if it can establish
which of the following - Answer -Jurisdiction
Which law extends protection to intellectual property, which includes words published in
electronic formats? - Answer -U.S. Copyright Law
A law that addresses privacy and security concerns associated with the electronic
transmission of Personal Healthcare Information is the ____________? - Answer -
Health Information Technology for Economic and Clinical Health Act
Which law is a collection of statutes that regulates the interception of wire, electronic,
and oral communications? - Answer -The Electronic Communications Privacy Act of
1986
Which of the following ethical frameworks is the study of the choices that have been
made by individuals in the past, attempting to answer the question, what do others think
is right? - Answer -Descriptive ethics
Which of the following is the study of the rightness or wrongness of intentions and
motives as opposed to the rightness or wrongness of the consequences and is also
known as duty- or obligation-based ethics? - Answer -Deontological ethics
In digital forensics, all investigations follow the same basic methodology once
permission to search and seize is received, beginning with _______________. -
Answer -Identifying relevant items of evidentiary value.
Which of the following is NOT an origin used to categorize types of law?
a) constitutional
b) regulatory
c) statutory
d) international - Answer -d) international
Sworn testimony that certain facts are in the possession of the investigating officer and
that they warrant the examination of the specific items located at a specific place is
known as a(n) _____________. - Answer -affidavit
Which type of attack involves sending a large number of connection or information
requests to a target? - Answer -Denial-of-service (DoS)
A malware program that hides its true nature and reveals its designed behavior only
when activated is called a ____________. - Answer -Trojan horse
When solving problems, what is the first step? - Answer -Recognize and define the
problem.
A long-term interruption in electrical power availability is known as a ____________. -
Answer -blackout
What function will an audit log provide when it is configured to track user activity on an
information system? - Answer -Accountability
An act where people enter real or virtual premises or systems they have not been
authorized to enter is called ____________. - Answer -trespass
A feature left behind by system designers or maintenance staff or that is placed by a
hacker once they have compromised a system to allow quick access to a system at a
later time by bypassing access controls is a ____________? - Answer -back door
The C.I.A. triad for computer security includes which of these characteristics? - Answer
-Availability
Which of the following functions of information security management seeks to dictate
certain behavior within the organization through a set of organizational guidelines? -
Answer -Policy
A type of attack where the adversary intercepts network packets, modifies them, and
inserts them back into the network is called a ____________. - Answer -man-in-the-
middle
The protection of voice and data components, connections, and content is known as
____________ security. - Answer -Network
An intentional or unintentional act that can damage or otherwise compromise
information and the systems that support it is known as a(n) ___________ - Answer -
attack
"4-1-9" fraud is an example of a ____________ attack. - Answer -social engineering
,Which of the 12 categories of Threats best describes a situation where the adversary
removes data from a victims computer? - Answer -theft
Blackmail threat of informational disclosure is an example of which threat category? -
Answer -Information extortion
Communications security involves the protection of which of the following? - Answer -
media, technology, and content
Technology services are usually arranged with an agreement defining minimum service
levels known as a(n) - Answer -SLA
A ____________ is an attack in which a coordinated stream of requests is launched
against a target from many locations at the same time. - Answer -DDOS
Which of the following is NOT an approach to password cracking?
a) ransomware
b) brute force
c) dictionary attacks
d) social engineering attacks - Answer -a) ransomware
Which of the following is not among the deadly sins of software security?
a) Extortion sins
b) Implementation sins
c) Web application sins
d) Networking sins - Answer -a) Extortion sins
Any event or circumstance that has the potential to adversely affect operations and
assets is known as a(n) ____________. - Answer -threat
An attack that uses Phishing techniques along with specialized forms of malware to
encrypt the victim's data files is known as ___________. - Answer -ransomware
Which function of Infosec management encompasses security personnel as well as
aspects of the SETA program? - Answer -People
A short term interruption in electrical power availability is known as a _____________. -
Answer -Fault
"4-1-9" fraud is one form of a(n) ___________ fraud. - Answer -advance fee
Which of the following is compensation for a wrong committed by an individual or
organization? - Answer -Restitution
, Which of the following is an international effort to reduce the impact of copyright,
trademark, and privacy infringement, especially via the removal of technological
copyright protection measures? - Answer -DMCA
What are three general categories of unethical behavior that organizations and society
should seek to eliminate. - Answer -Ignorance, Accident, and Intent
Which of the following is the best method for preventing an illegal or unethical activity?
Examples include laws, policies, and technical controls. - Answer -Deterrence
Any court can impose its authority over an individual or organization if it can establish
which of the following - Answer -Jurisdiction
Which law extends protection to intellectual property, which includes words published in
electronic formats? - Answer -U.S. Copyright Law
A law that addresses privacy and security concerns associated with the electronic
transmission of Personal Healthcare Information is the ____________? - Answer -
Health Information Technology for Economic and Clinical Health Act
Which law is a collection of statutes that regulates the interception of wire, electronic,
and oral communications? - Answer -The Electronic Communications Privacy Act of
1986
Which of the following ethical frameworks is the study of the choices that have been
made by individuals in the past, attempting to answer the question, what do others think
is right? - Answer -Descriptive ethics
Which of the following is the study of the rightness or wrongness of intentions and
motives as opposed to the rightness or wrongness of the consequences and is also
known as duty- or obligation-based ethics? - Answer -Deontological ethics
In digital forensics, all investigations follow the same basic methodology once
permission to search and seize is received, beginning with _______________. -
Answer -Identifying relevant items of evidentiary value.
Which of the following is NOT an origin used to categorize types of law?
a) constitutional
b) regulatory
c) statutory
d) international - Answer -d) international
Sworn testimony that certain facts are in the possession of the investigating officer and
that they warrant the examination of the specific items located at a specific place is
known as a(n) _____________. - Answer -affidavit
