CSE 4471 MIDTERM 1 Exam 2025 (Actual Exam) Questions with verified
Answers (Latest Update 2025) UPDATE!!
1. Needs of the busi- - protect organization's ability to function
ness - protect assets
- enable safe enterprise operation
- establish or maintain a market segment
- establish or improve profitability
2. 1. Compromised in- Damage caused by software lost to piracy (lost revenue, reputation damage)
tellectual property
Violating protections and end user licensing agreements (EULA)
3. 2. Quality of Service Includes both situations where products or services not delivered as expected
Deviations
Information system may depend on many interdependent internal support
systems
Internet service, communications, and power irregularities may dramatically
affect availability of information and systems
4. DoS (Denial of Ser- an attack which attempts to overload a target host so that it cannot respond to
vice) legitimate requests, thus effectively taking the provided service off-line.
5. DDoS (Distributed a DoS attack which coordinates multipleattackers to provide a greater attack
Denial of Service) volume
6. Smurf Attack An attack that broadcasts a ping request to computers yet changes the address
so that all responses are sent to the victim.
, CSE 4471 MIDTERM 1 Exam 2025 (Actual Exam) Questions with verified
Answers (Latest Update 2025) UPDATE!!
7. Reflection Email At- - Send thousands of emails to legitimate mail server
tack - uses illegitimate email
-source email is victim
8. Botnet Master sends commands to compromised zombie
æ
Zombies attack victim
æ
Victim only sees attacks from zombie
æ
9. 3. Espionage Business Intelligence (legal),
open source intelligence (osint),
industrial espionage (apple car)
state-sponsored espionage
10. tempest a side-channel attack that passively monitors acoustic, electrical or other emis-
sions to gain confidential information
11. insider Employee or contractor that enters a trusted relationship with an organization.
æTrust means that by entering a work relationship, the insiders agree to the
rules and obligations that come with the role
æThis relationship of trust does not, and should not, include alleged dishonest,
unethical or illegal activity.
æThe insider must obey laws and hold to ethical practices, despite the trusted
relationship.
, CSE 4471 MIDTERM 1 Exam 2025 (Actual Exam) Questions with verified
Answers (Latest Update 2025) UPDATE!!
12. Whistleblower An insider that reports wrongdoing (generally not for personal gain).
æIt is unlawful for an employer to retaliate against you for making a "protected
disclosure." A disclosure is protected only if it meets two criteria:
1 The disclosure based on a reasonable belief that wrongdoing has occurred.
2 The disclosure must also be made to a person or entity that is authorized to
receive it
(news media and sensitive data not included)
13. Open Source Intelli- Property / tax record (name, city, home address)
gence
Voting Registration (name, city, political party)
Genealogy Records (mother's maiden name)
Obituaries (siblings and children, time of funerals)
Criminal Records
Traffic Camera Information
14. Open source intel- Surfing habits
ligence commercial
info Purchases
Interests and relationships
Internet of Things (IoT)
15. 4. Forces of Nature Quality information systems organizations create disaster recovery and busi-
ness continuity plans in advance of disruptive events.
16. Employees ____ simultaneously represent an organization's most valuable resource...and
its greatest risk.
Answers (Latest Update 2025) UPDATE!!
1. Needs of the busi- - protect organization's ability to function
ness - protect assets
- enable safe enterprise operation
- establish or maintain a market segment
- establish or improve profitability
2. 1. Compromised in- Damage caused by software lost to piracy (lost revenue, reputation damage)
tellectual property
Violating protections and end user licensing agreements (EULA)
3. 2. Quality of Service Includes both situations where products or services not delivered as expected
Deviations
Information system may depend on many interdependent internal support
systems
Internet service, communications, and power irregularities may dramatically
affect availability of information and systems
4. DoS (Denial of Ser- an attack which attempts to overload a target host so that it cannot respond to
vice) legitimate requests, thus effectively taking the provided service off-line.
5. DDoS (Distributed a DoS attack which coordinates multipleattackers to provide a greater attack
Denial of Service) volume
6. Smurf Attack An attack that broadcasts a ping request to computers yet changes the address
so that all responses are sent to the victim.
, CSE 4471 MIDTERM 1 Exam 2025 (Actual Exam) Questions with verified
Answers (Latest Update 2025) UPDATE!!
7. Reflection Email At- - Send thousands of emails to legitimate mail server
tack - uses illegitimate email
-source email is victim
8. Botnet Master sends commands to compromised zombie
æ
Zombies attack victim
æ
Victim only sees attacks from zombie
æ
9. 3. Espionage Business Intelligence (legal),
open source intelligence (osint),
industrial espionage (apple car)
state-sponsored espionage
10. tempest a side-channel attack that passively monitors acoustic, electrical or other emis-
sions to gain confidential information
11. insider Employee or contractor that enters a trusted relationship with an organization.
æTrust means that by entering a work relationship, the insiders agree to the
rules and obligations that come with the role
æThis relationship of trust does not, and should not, include alleged dishonest,
unethical or illegal activity.
æThe insider must obey laws and hold to ethical practices, despite the trusted
relationship.
, CSE 4471 MIDTERM 1 Exam 2025 (Actual Exam) Questions with verified
Answers (Latest Update 2025) UPDATE!!
12. Whistleblower An insider that reports wrongdoing (generally not for personal gain).
æIt is unlawful for an employer to retaliate against you for making a "protected
disclosure." A disclosure is protected only if it meets two criteria:
1 The disclosure based on a reasonable belief that wrongdoing has occurred.
2 The disclosure must also be made to a person or entity that is authorized to
receive it
(news media and sensitive data not included)
13. Open Source Intelli- Property / tax record (name, city, home address)
gence
Voting Registration (name, city, political party)
Genealogy Records (mother's maiden name)
Obituaries (siblings and children, time of funerals)
Criminal Records
Traffic Camera Information
14. Open source intel- Surfing habits
ligence commercial
info Purchases
Interests and relationships
Internet of Things (IoT)
15. 4. Forces of Nature Quality information systems organizations create disaster recovery and busi-
ness continuity plans in advance of disruptive events.
16. Employees ____ simultaneously represent an organization's most valuable resource...and
its greatest risk.
