CTI 120 Final Exam UPDATED ACTUAL
QUESTIONS AND CORRECT ANSWERS
Which of the following is not a sign of a "Phishing" email? - CORRECT
ANSWER Addresses you by name
Mass e-mails and phone calls sent with the intent to deceive you and to get money or
information are examples of ________________ - CORRECT ANSWER Phishing
A visitor comes into the office. They need to lookup something on the Internet. They ask if
they can use your computer. You should: - CORRECT ANSWER Do not allow them to
use your computer
The safest way to keep our phone protected from attacks with Bluetooth is to disable
Bluetooth when not in use. T/F - CORRECT ANSWER True
Before entering a username, password or credit card information on a web site you should
verify the following about the website: - CORRECT ANSWER Address bar shows
correct URL and HTTPS
As an employee you have a responsibility to protect PII data you come in contact with
according to company policy. T/F - CORRECT ANSWER True
When installing apps on mobile devices you do not need to review the permissions requested
by the app. T/F - CORRECT ANSWER False
Which of the following technologies could be used to help ensure the confidentiality of
proprietary manufacturing techniques for an auto parts manufacturing business? (Choose two
answers.) - CORRECT ANSWER Strong encryption
Strong authentication
, The consistency, accuracy, and validity of data or information is called __________. Hashing
is often used to ensure this. - CORRECT ANSWER Integrity
A Risk Manager for a medium-sized pharmaceutical company who is asked to perform a
formal risk analysis would most likely record the results of the risk assessment in a(n)
______________________ - CORRECT ANSWER Risk Register
What technology is not used to implement confidentiality? - CORRECT
ANSWER auditing
You are in the local coffee shop and need to connect to your work system. You are connected
through the coffee shop public unsecured Wi-Fi. You decide to use VPN when connecting to
your work system. This is an example of: - CORRECT ANSWER risk mitigation
Which of the following is necessary to highly secure a system? - CORRECT
ANSWER more money
All of the following are steps in threat modeling EXCEPT: - CORRECT
ANSWER Identify the strategy for growth
In the acronym STRIDE, the "S" stands for ______________________________ -
CORRECT ANSWER Spoofing
A server that is not in a data center could be secured with a security cabinet with a locking
door or a computer security cable. T/F - CORRECT ANSWER True
When determining the attack surface of an environment, it is frequently evaluated based on
these components (select three). - CORRECT ANSWER Application
Employee
Network
QUESTIONS AND CORRECT ANSWERS
Which of the following is not a sign of a "Phishing" email? - CORRECT
ANSWER Addresses you by name
Mass e-mails and phone calls sent with the intent to deceive you and to get money or
information are examples of ________________ - CORRECT ANSWER Phishing
A visitor comes into the office. They need to lookup something on the Internet. They ask if
they can use your computer. You should: - CORRECT ANSWER Do not allow them to
use your computer
The safest way to keep our phone protected from attacks with Bluetooth is to disable
Bluetooth when not in use. T/F - CORRECT ANSWER True
Before entering a username, password or credit card information on a web site you should
verify the following about the website: - CORRECT ANSWER Address bar shows
correct URL and HTTPS
As an employee you have a responsibility to protect PII data you come in contact with
according to company policy. T/F - CORRECT ANSWER True
When installing apps on mobile devices you do not need to review the permissions requested
by the app. T/F - CORRECT ANSWER False
Which of the following technologies could be used to help ensure the confidentiality of
proprietary manufacturing techniques for an auto parts manufacturing business? (Choose two
answers.) - CORRECT ANSWER Strong encryption
Strong authentication
, The consistency, accuracy, and validity of data or information is called __________. Hashing
is often used to ensure this. - CORRECT ANSWER Integrity
A Risk Manager for a medium-sized pharmaceutical company who is asked to perform a
formal risk analysis would most likely record the results of the risk assessment in a(n)
______________________ - CORRECT ANSWER Risk Register
What technology is not used to implement confidentiality? - CORRECT
ANSWER auditing
You are in the local coffee shop and need to connect to your work system. You are connected
through the coffee shop public unsecured Wi-Fi. You decide to use VPN when connecting to
your work system. This is an example of: - CORRECT ANSWER risk mitigation
Which of the following is necessary to highly secure a system? - CORRECT
ANSWER more money
All of the following are steps in threat modeling EXCEPT: - CORRECT
ANSWER Identify the strategy for growth
In the acronym STRIDE, the "S" stands for ______________________________ -
CORRECT ANSWER Spoofing
A server that is not in a data center could be secured with a security cabinet with a locking
door or a computer security cable. T/F - CORRECT ANSWER True
When determining the attack surface of an environment, it is frequently evaluated based on
these components (select three). - CORRECT ANSWER Application
Employee
Network
