Course Introduction
Computer Security Exam Questions
Computer Security introduces the fundamental concepts and techniques used to protect information and systems from unauthorized access, attacks, and data breaches. The course explores essential topics such as cryptography, network security, authentication, access control, malware, vulnerabilities, and security policies. Students will learn how to identify security threats, implement defensive strategies, and assess risks in various computing environments. Practical assignments and real-world case studies reinforce best practices in securing computers, networks, and digital assets, preparing students for further study or careers in cybersecurity.
Recommended Textbook
Information Security and IT Risk Management 1st Edition by Manish Agrawal
Available Study Resources on Quizplus
14 Chapters
349 Verified Questions
349 Flashcards
Source URL: https://quizplus.com/study-set/3541
Page 2
Chapter 1: Introduction
Available Study Resources on Quizplus for this Chatper
25 Verified Questions
25 Flashcards
Source URL: https://quizplus.com/quiz/70324
Sample Questions
Q1) Albert Gonzalez and T J Maxx are well known in the information security literature for A) Intruding into a number of high profile computer installations
B) Stealing commercial information by exploiting weakness is wireless networks
C) Causing one of the most significant Internet outages ever
D) Falsification of financial records at publicly traded companies
Answer: B
Q2) Windows 95 is important to information security for
A) Intruding into a number of high profile computer installations
B) Stealing commercial information by exploiting weakness is wireless networks
C) Causing one of the most significant Internet outages ever
D) Popularizing computers among the masses
Answer: D
Q3) The biggest time-consuming activity for most Information security professionals is
A) Responding to information security incidents
B) Fixing software bugs
C) Researching new technologies
D) Helping customers
Answer: C
To view all questions and flashcards with answers, click on the resource link above.
3
Chapter 2: System Administration
Available Study Resources on Quizplus for this Chatper
25 Verified Questions
25 Flashcards
Source URL: https://quizplus.com/quiz/70325
Sample Questions
Q1) The system administrator is the person responsible for
A) Day-to-day operation of a technology system
B) Writing , enforcing , and reviewing security-operating procedures
C) Developing new technology systems
D) Upgrading existing technology systems
Answer: A
Q2) UNIX was developed by
A) Ken Thompson and Dennis Ritchie in 1969
B) Bill Gates and Paul Allen in 1977
C) Edgar F. Codd in 1970
D) Bob Metcalfe in 1973
Answer: A
Q3) A part of a system whose failure will stop the entire system from working is a
A) Single point of failure
B) Redundancy
C) Availability
D) Nagios
Answer: A
To view all questions and flashcards with answers, click on the resource link above. Page 4
Chapter 3: System Administration 2
Available Study Resources on Quizplus for this Chatper
25 Verified Questions
25 Flashcards
Source URL: https://quizplus.com/quiz/70326
Sample Questions
Q1) In the context of system administration, the shell is
A) Software that manages computer hardware and provides common services to user applications
B) Software which controls hardware devices, manages memory, and hides underlying physical hardware from user applications
C) A text based program that allows users to interact with the shell
D) The graphical interface for users to interact with applications
Answer: C
Q2) The parent folder of the current folder is represented in Linux by A) /
B) .
C) ..
D) $
Answer: C
Q3) To navigate to a specific folder, we can use the command
A) grep
B) ls
C) pwd
D) cd
Answer: D
To view all questions and flashcards with answers, click on the resource link above. Page 5
Chapter 4: Basic Information Security Model
Available Study Resources on Quizplus for this Chatper
25 Verified Questions
25 Flashcards
Source URL: https://quizplus.com/quiz/70327
Sample Questions
Q1) Zero-day exploits are
A) Software used to hide the existence of malicious software on computer systems
B) Exploits that compromise a previously unknown software vulnerability
C) Computers that perform malicious tasks at the direction of a remote controller
D) Manipulating people into performing desired actions
Q2) Physical controls
A) Use non-technical methods of preventing harm
B) Are the security measures built into the information system itself
C) Perform malicious tasks at the direction of a remote controller
D) Manipulate people into performing desired actions
Q3) Social engineering is
A) Software used to hide the existence of malicious software on computer systems
B) Exploits that compromise a previously unknown software vulnerability
C) Computers that perform malicious tasks at the direction of a remote controller
D) Manipulating people into performing desired actions
Q4) Vulnerabilities in IT systems can be eliminated through secure coding practices
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above.
Chapter 5: Asset Identification and Characterization
Available Study Resources on Quizplus for this Chatper
25 Verified Questions
25 Flashcards
Source URL: https://quizplus.com/quiz/70328
Sample Questions
Q1) Based on criticality, assets are classified as
A) Restricted, unrestricted
B) Essential, required, deferrable
C) Information, personnel, hardware
D) Hardware, software, legal
Q2) The stages in an IT asset life cycle include
A) Reduce, reuse, recycle
B) Plan, do, check, act
C) Plan, acquire, deploy, manage, retire
D) Concept, definition, launch, perform, close
Q3) In most organizations, the most important assets from the perspective of information security are
A) Hardware assets
B) Information assets
C) Software assets
D) Personnel assets
To view all questions and flashcards with answers, click on the resource link above.
Chapter 6: Threats and Vulnerabilities
Available Study Resources on Quizplus for this Chatper
25 Verified Questions
25 Flashcards
Source URL: https://quizplus.com/quiz/70329
Sample Questions
Q1) The 419 Nigerian scam is an example of an)
A) Partner
B) Activist group
C) Natural cause
D) Cybercrime
Q2) Internal auditors can be a threat agent by
A) Excessive adherence to compliance
B) Lack of attention to detail
C) Lack of training
D) Causing outages
Q3) Top management can be a threat agent by
A) Abusing privileges
B) Lack of understanding of security issues
C) Pulling rank
D) All of the above
Q4) External threat agents include
A) Partners and suppliers
B) Activist groups and competitors
C) Help desk and janitorial services
D) Auditors and hurricanes
To view all questions and flashcards with answers, click on the resource link above. Page 8
Chapter 7: Encryption Controls
Available Study Resources on Quizplus for this Chatper
24 Verified Questions
24 Flashcards
Source URL: https://quizplus.com/quiz/70330
Sample Questions
Q1) A certificate used in web applications contains the
A) Shared secret key prior to network transmission
B) The hash output of the data to be transmitted
C) Saved password of the end user for recovery
D) Public key of the server and information about the key provider
Q2) In the context of encryption, a key is
A) A well-defined sequence of steps used to describe cryptographic processes
B) An encryption method that uses no keys
C) A sequence of symbols that controls the operations of encipherment and decipherment
D) Text that is unintelligible to the reader
Q3) Claude Shannon developed the framework for secrecy known as
A) Confusion diffusion
B) 4P model
C) 4C model
D) Inversion of control
To view all questions and flashcards with answers, click on the resource link above.
Chapter 8: Identity and Access Management
Available Study Resources on Quizplus for this Chatper
25 Verified Questions
25 Flashcards
Source URL: https://quizplus.com/quiz/70331
Sample Questions
Q1) Federations are useful to
A) Authenticate users within an organization
B) Determine the authorizations of users to resources
C) Bridge authentication systems in separate organizations
D) Eliminate single points of failure in IT systems
Q2) OAuth allows users to
A) Grant access to resources on one site to another site
B) Authenticate centrally
C) Authenticate using a federation
D) Authenticate using kerberos
Q3) The stages in identity management are
A) Denial, anger, bargaining, acceptance
B) Plan, do, check, act
C) Plan, acquire, deploy, manage
D) Discovery, reconciliation and enrichment
Q4) Kerberos has been very useful in securing corporate desktop infrastructures
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above.
Chapter 9: Hardware and Software Controls
Available Study Resources on Quizplus for this Chatper
25 Verified Questions
25 Flashcards
Source URL: https://quizplus.com/quiz/70332
Sample Questions
Q1) A password policy is
A) A set of rules for using passwords
B) Acquiring passwords from storage, network transmission or user knowledge
C) Repeated attempts to authenticate using possible passwords
D) Generating character strings to match existing passwords
Q2) An IDS that compares observed events against defined activities for each protocol is a
A) Firewall
B) Signature-based IDS
C) Anomaly-based IDS
D) Protocol-state IDS
Q3) PINs are useful in high security systems
A)True
B)False
Q4) Methods used by endpoint security software for recognizing malware include
A) Reputations
B) Cracking
C) Certificates
D) Passwords
To view all questions and flashcards with answers, click on the resource link above. Page 11
Chapter 10: Shell Scripting
Available Study Resources on Quizplus for this Chatper
25 Verified Questions
25 Flashcards
Source URL: https://quizplus.com/quiz/70333
Sample Questions
Q1) In programming languages, loops are used to
A) Loop through the execution logic and understand the program
B) Collect all comments
C) Mark the beginning and end of the program
D) Repeat a set of commands
Q2) Shell scripts are
A) A list of shell commands in a text file
B) Scripts used as a shell, with no content until used
C) A type of compiled programs
D) Lists of drugs prescribed by a physician
Q3) The difference between break and continue while processing loop input is that
A) break exits the loop, but continue only exits the current iteration of the loop
B) break only exits the current iteration of the loop, but continue exits the loop
C) break and continue exit the loop
D) break and continue both exit only the current iteration of the loop
To view all questions and flashcards with answers, click on the resource link above.
Chapter 11: Incident Handling
Available Study Resources on Quizplus for this Chatper
25 Verified Questions
25 Flashcards
Source URL: https://quizplus.com/quiz/70334
Sample Questions
Q1) Preparation for incident response includes all of the following except
A) Creating an incident response policy
B) Creating an incident response team
C) Containing the harm from an incident
D) Creating a communication plan during incidents
Q2) The technical members of the IRT are chosen
A) By rotation from the different departments in the organization
B) From the senior-most members of the IT teams
C) Depending upon the threat action
D) From the fresh entrants in the IT teams
Q3) An incident is
A) A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices
B) The part of the incident response policy that specifies the targets of the policy
C) The act of following applicable laws, regulations, rules, industry codes and contractual obligations
D) Staff designated to respond to incidents
To view all questions and flashcards with answers, click on the resource link above.
13
Chapter 12: Incident Analysis
Available Study Resources on Quizplus for this Chatper
25 Verified Questions
25 Flashcards
Source URL: https://quizplus.com/quiz/70335
Sample Questions
Q1) Syslog.conf line mail.crit /tmp/messages is interpreted to mean
A) Send all log messages from the mail service to the /tmp/messages file
B) Send critical log messages from the mail service to the /tmp/messages file
C) Send all log messages from the mail service to the /tmp/messages file.
D) Send critical log messages from the mail service to the default log file location
Q2) Syslog facilities include all of the following except
A) auth
B) cron
C) kern
D) debug
Q3) Developers use logs to
A) Analyze security incidents
B) Ensure that the application is behaving as expected
C) Monitor disk space requirements of applications
D) Ensure optimum performance of the application
Q4) Cloud storage adds complexity to the work of security administrators
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above.
14
Chapter 13: Policies, Standards and Guidelines
Available Study Resources on Quizplus for this Chatper
25 Verified Questions
25 Flashcards
Source URL: https://quizplus.com/quiz/70336
Sample Questions
Q1) It is generally advised to consolidate all policy issues into one policy document
A)True
B)False
Q2) How the organization will deal with the situation covered by the policy is specified in the
A) Statement
B) Enforcement
C) Overview
D) Scope
Q3) A standard is
A) Procedures that tell units when it would be nice if things were operated a certain way, but it is not a requirement to do so
B) Guidelines to users and customers on what is appropriate and what is not appropriate to do with information technology resources
C) A document that records a high-level principle or course of action that has been decided on
D) A defined set of rules, accepted and adopted by several organizations
To view all questions and flashcards with answers, click on the resource link above. Page 15
Chapter 14: It Risk Analysis and Risk Management
Available Study Resources on Quizplus for this Chatper
25 Verified Questions
25 Flashcards
Source URL: https://quizplus.com/quiz/70337
Sample Questions
Q1) The motivation for the passage of the Sarbanes-Oxley act was
A) Failure of Internet technologies
B) Denial of culpability by senior executives for falsification of records
C) To prevent stock market crashes
D) To recover retiree savings
Q2) Internal controls over financial reporting involve all of the following except
A) A process
B) Supervision of the company's principal executives
C) Profit guidance
D) Maintenance of records
Q3) IT risk is
A) The risk associated with the use of IT in an organization
B) A quantified measure of the potential damage caused by a specified threat
C) IT resource or information that is to be protected
D) Weaknesses in an IT system that can lead to a compromise of an asset
Q4) A given threat is usually associated with one risk
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 16