Information Assurance Exam Practice Tests
Course Introduction
Information Assurance focuses on the principles and practices essential for protecting information assets and managing risks related to information systems. The course covers foundational concepts such as confidentiality, integrity, availability, authentication, and non-repudiation, along with risk assessment, security policies, incident response, and security management frameworks. Students will learn methods for identifying threats and vulnerabilities, implementing controls, and ensuring compliance with legal, ethical, and regulatory requirements, preparing them to develop and manage comprehensive information assurance strategies in a variety of organizational contexts.
Recommended Textbook
Corporate Computer Security 4th Edition by Randy
Available Study Resources on Quizplus
11 Chapters
1198 Verified Questions
1198 Flashcards
Source URL: https://quizplus.com/study-set/1400
Page 2
J. Boyle
Chapter 1: The Threat Environment
Available Study Resources on Quizplus for this Chatper
103 Verified Questions
103 Flashcards
Source URL: https://quizplus.com/quiz/27878
Sample Questions
Q1) A program that gives the attacker remote access control of your computer is specifically called a ________.
A) Trojan horse
B) spyware program
C) cookie
D) RAT
Answer: D
Q2) The three common core goals of security are ________.
A) confidentiality, integrity, and availability
B) confidentiality, information, and availability
C) confidentiality, integrity, and authentication
D) confidentiality, information, and authorization
Answer: A
Q3) Downloading pornography can lead to sexual harassment lawsuits.
A)True
B)False
Answer: True
To view all questions and flashcards with answers, click on the resource link above.
Page 3
Chapter 2: Planning and Policy
Available Study Resources on Quizplus for this Chatper
124 Verified Questions
124 Flashcards
Source URL: https://quizplus.com/quiz/27880
Sample Questions
Q1) ________ examines financial processes for efficiency, effectiveness, and adequate controls.
A) Internal auditing
B) Financial auditing
C) IT auditing
D) None of the above
Answer: B
Q2) Which of the following specifies how to do certification by external parties?
A) COSO
B) CobiT
C) ISO/IEC 27000
D) All of the above have certification by external parties.
Answer: C
Q3) This book focuses on ________.
A) offense
B) defense
C) offense and defense about equally
D) None of the above
Answer: B
To view all questions and flashcards with answers, click on the resource link above.
Page 4
Chapter 3: Cryptography
Available Study Resources on Quizplus for this Chatper
122 Verified Questions
122 Flashcards
Source URL: https://quizplus.com/quiz/27881
Sample Questions
Q1) A ________ is a random string of 40 to 4,000 bits (ones and zeros) used to encrypt messages.
A) key
B) cipher
C) plaintext
D) code
Answer: A
Q2) In public key encryption for authentication, the supplicant must prove that it knows ________, which nobody else should be able to know.
A) the supplicant's public key
B) the supplicant's private key
C) the true party's private key
D) the verifier's private key
Answer: C
Q3) Which of the following can be used as a keying method?
A) Public key encryption for confidentiality
B) MS-CHAP
C) Both A and B
D) None of the above
Answer: A
To view all questions and flashcards with answers, click on the resource link above. Page 5
Chapter 4: Secure Networks
Available Study Resources on Quizplus for this Chatper
119 Verified Questions
119 Flashcards
Source URL: https://quizplus.com/quiz/27882
Sample Questions
Q1) A ________ can be used to gather network information or user data.
A) RFMON
B) packet sniffer
C) whaling device
D) None of the above
Q2) WLAN DoS attacks are designed to affect the ________ of the network.
A) confidentiality
B) integrity
C) availability
D) authentication
Q3) Using a shared initial key is dangerous in ________.
A) WEP
B) WPA pre-shared key mode
C) Both A and B
D) Neither A nor B
Q4) Most DoS attacks are difficult to detect.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 6
Chapter 5: Access Control
Available Study Resources on Quizplus for this Chatper
124 Verified Questions
124 Flashcards
Source URL: https://quizplus.com/quiz/27883
Sample Questions
Q1) Compared to access control based on individual accounts, RBAC is ________.
A) less prone to error
B) more expensive
C) Both A and B
D) Neither A nor B
Q2) XML makes SAML platform-dependent.
A)True
B)False
Q3) On loading docks, outgoing shipments should be separated from incoming shipments ________.
A) to ensure the segregation of duties
B) to avoid confusion
C) to reduce the risk of theft
D) All of the above
Q4) In ________ the department has discretion over giving access to individuals, within policy standards set by higher authorities.
A) policy-based access control
B) mandatory access control
C) discretionary access control
D) delegated access control
Page 7
To view all questions and flashcards with answers, click on the resource link above.
Chapter 6: Firewalls
Available Study Resources on Quizplus for this Chatper
100 Verified Questions
100 Flashcards
Source URL: https://quizplus.com/quiz/27884
Sample Questions
Q1) A ________ attack is an attack that is made before attack signatures for the threat are defined.
A) zero-day
B) vulnerability based
C) stealth
D) anomaly based
Q2) In ________ filtering, the firewall examines packets entering the network from the outside.
A) ingress
B) egress
C) Both A and B
D) Neither A nor B
Q3) Which of the following is one of the two simple DEFAULT SPI firewall rules for packets that attempt to open connections?
A) Permit all attempts to open a connection from an internal host to an external host
B) Permit all attempts from external hosts to open a connection with an internal host
C) Both A and B
D) Neither A nor B
To view all questions and flashcards with answers, click on the resource link above.
8
Chapter 7: Host Hardening
Available Study Resources on Quizplus for this Chatper
100 Verified Questions
100 Flashcards
Source URL: https://quizplus.com/quiz/27885
Sample Questions
Q1) To get to the super user account in Windows, the administrator can use the ________ command.
A) RunAs
B) su
C) rlogin
D) None of the above
Q2) Different UNIX versions have different security methods.
A)True
B)False
Q3) Stealing the password file from a computer is safer than attempting to log in remotely.
A)True
B)False
Q4) Microsoft's server operating system is called ________.
A) UNIX
B) Windows Server
C) Both A and B
D) Neither A nor B
To view all questions and flashcards with answers, click on the resource link above.
Page 9
Chapter 8: Application Security
Available Study Resources on Quizplus for this Chatper
100 Verified Questions
100 Flashcards
Source URL: https://quizplus.com/quiz/27886
Sample Questions
Q1) Testers have permissions on the ________.
A) development server
B) testing server
C) production server
D) Both A and B
Q2) ________ offers no security at all.
A) SNMP V1
B) SNMP V2
C) SNMP V3
D) All of the above offer security.
Q3) Compared to full programming languages, scripts are ________ in what they can do.
A) more limited
B) less limited
C) about as limited (but easier to use)
D) not limited at all
Q4) The first task in security is to understand the environment to be protected.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 10
Chapter 9: Data Protection
Available Study Resources on Quizplus for this Chatper
108 Verified Questions
108 Flashcards
Source URL: https://quizplus.com/quiz/27887
Sample Questions
Q1) Data can be lost by ________.
A) mechanical failure
B) environmental casualties
C) malware
D) All of the above
Q2) With local backup processes, policies are easily enforced.
A)True
B)False
Q3) Typically, the shadow storage space is nearly unlimited.
A)True
B)False
Q4) Technology is the most effective method of avoiding problems during the legal discovery process.
A)True
B)False
Q5) Magnetic tape is ________.
A) expensive to use
B) very fast
C) Both A and B
D) Neither A nor B
To view all questions and flashcards with answers, click on the resource link above. Page 11
Chapter 10: Incident and Disaster Response
Available Study Resources on Quizplus for this Chatper
107 Verified Questions
107 Flashcards
Source URL: https://quizplus.com/quiz/27879
Sample Questions
Q1) The normal standard for deciding a case in ________ trials is a preponderance of the evidence.
A) civil
B) criminal
C) Both A and B
D) Neither A nor B
Q2) Which of the following is not one of the four security levels of incidents?
A) False alarms
B) Minor incidents
C) Virus epidemics
D) Disasters
Q3) Past judicial precedents constitute ________.
A) case law
B) statutes
C) criminal law
D) All of the above
Q4) If a defendant has already been prosecuted in a criminal trial, he or she cannot later be tried in a civil trial.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 12
Chapter 11: Module A: Networking Concepts
Available Study Resources on Quizplus for this Chatper
91 Verified Questions
91 Flashcards
Source URL: https://quizplus.com/quiz/27888
Sample Questions
Q1) TCP/IP's internet layer supervisory protocol is ________.
A) DNS
B) DHCP
C) ICMP
D) All of the above.
Q2) A ________ is likely to have the same address each time it goes on the Internet.
A) client
B) server
C) Both A and B
D) Neither A nor B
Q3) A Windows host sends a TCP segment with source port number 1200 and destination port number 25. The receiving host is a(n) ________.
A) client
B) TCP server
C) webserver
D) e-mail server
Q4) Spread spectrum transmission in wireless LANs provides security.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 13