Information Security
Exam Answer Key
Course Introduction
This course provides a comprehensive introduction to the principles and practices of information security. Students will explore key concepts such as confidentiality, integrity, and availability; risk assessment and management; and common threats and vulnerabilities affecting information systems. The curriculum covers technical topics including cryptography, network security, access controls, authentication mechanisms, and security policies. Emphasis is also placed on legal, ethical, and organizational aspects of protecting digital assets. Practical activities and case studies enable students to apply security practices in real-world scenarios, preparing them to identify, analyze, and mitigate cybersecurity risks effectively.
Recommended Textbook Guide to Firewalls and VPNs 3rd Edition by Michael
E. Whitman
Available Study Resources on Quizplus
10 Chapters
496 Verified Questions
496 Flashcards
Source URL: https://quizplus.com/study-set/2181 Page 2
Chapter 1: Introduction to Information Security
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/43454
Sample Questions
Q1) Attempting to determine a password that is not known to the attacker is often called
A) brute force
B) hacking
C) cracking
D) spamming
Answer: C
Q2) An organization will often create a network security ____________________, which defines the boundary between the outer limit of an organization's security and the beginning of the outside network.
Answer: perimeter
Q3) A(n) ____ is a category of object, person, or other entity that poses a potential risk of loss to an asset.
A) risk
B) exploit
C) threat
D) attack
Answer: C
Q4) The most common Intellectual Property breach is ____________________.
Answer: software piracy
To view all questions and flashcards with answers, click on the resource link above. Page 3
Chapter 2: Security Policies and Standards
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/43455
Sample Questions
Q1) ____ planning prepares an organization to reestablish critical business operations during a disaster that affects operations at the primary site.
A) Business continuity
B) Incident response
C) Attack
D) Crisis management
Answer: A
Q2) RFC 2196: Site Security Handbook is produced by ____.
A) the ISO
B) NIST
C) the Security Area Working Group
D) the Federal Agency Security Practices
Answer: C
Q3) A security ____________________ is an outline of the overall information security strategy and a roadmap for planned changes to the organization's information security environment.
Answer: framework
To view all questions and flashcards with answers, click on the resource link above.
Page 4
Chapter 3: Authenticating Users
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/43456
Sample Questions
Q1) To configure client authentication, you need to set up one of two types of authentication systems: ____ and ____.
A) standard sign-on and specific sign-on
B) standard sign-on and single-sign on
C) Kerberos and TACACS++
D) Kerberos and RADIUS
Answer: A
Q2) Principle by which employees are provided access to the minimal amount of information for the least duration of time necessary to perform their duties
A)authentication
B)least privilege
C)discretionary access controls
D)authorization
E)separation of duties
F)identification
G)need to know
H)nondiscretionary access controls
I)accountability
Answer: B
To view all questions and flashcards with answers, click on the resource link above. Page 5
Chapter 4: Introduction to Firewalls
Available Study Resources on Quizplus for this Chatper
49 Verified Questions
49 Flashcards
Source URL: https://quizplus.com/quiz/43457
Sample Questions
Q1) Network perimeters may be blurred by ____.
A) VPNs
B) intranets
C) Web sites
D) desktop computers
Q2) Machine that has no unnecessary services, only the bare essentials.
A)PAT and NAT
B)bastion host
C)application proxy
D)extranet
E)header
F)perimeter
G)data
H)port
I)packet filtering
Q3) A(n) ____________________ is an extended network that shares part of an organization's network with third parties.
Q4) What type of packet-filtering rules are typically defined?
Q5) What is a MAC layer firewall?
Q6) Describe stateless packet-filtering firewalls.
To view all questions and flashcards with answers, click on the resource link above. Page 6
Chapter 5: Packet Filtering
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/43458
Sample Questions
Q1) The ____ is a structure for organizing Internet names associated with IP addresses.
A) Domain Name System (DNS)
B) Transport Control Protocol (TCP)
C) Hypertext Transfer Protocol (HTTP)
D) Simple Mail Transfer Protocol (SMTP)
Q2) Telnet is most often assigned to use port ____.
A) 20
B) 21
C) 23
D) 80
Q3) The ____ flag tells a host to immediately terminate a connection.
A) RST
B) ACK
C) FIN
D) STP
Q4) Describe how a firewall can enable Web access.
Q5) How can a stateful packet filter determine whether a session is beginning or ending?
Q6) Explain the process of packet filtering by TCP or UDP port number.
To view all questions and flashcards with answers, click on the resource link above. Page 7
Chapter 6: Firewall Configuration and Administration
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/43459
Sample Questions
Q1) In 2003, GASSP was succeeded by ____.
A) GAAP
B) CISSP
C) GAISP
D) GASSPv2
Q2) The firewall administrator should test the firewall and evaluate its performance to ensure that the network traffic is moving efficiently.
A)True
B)False
Q3) The administrator should periodically review a firewall's ____________________ and analyze the traffic that passes through the firewall, paying particular attention to suspicious activity.
Q4) ____ of frequently accessed resources, such as Web page text and image files, can dramatically speed up the performance of your network because it reduces the load on your Web servers.
A) Hashing
B) Caching
C) Redundancy
D) Load balancing
To view all questions and flashcards with answers, click on the resource link above. Page 8
Chapter 7: Working With Proxy Servers and Application-Level Firewalls
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/43460
Sample Questions
Q1) Log files can point to ports, machines, or other vulnerable computers through which hackers can gain entry.These entry points are known as ____.
A) screens
B) logged areas
C) intrusions
D) holes
Q2) How do proxy server log files help protect the network?
Q3) In a typical transaction, a proxy server intercepts a request from a user on the internal network and passes it along to a destination computer on the Internet.What steps are involved in this process?
Q4) What is the most important benefit of a proxy server?
Q5) The only reason you should place a proxy server directly on the Internet is if the proxy is intended to serve as a transparent proxy.
A)True
B)False
Q6) Describe the pros and cons of blocking URLs with a proxy server.
Q7) What is SOCKS?
9
Q8) How do proxy servers differ from packet filters?
Q9) It is good practice to dedicate a proxy server to one ____________________.
To view all questions and flashcards with answers, click on the resource link above.
Page 10
Chapter 8: Implementing the Bastion Host
Available Study Resources on Quizplus for this Chatper
49 Verified Questions
49 Flashcards
Source URL: https://quizplus.com/quiz/43461
Sample Questions
Q1) A ____ is a level of performance that you consider acceptable and against which the system can be compared.
a.log file
b.system audit
c.quality assurance test
d.baseline
Q2) Speeds up the processing of executable instructions.
A)instruction cache
B)log files
C)translation lookaside buffer
D)data cache
E)Demilitarized Zone
F)bastion host
G)UNIX
H)processor speed
I)syslog daemon
Q3) Why is it a good idea to disable user accounts on the bastion host?
Q4) Discuss the pros and cons of having more than one bastion host.
Q5) What tools are available for Windows-based bastion hosts?
Q6) Describe the RAM needs of a bastion host.
To view all questions and flashcards with answers, click on the resource link above. Page 11
Chapter 9: Encryption - The Foundation for the Virtual
Private
Network
Available Study Resources on Quizplus for this Chatper
48 Verified Questions
48 Flashcards
Source URL: https://quizplus.com/quiz/43462
Sample Questions
Q1) The amount of effort (usually expressed in units of time) required to perform cryptanalysis on an encoded message.
A)cipher
B)keyspace
C)encipher
D)cryptosystem
E)ciphertext
F)work factor
G)decipher
H)algorithm
I)cryptovariable
Q2) MasterCard and VISA developed ____ in 1997.
A) Secure Hypertext Transfer Protocol (SHTTP)
B) Secure Shell (SSH)
C) Secure Sockets Layer (SSL)
D) Secure Electronic Transactions (SET)
Q3) Define encryption.
Q4) Describe some of the common protocols used to secure e-mail.
Page 12
Q5) Describe symmetric encryption.What is the weakness of this type of encryption?
Q6) What is a man-in-the-middle attack?
To view all questions and flashcards with answers, click on the resource link above. Page 13
Chapter 10: Setting up a Virtual Private Network
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/43463
Sample Questions
Q1) A VPN ____ is an alternative to using a general-purpose hardware device.
A) router
B) appliance
C) firewall
D) protocol
Q2) Services purchased from a service provider that give the user dedicated use of a predefined bandwidth or data rate.
A)encapsulation
B)tunnel
C)client-to-site
D)transport mode
E)gateway
F)private leased lines
G)tunnel mode
H)site-to-site
I)Point-to-Point Tunneling Protocol
Q3) A(n) ____________________ tunnel is a communications path that makes use of Internet-based hosts and servers to conduct data from one network station to another, just like any other TCP/IP data transmission.
To view all questions and flashcards with answers, click on the resource link above.
Page 14