Information Security Question
Bank
Course Introduction
Information Security focuses on the principles and practices used to protect digital information from unauthorized access, disruption, modification, or destruction. This course covers essential topics such as cryptography, authentication, access control, security policies, network security, and risk management. Students will learn about common threats and vulnerabilities, methods for safeguarding data, and the legal and ethical considerations in information security. Emphasis is placed on real-world applications, including securing operating systems, databases, and networks, as well as responding to security incidents and developing strategies for maintaining information integrity and confidentiality.
Recommended Textbook
Security+ Guide to Network Security Fundamentals 4th Edition by Mark Ciampa
Available Study Resources on Quizplus
14 Chapters
588 Verified Questions
588 Flashcards
Source URL: https://quizplus.com/study-set/1054 Page 2
Chapter 1: Introduction to Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20875
Sample Questions
Q1) Business ____ theft involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire.
A) identity
B) data
C) plan
D) record
Answer: B
Q2) Why is the speed of attacks making the challenge of keeping computers secure more difficult?
Answer: With modern tools at their disposal, attackers can quickly scan systems to find weaknesses and launch attacks with unprecedented speed. Many tools can even initiate new attacks without any human participation, thus increasing the speed at which systems are attacked.
Q3) ____________________ provides tracking of events.
Answer: Accounting
Q4) Security ____________________ have both technical knowledge and managerial skills and analyze and design security solutions within a specific entity.
Answer: administrators
To view all questions and flashcards with answers, click on the resource link above. Page 3
Chapter 2: Malware and Social Engineering Attacks
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20876
Sample Questions
Q1) A ____ is a series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks.
A) rootkit
B) macro
C) program
D) process
Answer: B
Q2) The most popular attack toolkit, which has almost half of the attacker toolkit market is ____.
A) SpyEye
B) NeoSploit
C) ZeuS
D) MPack
Answer: D
Q3) Software keyloggers are programs that silently capture all keystrokes, including passwords and sensitive information.
A)True
B)False
Answer: True
To view all questions and flashcards with answers, click on the resource link above. Page 4
Chapter 3: Application and Network Attacks
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20877
Sample Questions
Q1) Although traditional network security devices can block traditional network attacks, they cannot always block Web application attacks.
A)True
B)False
Answer: True
Q2) Describe the differences between XML and HTML.
Answer: There are several significant differences between XML and HTML. First, XML is designed to carry data instead of indicating how to display it. Also, XML does not have a predefined set of tags; instead, the user defines their own tags.
Q3) ____ is for the transport and storage of data, with the focus on what the data is.
A) XML
B) HTML
C) SGML
D) SML
Answer: A
Q4) All Web traffic is based on the ____________________ protocol.
Answer: HTTP
To view all questions and flashcards with answers, click on the resource link above.
5
Chapter 4: Vulnerability Assessment and Mitigating Attacks
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20878
Sample Questions
Q1) A ____ is a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.
A) port scanner
B) write blocker
C) honeypot
D) honeycomb
Q2) Discuss the purpose of OVAL.
Q3) List and describe the three categories that TCP/IP divides port numbers into.
Q4) ____ is a comparison of the present state of a system compared to its baseline.
A) Baseline reporting
B) Compliance reporting
C) Baseline assessment
D) Compliance review
Q5) The ____ is the expected monetary loss every time a risk occurs.
A) SLE
B) ARO
C) ALE
D) SRE
Q6) List four things that a vulnerability scanner can do.
Page 6
To view all questions and flashcards with answers, click on the resource link above.
Chapter 5: Host, Application, and Data Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20879
Sample Questions
Q1) Using video cameras to transmit a signal to a specific and limited set of receivers is called ____.
A) CCTV
B) ICTV
C) IPTV
D) ITV
Q2) ____ is a system of security tools that is used to recognize and identify data that is critical to the organization and ensure that it is protected.
A) IDS
B) ADP
C) LLP
D) DLP
Q3) ____________________ security involves restricting access to the areas in which equipment is located.
Q4) ____________________ locks keep a record of when the door was opened and by which code.
Q5) Describe how a DLP can be configured.
Q6) Describe RFID tags.
Q7) Identify one of the capabilities of DLP agents.
To view all questions and flashcards with answers, click on the resource link above. Page 7
Chapter 6: Network Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20880
Sample Questions
Q1) In order to allow untrusted outside users access to resources such as Web servers, most networks employ a ____.
A) bastion
B) choke
C) DMZ
D) reduction point
Q2) List and describe two advantages of a proxy server.
Q3) Networks are usually segmented by using ____________________ to divide the network into a hierarchy.
Q4) Security is enhanced by subnetting a single network into multiple smaller subnets in order to isolate groups of hosts.
A)True
B)False
Q5) ____ is typically used on home routers that allow multiple users to share one IP address received from an Internet service provider (ISP).
A) PAT
B) NAT
C) PAN
D) PNAT
To view all questions and flashcards with answers, click on the resource link above. Page 8
Chapter 7: Administering a Secure Network
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20881
Sample Questions
Q1) A ____ can create entries in a log for all queries that are received.
A) network log
B) DHCP log
C) DNS log
D) proxy log
Q2) ____ can be used to determine whether new IP addresses are attempting to probe the network.
A) DNS logs
B) Firewall logs
C) DHCP logs
D) Proxy logs
Q3) TCP port ____ is the FTP control port used for passing FTP commands.
A) 19
B) 20
C) 21
D) 22
Q4) What are the two types of community strings?
Q5) The ____________________ Layer is omitted in the TCP/IP model.
Q6) With operating system virtualization, a(n) ____________________ system is the native operating system to the hardware.
Page 9
To view all questions and flashcards with answers, click on the resource link above.
Chapter 8: Wireless Network Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20882
Sample Questions
Q1) A group of piconets in which connections exist between different piconets is called a
A) broadnet
B) honeynet
C) boundnet
D) scatternet
Q2) When a wireless device looks for beacon frames it is known as ____________________.
Q3) The IEEE 802.15.1-2005 Wireless Personal Area Network standard was based on the ____ specifications.
A) Bluetooth v2.1
B) Bluetooth v1.2
C) Bluetooth v 1.0
D) Bluetooth v 1.1
Q4) A(n) ____ acts as the "base station" for the wireless network.
A) AP
B) endpoint
C) WMM
D) ad-hoc peer
Q5) Discuss how to prevent bluesnarfing.
To view all questions and flashcards with answers, click on the resource link above. Page 10
Chapter 9: Access Control Fundamentals
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20883
Sample Questions
Q1) A user or a process functioning on behalf of the user that attempts to access an object is known as the ____.
A) subject
B) reference monitor
C) entity
D) label
Q2) ____ is an authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server.
A) TACACS
B) RADIUS
C) Kerberos
D) FTP
Q3) In the DAC model, ____________________ can create and access their objects freely.
Q4) Entries in the DIB are arranged in a tree structure called the ____.
A) DAP
B) PEAP
C) EAP
D) DIT
To view all questions and flashcards with answers, click on the resource link above. Page 11
Chapter 10: Authentication and Account Management
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20884
Sample Questions
Q1) Due to the limitations of online guessing, most password attacks today use ____.
A) offline cracking
B) online cracking
C) hash replay
D) token replay
Q2) The ____ attack will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters such as @, $, !, or %.
A) brute force
B) hash replay
C) network replay
D) hybrid
Q3) ____ can use fingerprints or other unique characteristics of a person's face, hands, or eyes (irises and retinas) to authenticate a user.
A) Cognitive biometrics
B) Reactive biometrics
C) Standard biometrics
D) Affective biometrics
Q4) Identify two basic flows that operating systems can have.
To view all questions and flashcards with answers, click on the resource link above. Page 12
Chapter 11: Basic Cryptography
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20885
Sample Questions
Q1) Cryptography cannot be applied to entire disks.
A)True
B)False
Q2) The basis for a digital signature rests on the ability of ____ keys to work in both directions.
A) symmetric
B) shared
C) unique
D) asymmetric
Q3) The ____ is essentially a chip on the motherboard of the computer that provides cryptographic services.
A) TPM
B) SCM
C) reference monitor
D) ODS
Q4) The original cryptographic algorithms for encrypting and decrypting documents are ____________________ cryptographic algorithms.
Q5) DES is a(n) ____________________ cipher.
Q6) Describe the RIPEMD hash.
To view all questions and flashcards with answers, click on the resource link above. Page 13
Chapter 12: Advanced Cryptography
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20886
Sample Questions
Q1) Discuss the three areas of protection that are provided by IPsec.
Q2) ____ certificates enable clients connecting to the Web server to examine the identity of the server's owner.
A) Personal digital
B) Public digital
C) Private digital
D) Server digital
Q3) Key ____ removes all private and public keys along with the user's identification information in the CA.
A) renewal
B) escrow
C) generation
D) destruction
Q4) ____ can be used to ensure the integrity of a file by guaranteeing that no one has tampered with it.
A) Blocking
B) Hashing
C) Encrypting
D) Cloning
Q5) List the four stages of a certificate life cycle.
Page 14
To view all questions and flashcards with answers, click on the resource link above.
Chapter 13: Business Continuity
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20887
Sample Questions
Q1) ____ data is the most difficult type of data to capture.
A) Volatile
B) Static
C) Non-volatile
D) Persistent
Q2) ____ is a form of eavesdropping in which special equipment is used to pick up telecommunication signals or data within a computer device by monitoring the electromagnetic fields.
A) Newton phreaking
B) Van Eck phreaking
C) Van Zek hacking
D) EMF phreaking
Q3) A ____ is a service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service.
A) service level agreement
B) recovery point objective
C) recovery time objective
D) service point agreement
Q4) Discuss the purpose and importance of the chain of custody.
Page 15
To view all questions and flashcards with answers, click on the resource link above.
Chapter 14: Risk Mitigation
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20888
Sample Questions
Q1) Audits serve to verify that the security protections enacted by an organization are being followed and that corrective actions can be swiftly implemented before an attacker exploits a vulnerability.
A)True
B)False
Q2) A ____ is a collection of suggestions that should be implemented.
A) security policy
B) baseline
C) guideline
D) security procedure
Q3) A(n) ____________________ is a methodical examination and review that produces a detailed report of its findings.
Q4) ____ are a person's fundamental beliefs and principles used to define what is good, right, and just.
A) Morals
B) Values
C) Ethics
D) Standards
Q5) What are the typical classification designations of government documents?
To view all questions and flashcards with answers, click on the resource link above. Page 16