Introduction to Information Assurance Pre-Test Questions
Course Introduction
Introduction to Information Assurance provides students with foundational knowledge of protecting information systems and data from threats and vulnerabilities. The course explores key principles such as confidentiality, integrity, and availability, examines common security risks, and reviews legal and ethical considerations in computing. Students will learn about security policies, risk management, cryptography basics, and methods for identifying and mitigating cyber threats, preparing them for more advanced studies in cybersecurity and information protection.
Recommended Textbook
Corporate Computer Security 4th Edition by
Randy J. Boyle
Available Study Resources on Quizplus
11 Chapters
1198 Verified Questions
1198 Flashcards
Source URL: https://quizplus.com/study-set/1400 Page 2
Chapter 1: The Threat Environment
Available Study Resources on Quizplus for this Chatper
103 Verified Questions
103 Flashcards
Source URL: https://quizplus.com/quiz/27878
Sample Questions
Q1) To obtain IP addresses through reconnaissance, an attacker can use ________.
A) IP address spoofing
B) a chain of attack computers
C) Both A and B
D) Neither A nor B
Answer: B
Q2) The terms "intellectual property" and "trade secret" are synonymous.
A)True
B)False
Answer: False
Q3) ________ attacks take advantage of flawed human judgment by convincing the victim to take actions that are counter to security policies. (Choose the best answer.)
A) Social engineering
B) Spam
C) E-mail attachment
D) Mobile code
Answer: A
To view all questions and flashcards with answers, click on the resource link above. Page 3
Chapter 2: Planning and Policy
Available Study Resources on Quizplus for this Chatper
124 Verified Questions
124 Flashcards
Source URL: https://quizplus.com/quiz/27880
Sample Questions
Q1) A company should consider list of possible remediation plans as an investment portfolio.
A)True
B)False
Answer: True
Q2) Companies should replace their legacy security technologies immediately.
A)True
B)False
Answer: False
Q3) What is missing from the definition of response as "recovery?"
A) The phrase "according to plan" must be added to "recovery."
B) The definition must refer to specific resources.
C) The phrase "Reasonable degree of" must begin the definition.
D) The phrase "and prosecution" must be added after "recovery."
Answer: A
Q4) Planning, protection, and response follow a fairly strict sequence from one stage to another.
A)True
B)False
Answer: False
Page 4
To view all questions and flashcards with answers, click on the resource link above.
Chapter 3: Cryptography
Available Study Resources on Quizplus for this Chatper
122 Verified Questions
122 Flashcards
Source URL: https://quizplus.com/quiz/27881
Sample Questions
Q1) ________ offers transparent protection.
A) SSL/TLS
B) IPsec
C) Both A and B
D) Neither A nor B
Answer: B
Q2) In a replay attack, the attacker cannot read the contents of the replayed message.
A)True
B)False
Answer: True
Q3) Someone who pretends to be someone else is ________.
A) a social engineer
B) a hacker
C) a cryptanalyst
D) an impostor
Answer: D
To view all questions and flashcards with answers, click on the resource link above.
Page 5
Chapter 4: Secure Networks
Available Study Resources on Quizplus for this Chatper
119 Verified Questions
119 Flashcards
Source URL: https://quizplus.com/quiz/27882
Sample Questions
Q1) ________ security uses the RC4 cipher in encryption for confidentiality and the Temporal Key Integrity Protocol for keying and rekeying.
A) 802.11i
B) WPA
C) WEP
D) None of the above
Q2) Ensuring network ________ means that authorized users have access to information, services, and network resources.
A) confidentiality
B) integrity
C) availability
D) authentication
Q3) To use an access point, you must know its SSID.
A)True
B)False
Q4) A direct attack occurs when an attacker tries to flood a victim with a stream of packets directly from the attacker's computer.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 6
Chapter 5: Access Control
Available Study Resources on Quizplus for this Chatper
124 Verified Questions
124 Flashcards
Source URL: https://quizplus.com/quiz/27883
Sample Questions
Q1) Which of the following are benefits of using identity management?
A) Reduced costs
B) Centralized auditing of all an employee's access permission across a firm
C) Both A and B
D) Neither A nor B
Q2) During enrollment, the scanner sends ________ to the authentication system.
A) scan data
B) key features
C) Both A and B
D) Neither A nor B
Q3) ________ is the process of assessing the identity of each individual claiming to have permission to use a resource.
A) Authorizations
B) Authentication
C) Both A and B
D) Neither A nor B
Q4) In federated identity management, firms do not query one another's identity management databases.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 7
Chapter 6: Firewalls
Available Study Resources on Quizplus for this Chatper
100 Verified Questions
100 Flashcards
Source URL: https://quizplus.com/quiz/27884
Sample Questions
Q1) If a firewall receives a suspicious packet, the firewall will ________.
A) log the packet
B) drop the packet
C) Both A and B
D) Neither A nor B
Q2) Firewall policies should govern ________.
A) configuration
B) testing
C) Both A and B
D) Neither A nor B
Q3) Stateful packet inspection firewalls are ________.
A) expensive
B) fairly safe in practice
C) Both A and B
D) Neither A nor B
Q4) Companies can nearly always stop DoS attacks without assistance from ISPs and other upstream agencies.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 8
Chapter 7: Host Hardening
Available Study Resources on Quizplus for this Chatper
100 Verified Questions
100 Flashcards
Source URL: https://quizplus.com/quiz/27885
Sample Questions
Q1) The cost of ________ LINUX is definitely far less than the cost of commercial operating systems such as Windows.
A) purchasing
B) using
C) Both A and B
D) Neither A nor B
Q2) It is very important for testers to get permission before running a password cracking program on their company's computers to check for weak passwords even if such testing is in their job definitions.
A)True
B)False
Q3) To get to the super user account in UNIX, the administrator should use the ________ command.
A) RunAs
B) su
C) rlogin
D) None of the above
To view all questions and flashcards with answers, click on the resource link above. Page 9
Chapter 8: Application Security
Available Study Resources on Quizplus for this Chatper
100 Verified Questions
100 Flashcards
Source URL: https://quizplus.com/quiz/27886
Sample Questions
Q1) Encryption is heavily used in commercial e-mail.
A)True
B)False
Q2) The Skype protocol is relatively easy for corporate firewalls to filter.
A)True
B)False
Q3) Spam over VoIP is called ________.
A) VAM
B) SOVI
C) SPIT
D) SPIP
Q4) ________ offers no security at all.
A) SNMP V1
B) SNMP V2
C) SNMP V3
D) All of the above offer security.
Q5) Skype can decrypt and read user traffic.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 10
Chapter 9: Data Protection
Available Study Resources on Quizplus for this Chatper
108 Verified Questions
108 Flashcards
Source URL: https://quizplus.com/quiz/27887
Sample Questions
Q1) The term sanitizing has lost its distinct meaning as special laboratory methods become ineffective.
A)True
B)False
Q2) After wiping/clearing, data is ________.
A) recoverable
B) reusable
C) Both A and B
D) Neither A nor B
Q3) Properly hardened hosts and securely coded applications can help protect data while it is transmitted.
A)True
B)False
Q4) Another name for RAID 0 is ________.
A) Mirroring
B) Distributed Parity
C) Striping
D) None of the above
To view all questions and flashcards with answers, click on the resource link above. Page 11
Chapter 10: Incident and Disaster Response
Available Study Resources on Quizplus for this Chatper
107 Verified Questions
107 Flashcards
Source URL: https://quizplus.com/quiz/27879
Sample Questions
Q1) Federal jurisdiction typically does not extend to computer crimes that are committed entirely within a state and that do not have a bearing on interstate commerce.
A)True
B)False
Q2) Communication between IDS ________ must be secure.
A) managers and agents
B) vendors and managers
C) Both A and B
D) Neither A nor B
Q3) What information should alarms give the security staff?
A) A way to test the alarm for accuracy
B) Advice about what the security administrator should do
C) Both A and B
D) Neither A nor B
Q4) Host operating system monitors look at ________.
A) multiple failed logins
B) creating new accounts
C) Both A and B
D) Neither A nor B
To view all questions and flashcards with answers, click on the resource link above. Page 12
Chapter 11: Module A: Networking Concepts
Available Study Resources on Quizplus for this Chatper
91 Verified Questions
91 Flashcards
Source URL: https://quizplus.com/quiz/27888
Sample Questions
Q1) A normal TCP close takes ________ segments.
A) 2
B) 3
C) 4
D) None of the above.
Q2) Client usually get ________.
A) static IP addresses
B) ephemeral IP addresses
C) dynamic IP addresses
D) None of the above.
Q3) The ________ standard is designed to prevent impostors from sending false supervisory messages to switches.
A) 802.1X
B) 802.1AE
C) Both A and B
D) Neither A nor B
Q4) In DNS cache poisoning, an attacker replaces the IP address of a host name with another IP address.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 13