Question 1

Someone who finds a flaw in a system and reports that flaw to the vendor of the system is a __________.&#10;A)White hat hacker&#10;B)Black hat hacker&#10;C)Gray hat hacker&#10;D)Red hat hacker

Accepted Answer

White hat hackers are ethical hackers who identify vulnerabilities in systems and report them to the owners for them to fix before they can be exploited maliciously.

Question 2

Confidentiality,integrity,and availability are three pillars of the CIA triangle.

Accepted Answer

The CIA triangle stands for Confidentiality, Integrity, and Availability, which are the three key principles that guide information security measures and policies.

Question 3

A black hat hacker is also called a ___________&#10;A)Thief&#10;B)Cracker&#10;C)Sneaker&#10;D)None of the above

Accepted Answer

A black hat hacker, known for malicious activities and unauthorized access to computer systems, is also referred to as a "Cracker." This term distinguishes their intent and actions from those of ethical hackers or "white hat" hackers.

Question 4

The technique for breaching a system's security by exploiting human nature rather than technology is war-driving.

Accepted Answer

War-driving involves searching for Wi-Fi wireless networks by a person in a moving vehicle, using a portable computer, smartphone, or personal digital assistant (PDA), which is a technology-focused method, not one that exploits human nature. The technique that exploits human nature rather than technology is known as "social engineering."

Question 5

Software that lays dormant until some specific condition is met is a Trojan horse.

Accepted Answer

Software that lays dormant until a specific condition is met is typically referred to as a logic bomb, not a Trojan horse. A Trojan horse is malicious software that misleads users of its true intent.

Question 6

Someone who gains access to a system and causes harm is a __________?&#10;A)White hat hacker&#10;B)Black hat hacker&#10;C)Grey hat hacker&#10;D)Red hat hacker

Accepted Answer

Black hat hackers are individuals who gain unauthorized access to computer systems for personal gain or to cause harm, distinguishing them from white hat hackers who seek to improve security.

Question 7

The Domain Name Service is what translates human-readable domain names into IP addresses that computers and routers understand.

Accepted Answer

The Domain Name Service (DNS) is responsible for translating human-readable domain names (like www.example.com) into the numerical IP addresses that computers and networking equipment use to communicate with each other.

Question 8

The Health Insurance Portability and Accountability Act of 1996 requires government agencies to identify sensitive systems,conduct computer security training,and develop computer security plans.

Accepted Answer

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) primarily focuses on the protection of health information, not on identifying sensitive systems, conducting computer security training, or developing computer security plans for government agencies.

Question 9

In which type of hacking does the user block access from legitimate users without actually accessing the attacked system?&#10;A)Denial of service&#10;B)Web attack&#10;C)Session hijacking&#10;D)None of the above

Accepted Answer

Denial of Service (DoS) attacks aim to make a system or network resource unavailable to its intended users by overwhelming it with a flood of useless traffic or sending it information that triggers a crash. Unlike other hacking methods, DoS attacks do not involve unauthorized access to the targeted system's data.

Question 10

Someone who calls himself a hacker but lacks the expertise is a ________.&#10;A)Script kiddy&#10;B)Sneaker&#10;C)White hat hacker&#10;D)Black hat hacker

Accepted Answer

A script kiddy is someone who uses existing computer scripts or codes to hack into computers, lacking the expertise to write their own.

Question 11

Your company is instituting a new security awareness program.You are responsible for educating end users on a variety of threats,including social engineering.Which of the following best defines social engineering?

A)Illegal copying of software
B)Gathering information from discarded manuals and printouts
C)Using people skills to obtain proprietary information
D)Destruction or alteration of data

Accepted Answer

The answer of Your company is instituting a new security...

Question 12

Someone who breaks into a system legally to assess security deficiencies is a sneaker.

Accepted Answer

The answer of Someone who breaks into a system legally...

Question 13

Someone who legally breaks into a system to assess security deficiencies is a ________.&#10;A)Script kiddy&#10;B)Penetration tester&#10;C)White hat hacker&#10;D)Black hat hacker

Accepted Answer

The answer of Someone who legally breaks into a system...

Question 14

A(n)______ is a basic security device that filters traffic and is a barrier between a network and the outside world or between a system and other systems.&#10;A)Firewall&#10;B)Proxy server&#10;C)Intrusion detection system&#10;D)Network Monitor

Accepted Answer

The answer of A(n)______ is a basic security device that...

Question 15

Which one of these is NOT one the three pillars of security in the CIA triangle?&#10;A)Confidentiality&#10;B)Integrity&#10;C)Availability&#10;D)Authentication

Accepted Answer

The answer of Which one of these is NOT one...

Question 16

A(n)hides the internal network's IP address and presents a single IP address to the outside world.&#10;A)Firewall&#10;B)Proxy server&#10;C)Intrusion detection system&#10;D)Network Monitor

Accepted Answer

The answer of A(n)hides the internal network's IP address and...

Question 17

The type of hacking that involves breaking into telephone systems is called sneaking.

Accepted Answer

The answer of The type of hacking that involves breaking...

Question 18

Auditing is the process to determine if a user's credentials are authorized to access a network resource.

Accepted Answer

The answer of Auditing is the process to determine if...

Question 19

Which type of hacking occurs when the attacker monitors an authenticated session between the client and the server and takes over that session?&#10;A)Denial of service&#10;B)Web attack&#10;C)Session hijacking&#10;D)None of the above

Accepted Answer

The answer of Which type of hacking occurs when the...

Question 20

Malware is a generic term for software that has a malicious purpose.

Accepted Answer

The answer of Malware is a generic term for software...

Question 21

Which of these is the process to determine if the credentials given by a user or another system are authorized to access the network resource in question?&#10;A)Confidentiality&#10;B)Integrity&#10;C)Availability&#10;D)Authentication

Accepted Answer

The answer of Which of these is the process to...

Question 22

Which of these was the first computer incident-response team?&#10;A)Computer Emergency Response Team&#10;B)F-Secure&#10;C)SANS Institute&#10;D)Microsoft Security Advisor

Accepted Answer

The answer of Which of these was the first computer...

Question 23

Which of these is a repository for detailed information on virus outbreaks?&#10;A)Computer Emergency Response Team&#10;B)F-Secure&#10;C)SANS Institute&#10;D)Microsoft Security Advisor

Accepted Answer

The answer of Which of these is a repository for...

Question 24

Which of these is a repository of security-related documentation and also sponsors a number of security research projects?&#10;A)Computer Emergency Response Team&#10;B)F-Secure&#10;C)SANS Institute&#10;D)Microsoft Security Advisor

Accepted Answer

The answer of Which of these is a repository of...

Deck 1: Introduction to Computer Security