Question 1

Someone who finds a flaw in a system and reports that flaw to the vendor of the system is a __________.
A)White hat hacker
B)Black hat hacker
C)Gray hat hacker
D)Red hat hacker

Accepted Answer

White hat hackers are ethical hackers who identify vulnerabilities in systems and report them to the owners for them to fix before they can be exploited maliciously.

Question 2

Confidentiality,integrity,and availability are three pillars of the CIA triangle.

Accepted Answer

The CIA triangle stands for Confidentiality, Integrity, and Availability, which are the three key principles that guide information security measures and policies.

Question 3

A black hat hacker is also called a ___________
A)Thief
B)Cracker
C)Sneaker
D)None of the above

Accepted Answer

A black hat hacker, known for malicious activities and unauthorized access to computer systems, is also referred to as a "Cracker." This term distinguishes their intent and actions from those of ethical hackers or "white hat" hackers.

Question 4

The technique for breaching a system's security by exploiting human nature rather than technology is war-driving.

Accepted Answer

War-driving involves searching for Wi-Fi wireless networks by a person in a moving vehicle, using a portable computer, smartphone, or personal digital assistant (PDA), which is a technology-focused method, not one that exploits human nature. The technique that exploits human nature rather than technology is known as "social engineering."

Question 5

Software that lays dormant until some specific condition is met is a Trojan horse.

Accepted Answer

Software that lays dormant until a specific condition is met is typically referred to as a logic bomb, not a Trojan horse. A Trojan horse is malicious software that misleads users of its true intent.

Question 6

Someone who gains access to a system and causes harm is a __________?
A)White hat hacker
B)Black hat hacker
C)Grey hat hacker
D)Red hat hacker

Accepted Answer

Black hat hackers are individuals who gain unauthorized access to computer systems for personal gain or to cause harm, distinguishing them from white hat hackers who seek to improve security.

Question 7

The Domain Name Service is what translates human-readable domain names into IP addresses that computers and routers understand.

Accepted Answer

The Domain Name Service (DNS) is responsible for translating human-readable domain names (like www.example.com) into the numerical IP addresses that computers and networking equipment use to communicate with each other.

Question 8

The Health Insurance Portability and Accountability Act of 1996 requires government agencies to identify sensitive systems,conduct computer security training,and develop computer security plans.

Accepted Answer

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) primarily focuses on the protection of health information, not on identifying sensitive systems, conducting computer security training, or developing computer security plans for government agencies.

Question 9

In which type of hacking does the user block access from legitimate users without actually accessing the attacked system?
A)Denial of service
B)Web attack
C)Session hijacking
D)None of the above

Accepted Answer

Denial of Service (DoS) attacks aim to make a system or network resource unavailable to its intended users by overwhelming it with a flood of useless traffic or sending it information that triggers a crash. Unlike other hacking methods, DoS attacks do not involve unauthorized access to the targeted system's data.

Question 10

Someone who calls himself a hacker but lacks the expertise is a ________.
A)Script kiddy
B)Sneaker
C)White hat hacker
D)Black hat hacker

Accepted Answer

A script kiddy is someone who uses existing computer scripts or codes to hack into computers, lacking the expertise to write their own.

Question 11

Your company is instituting a new security awareness program.You are responsible for educating end users on a variety of threats,including social engineering.Which of the following best defines social engineering?
A)Illegal copying of software
B)Gathering information from discarded manuals and printouts
C)Using people skills to obtain proprietary information
D)Destruction or alteration of data

Accepted Answer

The answer of Your company is instituting a new security...

Question 12

Someone who breaks into a system legally to assess security deficiencies is a sneaker.

Accepted Answer

A "sneaker" is a term used to describe someone who is hired to legally break into systems to identify and fix security vulnerabilities.

Question 13

Someone who legally breaks into a system to assess security deficiencies is a ________.
A)Script kiddy
B)Penetration tester
C)White hat hacker
D)Black hat hacker

Accepted Answer

A penetration tester is someone who legally breaks into a system to assess security deficiencies.

Question 14

A(n)______ is a basic security device that filters traffic and is a barrier between a network and the outside world or between a system and other systems.
A)Firewall
B)Proxy server
C)Intrusion detection system
D)Network Monitor

Accepted Answer

A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is a barrier between a private internal network and the public Internet.

Question 15

Which one of these is NOT one the three pillars of security in the CIA triangle?
A)Confidentiality
B)Integrity
C)Availability
D)Authentication

Accepted Answer

The CIA triangle refers to Confidentiality, Integrity, and Availability as the three pillars of security. Authentication, while important, is not one of these three pillars.

Question 16

A(n)hides the internal network's IP address and presents a single IP address to the outside world.
A)Firewall
B)Proxy server
C)Intrusion detection system
D)Network Monitor

Accepted Answer

A proxy server hides the internal network's IP address and presents a single IP address to the outside world by acting as an intermediary between client devices and the internet. It can also provide additional security features such as content filtering and caching. Firewalls can also provide some level of IP hiding, but their primary purpose is to control network traffic based on predefined rules. Intrusion detection systems and network monitors are not designed to hide IP addresses.

Question 17

The type of hacking that involves breaking into telephone systems is called sneaking.

Accepted Answer

The type of hacking that involves breaking into telephone systems is called "phreaking."

Question 18

Auditing is the process to determine if a user's credentials are authorized to access a network resource.

Accepted Answer

Auditing is the process of examining and verifying a company's financial records and transactions to ensure accuracy and compliance with accounting standards and regulations, not about determining user credential authorization for network resources.

Question 19

Which type of hacking occurs when the attacker monitors an authenticated session between the client and the server and takes over that session?
A)Denial of service
B)Web attack
C)Session hijacking
D)None of the above

Accepted Answer

Session hijacking is the correct answer because it specifically refers to the type of attack where an attacker takes over a legitimate user's session after the user has been authenticated, allowing the attacker to gain unauthorized access to information or services within that session.

Question 20

Malware is a generic term for software that has a malicious purpose.

Accepted Answer

Malware, short for malicious software, refers to any software designed to harm or exploit any programmable device, service, or network.

Quiz 1: Introduction to Computer Security

Someone who finds a flaw in a system and reports that flaw to the vendor of the system is a __________.

Confidentiality,integrity,and availability are three pillars of the CIA triangle.

A black hat hacker is also called a ___________

The technique for breaching a system's security by exploiting human nature rather than technology is war-driving.

Software that lays dormant until some specific condition is met is a Trojan horse.

Someone who gains access to a system and causes harm is a __________?

The Domain Name Service is what translates human-readable domain names into IP addresses that computers and routers understand.

The Health Insurance Portability and Accountability Act of 1996 requires government agencies to identify sensitive systems,conduct computer security training,and develop computer security plans.

In which type of hacking does the user block access from legitimate users without actually accessing the attacked system?

Someone who calls himself a hacker but lacks the expertise is a ________.

Your company is instituting a new security awareness program.You are responsible for educating end users on a variety of threats,including social engineering.Which of the following best defines social engineering?

Someone who breaks into a system legally to assess security deficiencies is a sneaker.

Someone who legally breaks into a system to assess security deficiencies is a ________.

A(n) ______ is a basic security device that filters traffic and is a barrier between a network and the outside world or between a system and other systems.

Which one of these is NOT one the three pillars of security in the CIA triangle?

A(n) hides the internal network's IP address and presents a single IP address to the outside world.

The type of hacking that involves breaking into telephone systems is called sneaking.

Auditing is the process to determine if a user's credentials are authorized to access a network resource.

Which type of hacking occurs when the attacker monitors an authenticated session between the client and the server and takes over that session?

Malware is a generic term for software that has a malicious purpose.