,CHAPTER 1
1. Corruption of information can occur only while information is being
stored.
a. True
*b. False
2. The authorization process takes place before the authentication
process.
a. True
*b. False
3. A worm may be able to deposit copies of itself onto all Web servers
that the infected system can reach, so that users who subsequently
visit those sites become infected.
*a. True
b. False
4. DoS attacks cannot be launched against routers.
a. True
*b. False
5. The first step in solving problems is to gather facts and make
assumptions.
a. True
*b. False
6. A device (or a software program on a computer) that can monitor data
traveling on a network is known as a socket sniffer. __________
a. True
*b. False
7. One form of e-mail attack that is also a DoS attack is called a mail
spoof, in which an attacker overwhelms the receiver with excessive
quantities of e-mail. __________
a. True
*b. False
,8. When voltage levels lag (experience a momentary increase), the extra
voltage can severely damage or destroy equipment. __________
a. True
*b. False
9. "Shoulder spying" is used in public or semi-public settings when
individuals gather information they are not authorized to have by
looking over another individual’s shoulder or viewing the information
from a distance. __________
a. True
*b. False
10. The term phreaker is now commonly associated with an individual who
cracks or removes software protection that is designed to prevent
unauthorized duplication. __________
a. True
*b. False
11. The application of computing and network resources to try every
possible combination of options of a password is called
a dictionary attack. __________
a. True
*b. False
12. The macro virus infects the key operating system files located in a
computer’s start-up sector. __________
a. True
*b. False
13. The malicious code attack includes the execution of viruses, worms,
Trojan horses, and active Web scripts with the intent to destroy or
steal information. __________
*a. True
b. False
14. A(n) polymorphic threat is one that over time changes the way it
appears to antivirus software programs, making it undetectable by
techniques that look for pre-configured signatures. __________
*a. True
b. False
, 15. Communications security involves the protection of which of the following?
a. radio handsets
b. people, physical assets
c. the IT department
*d. media, technology, and content
16. The protection of voice and data components, connections, and content is known as
__________ security.
*a. network
b. national
c. cyber
d. operational
17. The protection of confidentiality, integrity, and availability of data regardless of its
location is known as __________ security.
*a. information
b. network
c. cyber
d. operational
18. A model of InfoSec that offers a comprehensive view of security for data while being
stored, processed, or transmitted is the __________ security model.
*a. CNSS
b. USMC
c. USNA
d. NPC
19. Which of the following is a C.I.A. triad characteristic that addresses the threat from
corruption, damage, destruction, or other disruption of its authentic state?
*a. integrity
b. availability
c. authentication
d. accountability
20. According to the C.I.A. triad, which of the following is the most desirable characteristic for
privacy?
*a. confidentiality
1. Corruption of information can occur only while information is being
stored.
a. True
*b. False
2. The authorization process takes place before the authentication
process.
a. True
*b. False
3. A worm may be able to deposit copies of itself onto all Web servers
that the infected system can reach, so that users who subsequently
visit those sites become infected.
*a. True
b. False
4. DoS attacks cannot be launched against routers.
a. True
*b. False
5. The first step in solving problems is to gather facts and make
assumptions.
a. True
*b. False
6. A device (or a software program on a computer) that can monitor data
traveling on a network is known as a socket sniffer. __________
a. True
*b. False
7. One form of e-mail attack that is also a DoS attack is called a mail
spoof, in which an attacker overwhelms the receiver with excessive
quantities of e-mail. __________
a. True
*b. False
,8. When voltage levels lag (experience a momentary increase), the extra
voltage can severely damage or destroy equipment. __________
a. True
*b. False
9. "Shoulder spying" is used in public or semi-public settings when
individuals gather information they are not authorized to have by
looking over another individual’s shoulder or viewing the information
from a distance. __________
a. True
*b. False
10. The term phreaker is now commonly associated with an individual who
cracks or removes software protection that is designed to prevent
unauthorized duplication. __________
a. True
*b. False
11. The application of computing and network resources to try every
possible combination of options of a password is called
a dictionary attack. __________
a. True
*b. False
12. The macro virus infects the key operating system files located in a
computer’s start-up sector. __________
a. True
*b. False
13. The malicious code attack includes the execution of viruses, worms,
Trojan horses, and active Web scripts with the intent to destroy or
steal information. __________
*a. True
b. False
14. A(n) polymorphic threat is one that over time changes the way it
appears to antivirus software programs, making it undetectable by
techniques that look for pre-configured signatures. __________
*a. True
b. False
, 15. Communications security involves the protection of which of the following?
a. radio handsets
b. people, physical assets
c. the IT department
*d. media, technology, and content
16. The protection of voice and data components, connections, and content is known as
__________ security.
*a. network
b. national
c. cyber
d. operational
17. The protection of confidentiality, integrity, and availability of data regardless of its
location is known as __________ security.
*a. information
b. network
c. cyber
d. operational
18. A model of InfoSec that offers a comprehensive view of security for data while being
stored, processed, or transmitted is the __________ security model.
*a. CNSS
b. USMC
c. USNA
d. NPC
19. Which of the following is a C.I.A. triad characteristic that addresses the threat from
corruption, damage, destruction, or other disruption of its authentic state?
*a. integrity
b. availability
c. authentication
d. accountability
20. According to the C.I.A. triad, which of the following is the most desirable characteristic for
privacy?
*a. confidentiality
