CIST 1601 Final Exam Questions and Correct Solutions Latest Update 2024-2025 (Graded A+)
Cleartext is a name for text that appears to be transparent or invisible during a data transmission. -
Answers False
A threat is any action or actor that could damage an asset. - Answers True
One of the functions of a EULA is to protect the software vendor from liability. - Answers True
The standard CIA triangle consists of Confidentiality, Integrity, and Authorization. - Answers False
An example of cryptography is to encrypt data, thus producing ciphertext - Answers True
To make the process of information security more manageable, an typical IT infrastructure is often dived
into nine domains. - Answers False
Different communication protocols, firewalls, routers, and VPNs are components commonly managed
within the WAN domain. - Answers True
The user is often the weakest link in IT infrastructure security. - Answers True
Private, Confidential, Internal Use Only, and Public Domain are four common government data
classification standards. - Answers False
A common information security acronym is AUP, which stands for Authorized User Practices. - Answers
False
The IoT is a concept dealing with the growing interconnectivity of almost everything over the Internet
(which means almost everything may be vulnerable to security issues). - Answers True
RFID allows the embedding of small communication devices within goods to keep track of inventory. -
Answers true
Data Analytics, Cloud Computing, and acceptance of TCP/IP as a global standard have had minimal effect
on the growth of IOT. - Answers false
SaaS (Software anytime anywhere Standards) is the leading standard for anywhere anytime software
service. - Answers false
When done properly, SEO will help drive customers to a company's website. - Answers true
Smart homes, health monitoring, smart automobiles, and GPS are all prime examples of IoT technology.
- Answers true
BYOD strategy is often less expensive for a company AND it reduces a company's security risk. - Answers
false
, Mobile IP allows a smartphone to function as a stationary Internet device even though the phone is
moving from one mobile cell to another. - Answers true
Metadata is the collected primary data (things like name, address, and phone #) from millions of
customer records. - Answers false
Developing interoperabiity and Standard of IoT devices will mean that almost everything will be able to
to talk to almost everything else, and thus may be less expensive for the manufacturer to support. But if
a manufacturer waits too long to bring a product to market, the manufacturer runs the risk of losing
market share to a competitor. - Answers true
Drug formulas, engineering plans, and patents are all examples of intellectual property. - Answers true
A white-hat hacker probably has the permission of a company to do penetration testing. - Answers true
OS fingerprint scanners, vulnerability scanners, and keystroke loggers are all examples of common
attack tools. - Answers true
A port scanner is a specialized type of monitoring tool used to examine packages at shipping yards on
the east, west, and southern coasts of the United States. - Answers false
A dictionary attack consists of attempting to break into a user's account by trying all possible
combinations of letters, numerals, and special characters to guess the user's password. - Answers false
DoS stands for Distributed online Services. - Answers false
Passive wiretapping will look at data transmission without altering the data, while active wiretapping
will try to change the data. - Answers true
A rootkit gets its name from the attacker having to obtain root or system privileges to install the rootkit.
- Answers true
ARP poisoning relies primarily on changing the IP address of the person sending an IP packet - Answers
false
Breaking into computer system A, and then using system A to launch an attack on against computer
system B (which trusts system A) is called a transitive attack - Answers true
Vulnerability = Risk X Threat - Answers false
A Risk Register is a detailed description of all the identified risks. - Answers true
The following represents a logical order of research and document production.
BCP leads to DRP which leads to BIA - Answers false
Cleartext is a name for text that appears to be transparent or invisible during a data transmission. -
Answers False
A threat is any action or actor that could damage an asset. - Answers True
One of the functions of a EULA is to protect the software vendor from liability. - Answers True
The standard CIA triangle consists of Confidentiality, Integrity, and Authorization. - Answers False
An example of cryptography is to encrypt data, thus producing ciphertext - Answers True
To make the process of information security more manageable, an typical IT infrastructure is often dived
into nine domains. - Answers False
Different communication protocols, firewalls, routers, and VPNs are components commonly managed
within the WAN domain. - Answers True
The user is often the weakest link in IT infrastructure security. - Answers True
Private, Confidential, Internal Use Only, and Public Domain are four common government data
classification standards. - Answers False
A common information security acronym is AUP, which stands for Authorized User Practices. - Answers
False
The IoT is a concept dealing with the growing interconnectivity of almost everything over the Internet
(which means almost everything may be vulnerable to security issues). - Answers True
RFID allows the embedding of small communication devices within goods to keep track of inventory. -
Answers true
Data Analytics, Cloud Computing, and acceptance of TCP/IP as a global standard have had minimal effect
on the growth of IOT. - Answers false
SaaS (Software anytime anywhere Standards) is the leading standard for anywhere anytime software
service. - Answers false
When done properly, SEO will help drive customers to a company's website. - Answers true
Smart homes, health monitoring, smart automobiles, and GPS are all prime examples of IoT technology.
- Answers true
BYOD strategy is often less expensive for a company AND it reduces a company's security risk. - Answers
false
, Mobile IP allows a smartphone to function as a stationary Internet device even though the phone is
moving from one mobile cell to another. - Answers true
Metadata is the collected primary data (things like name, address, and phone #) from millions of
customer records. - Answers false
Developing interoperabiity and Standard of IoT devices will mean that almost everything will be able to
to talk to almost everything else, and thus may be less expensive for the manufacturer to support. But if
a manufacturer waits too long to bring a product to market, the manufacturer runs the risk of losing
market share to a competitor. - Answers true
Drug formulas, engineering plans, and patents are all examples of intellectual property. - Answers true
A white-hat hacker probably has the permission of a company to do penetration testing. - Answers true
OS fingerprint scanners, vulnerability scanners, and keystroke loggers are all examples of common
attack tools. - Answers true
A port scanner is a specialized type of monitoring tool used to examine packages at shipping yards on
the east, west, and southern coasts of the United States. - Answers false
A dictionary attack consists of attempting to break into a user's account by trying all possible
combinations of letters, numerals, and special characters to guess the user's password. - Answers false
DoS stands for Distributed online Services. - Answers false
Passive wiretapping will look at data transmission without altering the data, while active wiretapping
will try to change the data. - Answers true
A rootkit gets its name from the attacker having to obtain root or system privileges to install the rootkit.
- Answers true
ARP poisoning relies primarily on changing the IP address of the person sending an IP packet - Answers
false
Breaking into computer system A, and then using system A to launch an attack on against computer
system B (which trusts system A) is called a transitive attack - Answers true
Vulnerability = Risk X Threat - Answers false
A Risk Register is a detailed description of all the identified risks. - Answers true
The following represents a logical order of research and document production.
BCP leads to DRP which leads to BIA - Answers false
