IT 310 Foundations of Cybersecurity
Comprehensive Final Exam (Qns & Ans)
2025
Question 1 (Multiple Choice)
Question:
Which risk assessment methodology extends foundational
practices by providing a quantitative framework to estimate
potential financial loss and probability of cyber threats?
A) OCTAVE
B) FAIR
C) NIST SP 800-53
D) COBIT
Correct ANS:
B) FAIR
©2025
, Rationale:
FAIR (Factor Analysis of Information Risk) is specifically
designed to quantify risk by estimating both the frequency of
cyber events and their potential monetary impact. This
quantitative approach complements qualitative risk assessments
by providing measurable estimates, which is critical for informed
decision-making in cybersecurity management.
---
Question 2 (Fill in the Blank)
Question:
The advanced cryptographic property that ensures any small
change in input results in unpredictable and significant changes in
the output is known as the ________ effect.
Correct ANS:
avalanche
Rationale:
The avalanche effect is essential in cryptographic functions. It
assures that even a minute change in plaintext produces a vastly
different ciphertext, thereby enhancing resistance to differential
©2025
,cryptanalysis and enforcing unpredictability in encryption
schemes.
---
Question 3 (True/False)
Question:
True/False: Honeypots are primarily deployed as active intrusion
prevention systems that immediately block potential threats upon
detection.
Correct ANS:
False
Rationale:
Honeypots are designed to lure, detect, and analyze attacker
behavior rather than to block intrusions directly. They serve as an
early-warning mechanism and intelligence-gathering tool, helping
organizations understand threat tactics while diverting attackers
from critical assets.
---
©2025
, Question 4 (Multiple Response)
Question:
Select all techniques that are considered advanced methods for
detecting network intrusions beyond traditional signature-based
approaches:
A) Anomaly-based detection
B) Behavior-based detection
C) Heuristic-based detection
D) Manual traffic monitoring
E) Machine learning-based detection
Correct ANS:
A, B, E
Rationale:
Advanced intrusion detection leverages anomaly-based and
behavior-based methods, often enhanced by machine learning, to
identify deviations from normal patterns that might suggest
unknown or zero-day attacks. Heuristic-based methods may also
be used, but manual monitoring is generally more basic and labor-
intensive.
---
©2025
Comprehensive Final Exam (Qns & Ans)
2025
Question 1 (Multiple Choice)
Question:
Which risk assessment methodology extends foundational
practices by providing a quantitative framework to estimate
potential financial loss and probability of cyber threats?
A) OCTAVE
B) FAIR
C) NIST SP 800-53
D) COBIT
Correct ANS:
B) FAIR
©2025
, Rationale:
FAIR (Factor Analysis of Information Risk) is specifically
designed to quantify risk by estimating both the frequency of
cyber events and their potential monetary impact. This
quantitative approach complements qualitative risk assessments
by providing measurable estimates, which is critical for informed
decision-making in cybersecurity management.
---
Question 2 (Fill in the Blank)
Question:
The advanced cryptographic property that ensures any small
change in input results in unpredictable and significant changes in
the output is known as the ________ effect.
Correct ANS:
avalanche
Rationale:
The avalanche effect is essential in cryptographic functions. It
assures that even a minute change in plaintext produces a vastly
different ciphertext, thereby enhancing resistance to differential
©2025
,cryptanalysis and enforcing unpredictability in encryption
schemes.
---
Question 3 (True/False)
Question:
True/False: Honeypots are primarily deployed as active intrusion
prevention systems that immediately block potential threats upon
detection.
Correct ANS:
False
Rationale:
Honeypots are designed to lure, detect, and analyze attacker
behavior rather than to block intrusions directly. They serve as an
early-warning mechanism and intelligence-gathering tool, helping
organizations understand threat tactics while diverting attackers
from critical assets.
---
©2025
, Question 4 (Multiple Response)
Question:
Select all techniques that are considered advanced methods for
detecting network intrusions beyond traditional signature-based
approaches:
A) Anomaly-based detection
B) Behavior-based detection
C) Heuristic-based detection
D) Manual traffic monitoring
E) Machine learning-based detection
Correct ANS:
A, B, E
Rationale:
Advanced intrusion detection leverages anomaly-based and
behavior-based methods, often enhanced by machine learning, to
identify deviations from normal patterns that might suggest
unknown or zero-day attacks. Heuristic-based methods may also
be used, but manual monitoring is generally more basic and labor-
intensive.
---
©2025
