IT 316 Human Computer Interaction
Comprehensive Final Exam (Qns & Ans)
2025
Question 1 (Multiple Choice)
Question:
Which risk assessment methodology quantitatively estimates the
potential financial loss due to cyber threats by analyzing both the
probability of events and their impact?
A) OCTAVE
B) FAIR
C) NIST SP 800-30
D) COBIT
Correct ANS:
B) FAIR
©2025
, Rationale:
FAIR (Factor Analysis of Information Risk) is designed to
provide a quantitative analysis of risk. It evaluates both the
probability and financial impact of potential threats, allowing
organizations to prioritize remediation and allocate resources
based on measurable risk estimates.
---
Question 2 (Fill in the Blank)
Question:
The cryptographic property whereby a small change in the input
leads to a dramatically different output is known as the
________ effect.
Correct ANS:
avalanche
Rationale:
The avalanche effect is crucial in cryptography because it ensures
that even the smallest modification in the plaintext results in a
completely different ciphertext, thereby making it
©2025
,computationally infeasible for attackers to derive the original
message through differential analysis.
---
Question 3 (True/False)
Question:
True/False: Honeypots are primarily deployed to deceive and
monitor attackers by attracting them away from critical assets,
rather than serving as direct intrusion prevention systems.
Correct ANS:
True
Rationale:
Honeypots function as decoy systems that lure attackers, enabling
security teams to observe and analyze attacker behavior. They are
not meant to block attacks immediately but to serve as
intelligence-gathering tools that inform defensive strategies.
---
©2025
, Question 4 (Multiple Response)
Question:
Select all advanced detection methods used to identify potential
network intrusions beyond traditional signature-based approaches:
A) Anomaly-based detection
B) Behavior-based detection
C) Machine learning-based detection
D) Static signature matching
E) Heuristic analysis
Correct ANS:
A, B, C, E
Rationale:
Anomaly detection, behavior-based detection, machine learning-
based detection, and heuristic analysis all involve evaluating what
is “normal” in network behavior and flagging deviations, which
can indicate new or unknown threats. Although signature
matching is important, it is not considered an advanced technique
for detecting novel attacks.
---
©2025
Comprehensive Final Exam (Qns & Ans)
2025
Question 1 (Multiple Choice)
Question:
Which risk assessment methodology quantitatively estimates the
potential financial loss due to cyber threats by analyzing both the
probability of events and their impact?
A) OCTAVE
B) FAIR
C) NIST SP 800-30
D) COBIT
Correct ANS:
B) FAIR
©2025
, Rationale:
FAIR (Factor Analysis of Information Risk) is designed to
provide a quantitative analysis of risk. It evaluates both the
probability and financial impact of potential threats, allowing
organizations to prioritize remediation and allocate resources
based on measurable risk estimates.
---
Question 2 (Fill in the Blank)
Question:
The cryptographic property whereby a small change in the input
leads to a dramatically different output is known as the
________ effect.
Correct ANS:
avalanche
Rationale:
The avalanche effect is crucial in cryptography because it ensures
that even the smallest modification in the plaintext results in a
completely different ciphertext, thereby making it
©2025
,computationally infeasible for attackers to derive the original
message through differential analysis.
---
Question 3 (True/False)
Question:
True/False: Honeypots are primarily deployed to deceive and
monitor attackers by attracting them away from critical assets,
rather than serving as direct intrusion prevention systems.
Correct ANS:
True
Rationale:
Honeypots function as decoy systems that lure attackers, enabling
security teams to observe and analyze attacker behavior. They are
not meant to block attacks immediately but to serve as
intelligence-gathering tools that inform defensive strategies.
---
©2025
, Question 4 (Multiple Response)
Question:
Select all advanced detection methods used to identify potential
network intrusions beyond traditional signature-based approaches:
A) Anomaly-based detection
B) Behavior-based detection
C) Machine learning-based detection
D) Static signature matching
E) Heuristic analysis
Correct ANS:
A, B, C, E
Rationale:
Anomaly detection, behavior-based detection, machine learning-
based detection, and heuristic analysis all involve evaluating what
is “normal” in network behavior and flagging deviations, which
can indicate new or unknown threats. Although signature
matching is important, it is not considered an advanced technique
for detecting novel attacks.
---
©2025
