CIS 410 Exam 1 Questions and Answers Already Passed Latest Update 2025-2026
DoS - Answers Which type of attack involves sending a large number of connection or
information requests to a target?
Armed Robbery - Answers Force majeure includes all of the following EXCEPT:
integrity - Answers Which of the following is a C.I.A. triad characteristic that addresses the
threat from corruption, damage, destruction, or other disruption of its authentic state?
ransomware - Answers An attack that uses phishing techniques along with specialized forms of
malware to encrypt the victim's data files is known as __________
competitive intelligence - Answers Some information gathering techniques are quite legal—for
example, using a Web browser to perform market research. These legal techniques are called,
collectively, __________.
Pracy - Answers Duplication of software-based intellectual property is more commonly known
as software __________.
Cracker - Answers A hacker who intentionally removes or bypasses software copyright
protection designed to prevent unauthorized duplication or use is known as a(n) __________.
Authentication - Answers The use of cryptographic certificates to establish Secure Sockets
Layer (SSL) connections is an example of which process?
Confidentiality - Answers Which of the following is a C.I.A. triad characteristic that ensures only
those with sufficient privileges and a demonstrated need may access certain information?
-Planning: developing, creating, and implementing controls to accomplish organization
objectives.
-Organizing: Structuring the use of resources to support how an organization accomplishes
objectives
-Leading: Encourages the organization to implement the planning and organizing functions. This
includes supervising employee performance, behavior, and attitude while ensuring completion
of the assigned objectives.
-Controlling: ensures the validity of the organization's plan by making sure that sufficient
progress is being made. - Answers List and explain the four principles of management under the
contemporary or popular management theory. Briefly define each.
Planning in information security involves activities necessary to support the design, creation,
and implementation of information security practices. These plans must support information
and technology assets of the entire organization. Information security planning includes
different types such as incident response planning, business continuity planning, disaster
, recovery planning and more. - Answers Discuss the planning element of information security.
Spam - Answers __________ is unsolicited commercial e-mail.
Rainbow Table - Answers The hash values for a wide variety of passwords can be stored in a
database known as a(n) __________, which can be indexed and quickly searched using the hash
value, allowing the corresponding plaintext password to be determined.
Threat - Answers Any event or circumstance that has the potential to adversely affect
operations and assets is known as a(n) __________.
Hactivism - Answers One form of online vandalism is __________, in which individuals interfere
with or disrupt systems to protest the operations, policies, or actions of an organization or
government agency.
Confidentiality:
Integrity
Availability
(explain as well) - Answers List and explain the critical characteristics of information as defined
by the C.I.A. triad.
Technical Controls - Answers Human error or failure often can be prevented with training and
awareness programs, policy, and __________.
People - Answers Which function of InfoSec management encompasses security personnel as
well as aspects of the SETA program?
Extortion Sins - Answers Which of the following is not among the "deadly sins of software
security"?
Organization - Answers Which of the following is the principle of management dedicated to the
structuring of resources to support the accomplishment of objectives?
Cultural Mores - Answers Ethics are based on ___________________, which are the relatively fixed
moral attitudes or customs of a societal group.
Restitution - Answers Which of the following is compensation for a wrong committed by an
individual or organization?
DoS - Answers Which type of attack involves sending a large number of connection or
information requests to a target?
Armed Robbery - Answers Force majeure includes all of the following EXCEPT:
integrity - Answers Which of the following is a C.I.A. triad characteristic that addresses the
threat from corruption, damage, destruction, or other disruption of its authentic state?
ransomware - Answers An attack that uses phishing techniques along with specialized forms of
malware to encrypt the victim's data files is known as __________
competitive intelligence - Answers Some information gathering techniques are quite legal—for
example, using a Web browser to perform market research. These legal techniques are called,
collectively, __________.
Pracy - Answers Duplication of software-based intellectual property is more commonly known
as software __________.
Cracker - Answers A hacker who intentionally removes or bypasses software copyright
protection designed to prevent unauthorized duplication or use is known as a(n) __________.
Authentication - Answers The use of cryptographic certificates to establish Secure Sockets
Layer (SSL) connections is an example of which process?
Confidentiality - Answers Which of the following is a C.I.A. triad characteristic that ensures only
those with sufficient privileges and a demonstrated need may access certain information?
-Planning: developing, creating, and implementing controls to accomplish organization
objectives.
-Organizing: Structuring the use of resources to support how an organization accomplishes
objectives
-Leading: Encourages the organization to implement the planning and organizing functions. This
includes supervising employee performance, behavior, and attitude while ensuring completion
of the assigned objectives.
-Controlling: ensures the validity of the organization's plan by making sure that sufficient
progress is being made. - Answers List and explain the four principles of management under the
contemporary or popular management theory. Briefly define each.
Planning in information security involves activities necessary to support the design, creation,
and implementation of information security practices. These plans must support information
and technology assets of the entire organization. Information security planning includes
different types such as incident response planning, business continuity planning, disaster
, recovery planning and more. - Answers Discuss the planning element of information security.
Spam - Answers __________ is unsolicited commercial e-mail.
Rainbow Table - Answers The hash values for a wide variety of passwords can be stored in a
database known as a(n) __________, which can be indexed and quickly searched using the hash
value, allowing the corresponding plaintext password to be determined.
Threat - Answers Any event or circumstance that has the potential to adversely affect
operations and assets is known as a(n) __________.
Hactivism - Answers One form of online vandalism is __________, in which individuals interfere
with or disrupt systems to protest the operations, policies, or actions of an organization or
government agency.
Confidentiality:
Integrity
Availability
(explain as well) - Answers List and explain the critical characteristics of information as defined
by the C.I.A. triad.
Technical Controls - Answers Human error or failure often can be prevented with training and
awareness programs, policy, and __________.
People - Answers Which function of InfoSec management encompasses security personnel as
well as aspects of the SETA program?
Extortion Sins - Answers Which of the following is not among the "deadly sins of software
security"?
Organization - Answers Which of the following is the principle of management dedicated to the
structuring of resources to support the accomplishment of objectives?
Cultural Mores - Answers Ethics are based on ___________________, which are the relatively fixed
moral attitudes or customs of a societal group.
Restitution - Answers Which of the following is compensation for a wrong committed by an
individual or organization?
