Page |1
CSE 4471 MIDTERM 1 Exam 2025 (Actual
Exam) Questions with verified Answers
(Latest Update 2025) UPDATE!! Questions
and Correct Answers/ Latest Update /
Already Graded
Needs of the business
Ans: - protect organization's ability to function
- protect assets
- enable safe enterprise operation
- establish or maintain a market segment
- establish or improve profitability
1. Compromised intellectual property
Ans: Damage caused by software lost to piracy (lost revenue,
reputation damage)
Violating protections and end user licensing agreements (EULA)
2. Quality of Service Deviations
Ans: Includes both situations where products or services not
delivered as expected
All rights reserved © 2025/ 2026 |
, Page |2
Information system may depend on many interdependent
internal support systems
Internet service, communications, and power irregularities may
dramatically affect availability of information and systems
DoS (Denial of Service)
Ans: an attack which attempts to overload a target host so that
it cannot respond to legitimate requests, thus effectively taking
the provided service off-line.
DDoS (Distributed Denial of Service)
Ans: a DoS attack which coordinates multipleattackers to
provide a greater attack volume
Smurf Attack
Ans: An attack that broadcasts a ping request to computers yet
changes the address so that all responses are sent to the victim.
Reflection Email Attack
Ans: - Send thousands of emails to legitimate mail server
All rights reserved © 2025/ 2026 |
, Page |3
- uses illegitimate email
-source email is victim
Botnet
Ans: ◦ Master sends commands to compromised zombie
◦ Zombies attack victim
◦ Victim only sees attacks from zombie
3. Espionage
Ans: Business Intelligence (legal),
open source intelligence (osint),
industrial espionage (apple car)
state-sponsored espionage
tempest
Ans: a side-channel attack that passively monitors acoustic,
electrical or other emissions to gain confidential information
All rights reserved © 2025/ 2026 |
, Page |4
insider
Ans: Employee or contractor that enters a trusted relationship
with an organization.
◦ Trust means that by entering a work relationship, the insiders
agree to the rules and obligations that come with the role
◦ This relationship of trust does not, and should not, include
alleged dishonest, unethical or illegal activity.
◦ The insider must obey laws and hold to ethical practices,
despite the trusted relationship.
Whistleblower
Ans: An insider that reports wrongdoing (generally not for
personal gain).
◦ It is unlawful for an employer to retaliate against you for
making a "protected disclosure." A disclosure is protected only
if it meets two criteria:
1 The disclosure based on a reasonable belief that wrongdoing
has occurred.
2 The disclosure must also be made to a person or entity that is
authorized to receive it
(news media and sensitive data not included)
Open Source Intelligence
All rights reserved © 2025/ 2026 |
CSE 4471 MIDTERM 1 Exam 2025 (Actual
Exam) Questions with verified Answers
(Latest Update 2025) UPDATE!! Questions
and Correct Answers/ Latest Update /
Already Graded
Needs of the business
Ans: - protect organization's ability to function
- protect assets
- enable safe enterprise operation
- establish or maintain a market segment
- establish or improve profitability
1. Compromised intellectual property
Ans: Damage caused by software lost to piracy (lost revenue,
reputation damage)
Violating protections and end user licensing agreements (EULA)
2. Quality of Service Deviations
Ans: Includes both situations where products or services not
delivered as expected
All rights reserved © 2025/ 2026 |
, Page |2
Information system may depend on many interdependent
internal support systems
Internet service, communications, and power irregularities may
dramatically affect availability of information and systems
DoS (Denial of Service)
Ans: an attack which attempts to overload a target host so that
it cannot respond to legitimate requests, thus effectively taking
the provided service off-line.
DDoS (Distributed Denial of Service)
Ans: a DoS attack which coordinates multipleattackers to
provide a greater attack volume
Smurf Attack
Ans: An attack that broadcasts a ping request to computers yet
changes the address so that all responses are sent to the victim.
Reflection Email Attack
Ans: - Send thousands of emails to legitimate mail server
All rights reserved © 2025/ 2026 |
, Page |3
- uses illegitimate email
-source email is victim
Botnet
Ans: ◦ Master sends commands to compromised zombie
◦ Zombies attack victim
◦ Victim only sees attacks from zombie
3. Espionage
Ans: Business Intelligence (legal),
open source intelligence (osint),
industrial espionage (apple car)
state-sponsored espionage
tempest
Ans: a side-channel attack that passively monitors acoustic,
electrical or other emissions to gain confidential information
All rights reserved © 2025/ 2026 |
, Page |4
insider
Ans: Employee or contractor that enters a trusted relationship
with an organization.
◦ Trust means that by entering a work relationship, the insiders
agree to the rules and obligations that come with the role
◦ This relationship of trust does not, and should not, include
alleged dishonest, unethical or illegal activity.
◦ The insider must obey laws and hold to ethical practices,
despite the trusted relationship.
Whistleblower
Ans: An insider that reports wrongdoing (generally not for
personal gain).
◦ It is unlawful for an employer to retaliate against you for
making a "protected disclosure." A disclosure is protected only
if it meets two criteria:
1 The disclosure based on a reasonable belief that wrongdoing
has occurred.
2 The disclosure must also be made to a person or entity that is
authorized to receive it
(news media and sensitive data not included)
Open Source Intelligence
All rights reserved © 2025/ 2026 |
