ITSY 1300 Exam Revision Questions with 100%
Correct Answers
The tasks of securing information that is in a digital format, whether it be manipulated by
a microprocessor, preserved on a storage device, or transmitted over a network is called:
Information Security
What are the three protections that must be extended over information?
CIA-
Confidentiality, Integrity, Availability
__________ ensures that only authorized parties can view the information.
Confidentiality
__________ ensures that the information is correct and no unauthorized person or
malicious software has altered the data.
Integrity
__________ ensures that the data is accessible to authorized users.
Availability
An _________ is an item that has value.
Asset
A type of action that has the potential to cause harm is known as a:
Threat
,A flaw or weakness that allows a threat agent to bypass security is a:
Vulnerability
A situation that involves exposure to some type of danger is a:
Risk
What are the 4 responses to risks?
Accept
Transfer
Avoid
Mitigate
To __________ risk simply means that the risk is acknowledged but no steps are taken to
address it.
Accept
A response to risk that allows a 3rd party to assume the responsibility of the risk is known
as risk:
Transfer
To __________ risks, involves identifying the risk but making the decision to not engage in
the activity.
Avoid
To __________ risk is the attempt to address risk by making risk less serious.
Mitigate
,Healthcare enterprises must guard protected healthcare information and implement
policies and procedures to safeguard it, whether in paper or electronic format:
HIPAA
Health Insurance Portability and Accountability Act 1996
Set of security standards that all companies that process, store, or transmit credit or debit
card information must follow:
PCI DSS
Payment Card Industry Data Security Standard
__________ is attacks that are intended to cause panic or provoke violence among citizens,
attacks directed at the banking industry, military installations, power plants, air traffic
control centers, and water systems.
Cyberterrorism
Individuals who want to attack computers yet they lack the knowledge of computers and
networks needed to do so are:
Script Kiddies
Freely available automated attack software used by Script Kiddies is known as:
Open-Source Intelligence
A group of threat actors that is strongly motivated by ideology are known as:
, Hactivists
Protest or Retaliatory attacks
A new class of attack that uses innovative attack tools to infect a system and then silently
extracts data over an extended period is known as:
APT
Advanced Persistent Threat
APTs are most commonly associated with:
Nation State Actors
State sponsored attackers employed by a government for launching computer attacks
against their foes are known as:
Nation State Actors
When the U.S. hired the Israel government to help infiltrate the Iranian nuclear program,
or if they hired Logan's Exodus to do it, they would be known as:
Nation State Actors
What are the 5 fundamental security principles for defense?
Layering
Limiting
Diversity
Correct Answers
The tasks of securing information that is in a digital format, whether it be manipulated by
a microprocessor, preserved on a storage device, or transmitted over a network is called:
Information Security
What are the three protections that must be extended over information?
CIA-
Confidentiality, Integrity, Availability
__________ ensures that only authorized parties can view the information.
Confidentiality
__________ ensures that the information is correct and no unauthorized person or
malicious software has altered the data.
Integrity
__________ ensures that the data is accessible to authorized users.
Availability
An _________ is an item that has value.
Asset
A type of action that has the potential to cause harm is known as a:
Threat
,A flaw or weakness that allows a threat agent to bypass security is a:
Vulnerability
A situation that involves exposure to some type of danger is a:
Risk
What are the 4 responses to risks?
Accept
Transfer
Avoid
Mitigate
To __________ risk simply means that the risk is acknowledged but no steps are taken to
address it.
Accept
A response to risk that allows a 3rd party to assume the responsibility of the risk is known
as risk:
Transfer
To __________ risks, involves identifying the risk but making the decision to not engage in
the activity.
Avoid
To __________ risk is the attempt to address risk by making risk less serious.
Mitigate
,Healthcare enterprises must guard protected healthcare information and implement
policies and procedures to safeguard it, whether in paper or electronic format:
HIPAA
Health Insurance Portability and Accountability Act 1996
Set of security standards that all companies that process, store, or transmit credit or debit
card information must follow:
PCI DSS
Payment Card Industry Data Security Standard
__________ is attacks that are intended to cause panic or provoke violence among citizens,
attacks directed at the banking industry, military installations, power plants, air traffic
control centers, and water systems.
Cyberterrorism
Individuals who want to attack computers yet they lack the knowledge of computers and
networks needed to do so are:
Script Kiddies
Freely available automated attack software used by Script Kiddies is known as:
Open-Source Intelligence
A group of threat actors that is strongly motivated by ideology are known as:
, Hactivists
Protest or Retaliatory attacks
A new class of attack that uses innovative attack tools to infect a system and then silently
extracts data over an extended period is known as:
APT
Advanced Persistent Threat
APTs are most commonly associated with:
Nation State Actors
State sponsored attackers employed by a government for launching computer attacks
against their foes are known as:
Nation State Actors
When the U.S. hired the Israel government to help infiltrate the Iranian nuclear program,
or if they hired Logan's Exodus to do it, they would be known as:
Nation State Actors
What are the 5 fundamental security principles for defense?
Layering
Limiting
Diversity
