1|Page
ITN 262 MIDTERM QUESTIONS AND ANSWERS
2025
Supervisory control and data acquisition (SCADA)
devices are most often associated with: - .....ANSWER...
✔✔ utilities
What is worm - .....ANSWER... ✔✔ Malware
True or False? Botnets can (often) perform distributed
denial of service (DDoS) attacks in which thousands of
individual computers send overwhelming amounts of
traffic at a victim's computer. - .....ANSWER... ✔✔
True
Desktop malware may not represent a direct threat to
________- or PLC-based equipment, but practical
attacks exist on these systems. - .....ANSWER... ✔✔
SCADA
,2|Page
True or False? In requirement-based security, we identify
and prioritize our security needs in a risk assessment
process. - .....ANSWER... ✔✔ True
Car ignition locks are an example of what type of
decision? - .....ANSWER... ✔✔ Rule-based
Both forms of the RMF illustrate a(n) _______
engineering process as a way to plan, design, and build
a complicated system. - .....ANSWER... ✔✔ Systems
True or False? The security process and the Information
engineering process find their origin in the concept of
Continuous Improvement. - .....ANSWER... ✔✔ False
True or False? A supervisory control and data acquisition
(SCADA) device is a computer that controls motors,
valves, and other devices in industrial applications. -
.....ANSWER... ✔✔ True
A security decision, such as locking your vehicle when not
in use, is an example of: - .....ANSWER... ✔✔ rule-
based security
,3|Page
Which of the following is an example of a rule-based
security decision? - .....ANSWER... ✔✔ locking a cars
ignition
Which of the following is an example of security
theater? - .....ANSWER... ✔✔ Installing a fake video
camera
True or False? The term "security theater" refers to
security measures intended to make potential victims
feel safe and secure without regard to their
effectiveness. - .....ANSWER... ✔✔ True
Risk Management Framework is a way to assess
_______________ risks when developing large-scale
computer systems. - .....ANSWER... ✔✔ cybersecurity
True or False? Security Category RMF begins with a
high-level estimate of the impact caused by cyber
security failures. - .....ANSWER... ✔✔ True
True or False? A vulnerability is a weakness in the
boundary that protects the assets from the threat agents.
- .....ANSWER... ✔✔ True
, 4|Page
True or False? A threat agent is a person who did attack
our assets, while an attacker might attack an asset. -
.....ANSWER... ✔✔ False
Which of the following is a person who has learned
specific attacks on computer systems and can use those
specific attacks? - .....ANSWER... ✔✔ Cracker
CIA properties do not include: - .....ANSWER... ✔✔
authentication
Which of the following are the CIA properties? -
.....ANSWER... ✔✔ Confidentiality, Integrity,
Availability
True or False? A vulnerability is a security measure
intended to protect an asset. - .....ANSWER... ✔✔
False
An attempt by a threat agent to exploit assets without
permission is referred to as: - .....ANSWER... ✔✔ an
attack
ITN 262 MIDTERM QUESTIONS AND ANSWERS
2025
Supervisory control and data acquisition (SCADA)
devices are most often associated with: - .....ANSWER...
✔✔ utilities
What is worm - .....ANSWER... ✔✔ Malware
True or False? Botnets can (often) perform distributed
denial of service (DDoS) attacks in which thousands of
individual computers send overwhelming amounts of
traffic at a victim's computer. - .....ANSWER... ✔✔
True
Desktop malware may not represent a direct threat to
________- or PLC-based equipment, but practical
attacks exist on these systems. - .....ANSWER... ✔✔
SCADA
,2|Page
True or False? In requirement-based security, we identify
and prioritize our security needs in a risk assessment
process. - .....ANSWER... ✔✔ True
Car ignition locks are an example of what type of
decision? - .....ANSWER... ✔✔ Rule-based
Both forms of the RMF illustrate a(n) _______
engineering process as a way to plan, design, and build
a complicated system. - .....ANSWER... ✔✔ Systems
True or False? The security process and the Information
engineering process find their origin in the concept of
Continuous Improvement. - .....ANSWER... ✔✔ False
True or False? A supervisory control and data acquisition
(SCADA) device is a computer that controls motors,
valves, and other devices in industrial applications. -
.....ANSWER... ✔✔ True
A security decision, such as locking your vehicle when not
in use, is an example of: - .....ANSWER... ✔✔ rule-
based security
,3|Page
Which of the following is an example of a rule-based
security decision? - .....ANSWER... ✔✔ locking a cars
ignition
Which of the following is an example of security
theater? - .....ANSWER... ✔✔ Installing a fake video
camera
True or False? The term "security theater" refers to
security measures intended to make potential victims
feel safe and secure without regard to their
effectiveness. - .....ANSWER... ✔✔ True
Risk Management Framework is a way to assess
_______________ risks when developing large-scale
computer systems. - .....ANSWER... ✔✔ cybersecurity
True or False? Security Category RMF begins with a
high-level estimate of the impact caused by cyber
security failures. - .....ANSWER... ✔✔ True
True or False? A vulnerability is a weakness in the
boundary that protects the assets from the threat agents.
- .....ANSWER... ✔✔ True
, 4|Page
True or False? A threat agent is a person who did attack
our assets, while an attacker might attack an asset. -
.....ANSWER... ✔✔ False
Which of the following is a person who has learned
specific attacks on computer systems and can use those
specific attacks? - .....ANSWER... ✔✔ Cracker
CIA properties do not include: - .....ANSWER... ✔✔
authentication
Which of the following are the CIA properties? -
.....ANSWER... ✔✔ Confidentiality, Integrity,
Availability
True or False? A vulnerability is a security measure
intended to protect an asset. - .....ANSWER... ✔✔
False
An attempt by a threat agent to exploit assets without
permission is referred to as: - .....ANSWER... ✔✔ an
attack
