1 | Page
ITN 262 Midterm Questions and Correct
Answers
What is a worm Ans: Malware
An attempt by a threat agent to exploit assets without permission
is referred to as Ans: an attack
This yields a more specific set of attacks tied to our particular
threat agents Ans: attack matrix
CIA properties do not include Ans: authentication
AUP stands for Ans: acceptable use policy
Zero Day vulnerability is one that has been reported to the
software's vendor and the general public Ans: false
A person skilled in attacking computer systems, who uses those
skills as a security expert to help protect systems is a Ans: white
hat hacker
A security analyst is performing a security assessment, the analyst
should not Ans: take action to mitigate a serious risk
victims can protect themselves against zero day attacks Ans: false
© 2025 All rights reserved
, 2 | Page
When you analyze a system using the six-phase security process
you are performing a Ans: risk assessment
An attack in which someone tries to trick a system administrator
into divulging a password is called Ans: social engineering
authentication does what Ans: associated and individual with and
identity
An authentication system that requires the user to provide two
different passwords and a fingerprint scan is an example of Ans:
two-factor authentication
there are three types of tokens they do not include Ans: offensive
tokens
the most recent list hash algorithm is what Ans: SHA-512
The following are associated with a weak threat except Ans: all
are associated with weak threats
Hashing Ans: transforms readable text into gibberish
in a password system the total number of possible passwords is
Ans: search space
An attack the blocks access to a system by other users is called
Ans: denial of service
© 2025 All rights reserved
ITN 262 Midterm Questions and Correct
Answers
What is a worm Ans: Malware
An attempt by a threat agent to exploit assets without permission
is referred to as Ans: an attack
This yields a more specific set of attacks tied to our particular
threat agents Ans: attack matrix
CIA properties do not include Ans: authentication
AUP stands for Ans: acceptable use policy
Zero Day vulnerability is one that has been reported to the
software's vendor and the general public Ans: false
A person skilled in attacking computer systems, who uses those
skills as a security expert to help protect systems is a Ans: white
hat hacker
A security analyst is performing a security assessment, the analyst
should not Ans: take action to mitigate a serious risk
victims can protect themselves against zero day attacks Ans: false
© 2025 All rights reserved
, 2 | Page
When you analyze a system using the six-phase security process
you are performing a Ans: risk assessment
An attack in which someone tries to trick a system administrator
into divulging a password is called Ans: social engineering
authentication does what Ans: associated and individual with and
identity
An authentication system that requires the user to provide two
different passwords and a fingerprint scan is an example of Ans:
two-factor authentication
there are three types of tokens they do not include Ans: offensive
tokens
the most recent list hash algorithm is what Ans: SHA-512
The following are associated with a weak threat except Ans: all
are associated with weak threats
Hashing Ans: transforms readable text into gibberish
in a password system the total number of possible passwords is
Ans: search space
An attack the blocks access to a system by other users is called
Ans: denial of service
© 2025 All rights reserved
