INFOSEC FINAL STUDY GUIDE EXAM
QUESTIONS AND ANSWERS 100% PASS
A Smurf attack is when a computer sends a broadcast message to a bunch of computers in a
network spoofing to be the victim computer. This results in the computers in the network all
responding to the victim computer. This is an example of a _________ - ANS Distributed
denial of service attack (DDoS)
Information security is the protection of ________, ________, and _______ -
ANS Confidentiality, Integrity, and Availability
When a company claims they can provide 5-9s this is focused on which of the CIA triad?
_______ - ANS Availability
ALE = ____________ * ___________ - ANS Single Loss Expectancy (SLE) * Annualized Rate of
Occurrence (ARO)
Risk = ____________ * ___________ - ANS Likelihood * Impact
___________ has the ability to have an adverse impact on resources - ANS Threat
___________ is a weakness in security - ANS Vulnerability
1 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
, 3 States of data are ____________, _____________, and ____________ - ANS Storage,
Processing, Transmission
3 Countermeasures are __________, _____________, and ____________ - ANS Policy,
Education, Technology
4 methods of managing risk are __________, _____________, _____________, and
____________ - ANS Accept, Avoid, Mitigate, Transfer
A method of attempting every combination to figure out a password - ANS Brute force
Using exposed username/password on other accounts - ANS Credential stuffing
Allows you to request information from federal government, What is this in Ohio? - ANS FOIA
(Freedom of Information Act), Sunshine Law
_________: an adverse event which manifests as a real threat - ANS Incident
_________: planning for unexpected adverse events - ANS Contingency
_________: planning how the business will continue to operate during an incident - ANS BCP
(business continuity plan)
_________: reviewing and documenting the business process and their criticality - ANS BIA
(business impact analysis)
2 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
QUESTIONS AND ANSWERS 100% PASS
A Smurf attack is when a computer sends a broadcast message to a bunch of computers in a
network spoofing to be the victim computer. This results in the computers in the network all
responding to the victim computer. This is an example of a _________ - ANS Distributed
denial of service attack (DDoS)
Information security is the protection of ________, ________, and _______ -
ANS Confidentiality, Integrity, and Availability
When a company claims they can provide 5-9s this is focused on which of the CIA triad?
_______ - ANS Availability
ALE = ____________ * ___________ - ANS Single Loss Expectancy (SLE) * Annualized Rate of
Occurrence (ARO)
Risk = ____________ * ___________ - ANS Likelihood * Impact
___________ has the ability to have an adverse impact on resources - ANS Threat
___________ is a weakness in security - ANS Vulnerability
1 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
, 3 States of data are ____________, _____________, and ____________ - ANS Storage,
Processing, Transmission
3 Countermeasures are __________, _____________, and ____________ - ANS Policy,
Education, Technology
4 methods of managing risk are __________, _____________, _____________, and
____________ - ANS Accept, Avoid, Mitigate, Transfer
A method of attempting every combination to figure out a password - ANS Brute force
Using exposed username/password on other accounts - ANS Credential stuffing
Allows you to request information from federal government, What is this in Ohio? - ANS FOIA
(Freedom of Information Act), Sunshine Law
_________: an adverse event which manifests as a real threat - ANS Incident
_________: planning for unexpected adverse events - ANS Contingency
_________: planning how the business will continue to operate during an incident - ANS BCP
(business continuity plan)
_________: reviewing and documenting the business process and their criticality - ANS BIA
(business impact analysis)
2 @COPYRIGHT 2025/2026 ALLRIGHTS RESERVED.
