Chapter 1: Introduction to Security
TRUE/FALSE
1. The demand for IT professionals who know how to secure networks and computers is at an all-
time low.
ANS: F PTS: 1 REF: 3
2. Recent employment trends indicate that employees with security certifications are in high
demand.
ANS: T PTS: 1 REF: 4
3. The CompTIA Security+ Certification is aimed at an IT security professional with the
recommended background of a minimum of two years experience in IT administration, with a
focus on security.
ANS: T PTS: 1 REF: 4
4. Weakness in software can be more quickly uncovered and exploited with new software tools and
techniques.
ANS: T PTS: 1 REF: 9
5. In a general sense, assurance may be defined as the necessary steps to protect a person or property
from harm.
ANS: F PTS: 1 REF: 11
,MULTIPLE CHOICE
1. An information security ____ position focuses on the administration and management of plans,
policies, and people.
a. manager c. auditor
b. engineer d. inspector
ANS: A PTS: 1 REF: 3
2. A study by Foote Partners showed that security certifications earn employees ____ percent more
pay than their uncertified counterparts.
a. 10 to 14 c. 13 to 14
b. 12 to 15 d. 14 to 16
ANS: A PTS: 1 REF: 4
3. The position of ____ is generally an entry-level position for a person who has the necessary
technical skills.
a. security technician c. CISO
b. security administrator d. security manager
ANS: A PTS: 1 REF: 4
4. ____ attacks are responsible for half of all malware delivered by Web advertising.
a. “Canadian Pharmacy” c. Melissa
b. Fake antivirus d. Slammer
ANS: B PTS: 1 REF: 5
,5. Approximately ____ percent of households in the United States use the Internet for managing
their finances.
a. 60 c. 80
b. 70 d. 90
ANS: C PTS: 1 REF: 5
6. In a ____ attack, attackers can attackers use hundreds or thousands of computers in an attack
against a single computer or network.
a. centered c. remote
b. local d. distributed
ANS: D PTS: 1 REF: 10
7. The term ____ is frequently used to describe the tasks of securing information that is in a digital
format.
a. network security c. physical security
b. information security d. logical security
ANS: B PTS: 1 REF: 12
8. ____ ensures that only authorized parties can view information.
a. Security c. Integrity
b. Availability d. Confidentiality
ANS: D PTS: 1 REF: 12
9. ____ ensures that information is correct and that no unauthorized person or malicious software
has altered that data.
, a. Availability c. Integrity
b. Confidentiality d. Identity
ANS: C PTS: 1 REF: 12
10. ____ ensures that the individual is who they claim to be (the authentic or genuine person) and not
an imposter.
a. Encryption c. Authorization
b. Authentication d. Accounting
ANS: B PTS: 1 REF: 13
11. In information security, a loss can be ____.
a. theft of information
b. a delay in transmitting information that results in a financial penalty
c. the loss of good will or a reputation
d. all of the above
ANS: D PTS: 1 REF: 16
12. In information security, an example of a threat agent can be ____.
a. a force of nature such as a tornado that could destroy computer equipment
b. a virus that attacks a computer network
c. an unsecured computer network
d. both a and b
ANS: D PTS: 1 REF: 16
TRUE/FALSE
1. The demand for IT professionals who know how to secure networks and computers is at an all-
time low.
ANS: F PTS: 1 REF: 3
2. Recent employment trends indicate that employees with security certifications are in high
demand.
ANS: T PTS: 1 REF: 4
3. The CompTIA Security+ Certification is aimed at an IT security professional with the
recommended background of a minimum of two years experience in IT administration, with a
focus on security.
ANS: T PTS: 1 REF: 4
4. Weakness in software can be more quickly uncovered and exploited with new software tools and
techniques.
ANS: T PTS: 1 REF: 9
5. In a general sense, assurance may be defined as the necessary steps to protect a person or property
from harm.
ANS: F PTS: 1 REF: 11
,MULTIPLE CHOICE
1. An information security ____ position focuses on the administration and management of plans,
policies, and people.
a. manager c. auditor
b. engineer d. inspector
ANS: A PTS: 1 REF: 3
2. A study by Foote Partners showed that security certifications earn employees ____ percent more
pay than their uncertified counterparts.
a. 10 to 14 c. 13 to 14
b. 12 to 15 d. 14 to 16
ANS: A PTS: 1 REF: 4
3. The position of ____ is generally an entry-level position for a person who has the necessary
technical skills.
a. security technician c. CISO
b. security administrator d. security manager
ANS: A PTS: 1 REF: 4
4. ____ attacks are responsible for half of all malware delivered by Web advertising.
a. “Canadian Pharmacy” c. Melissa
b. Fake antivirus d. Slammer
ANS: B PTS: 1 REF: 5
,5. Approximately ____ percent of households in the United States use the Internet for managing
their finances.
a. 60 c. 80
b. 70 d. 90
ANS: C PTS: 1 REF: 5
6. In a ____ attack, attackers can attackers use hundreds or thousands of computers in an attack
against a single computer or network.
a. centered c. remote
b. local d. distributed
ANS: D PTS: 1 REF: 10
7. The term ____ is frequently used to describe the tasks of securing information that is in a digital
format.
a. network security c. physical security
b. information security d. logical security
ANS: B PTS: 1 REF: 12
8. ____ ensures that only authorized parties can view information.
a. Security c. Integrity
b. Availability d. Confidentiality
ANS: D PTS: 1 REF: 12
9. ____ ensures that information is correct and that no unauthorized person or malicious software
has altered that data.
, a. Availability c. Integrity
b. Confidentiality d. Identity
ANS: C PTS: 1 REF: 12
10. ____ ensures that the individual is who they claim to be (the authentic or genuine person) and not
an imposter.
a. Encryption c. Authorization
b. Authentication d. Accounting
ANS: B PTS: 1 REF: 13
11. In information security, a loss can be ____.
a. theft of information
b. a delay in transmitting information that results in a financial penalty
c. the loss of good will or a reputation
d. all of the above
ANS: D PTS: 1 REF: 16
12. In information security, an example of a threat agent can be ____.
a. a force of nature such as a tornado that could destroy computer equipment
b. a virus that attacks a computer network
c. an unsecured computer network
d. both a and b
ANS: D PTS: 1 REF: 16
