TEST BANK
For
CompTIA Security+ SY0-501 Cert Guide, Academic
N
Edition (Certification Guide) 2nd Edition
U
by Dave Prowse
R
SE
D
O
All Chapters Included
C
All Answers Included
S
jhgfds
, jhgfdsa
Chapter 1: Introduction to Security
Chapter 1 True/False Questions
1. In information security, the three core principles are known as
confidentiality, integrity, and availability.
2. A system can easily be completely secure.
3. Individuals who hack into systems at an organization’s request, but are
N
not employed by the organization are known as blue hats.
4. Encryption, authentication, and anti-malware are all ways to protect
U
against malicious threats.
5. Social engineering includes viruses, worms, and Trojan horses.
R
SE
D
O
All Chapters Included
C
All Answers Included
S
,Chapter 1 True/False Answers/Explanations
1. True—Confidentiality, integrity, and availability (known as CIA or the CIA
triad) are the three core principles for information security. Another principle
within information security is accountability.
2. False—A system can never truly be completely secure. The scales are
always tipping back and forth; a hacker develops a way to break into a
system, then an administrator finds a way to block that attack, and then the
hacker looks for an alternative method. It goes on and on; be ready to wage
the eternal battle!
N
3. True—Blue hats are individuals asked by an organization to attempt to
hack into a system who are not employed by the organization. Blue hats are
often used when testing systems.
U
4. True—To protect against threats such as malware, social engineering, and
so on, an IT person can implement encryption, authentication, anti-malware,
R
and user awareness.
5. False—Social engineering is the act of manipulating users into revealing
confidential information.
SE
D
O
C
S
3
, Chapter 1 Multiple Choice Questions
1. Tom sends out many e-mails containing secure information to other
companies. What concept should be implemented to prove that Tom did
indeed send the e-mails?
A. Authenticity
B. Nonrepudiation
C. Confidentiality
D. Integrity
2. Which type of hacker has no affiliation with an organization, yet will hack
N
systems without malicious intent?
A. Gray hat
B. Blue hat
C. White hat
U
D. Black hat
3. Which of the following does the “A” in “CIA” stand for when relating to IT
R
security? (Select the best answer.)
A. Accountability
B. Assessment
SE
C. Availability
D. Auditing
4. Which of the following is the greatest risk for removable storage?
A. Integrity of data
B. Availability of data
C. Confidentiality of data
D
D. Accountability of data
5. For information security, what is the I in CIA?
O
A. Insurrection
B. Information
C. Identification
D. Integrity
C
S
4
For
CompTIA Security+ SY0-501 Cert Guide, Academic
N
Edition (Certification Guide) 2nd Edition
U
by Dave Prowse
R
SE
D
O
All Chapters Included
C
All Answers Included
S
jhgfds
, jhgfdsa
Chapter 1: Introduction to Security
Chapter 1 True/False Questions
1. In information security, the three core principles are known as
confidentiality, integrity, and availability.
2. A system can easily be completely secure.
3. Individuals who hack into systems at an organization’s request, but are
N
not employed by the organization are known as blue hats.
4. Encryption, authentication, and anti-malware are all ways to protect
U
against malicious threats.
5. Social engineering includes viruses, worms, and Trojan horses.
R
SE
D
O
All Chapters Included
C
All Answers Included
S
,Chapter 1 True/False Answers/Explanations
1. True—Confidentiality, integrity, and availability (known as CIA or the CIA
triad) are the three core principles for information security. Another principle
within information security is accountability.
2. False—A system can never truly be completely secure. The scales are
always tipping back and forth; a hacker develops a way to break into a
system, then an administrator finds a way to block that attack, and then the
hacker looks for an alternative method. It goes on and on; be ready to wage
the eternal battle!
N
3. True—Blue hats are individuals asked by an organization to attempt to
hack into a system who are not employed by the organization. Blue hats are
often used when testing systems.
U
4. True—To protect against threats such as malware, social engineering, and
so on, an IT person can implement encryption, authentication, anti-malware,
R
and user awareness.
5. False—Social engineering is the act of manipulating users into revealing
confidential information.
SE
D
O
C
S
3
, Chapter 1 Multiple Choice Questions
1. Tom sends out many e-mails containing secure information to other
companies. What concept should be implemented to prove that Tom did
indeed send the e-mails?
A. Authenticity
B. Nonrepudiation
C. Confidentiality
D. Integrity
2. Which type of hacker has no affiliation with an organization, yet will hack
N
systems without malicious intent?
A. Gray hat
B. Blue hat
C. White hat
U
D. Black hat
3. Which of the following does the “A” in “CIA” stand for when relating to IT
R
security? (Select the best answer.)
A. Accountability
B. Assessment
SE
C. Availability
D. Auditing
4. Which of the following is the greatest risk for removable storage?
A. Integrity of data
B. Availability of data
C. Confidentiality of data
D
D. Accountability of data
5. For information security, what is the I in CIA?
O
A. Insurrection
B. Information
C. Identification
D. Integrity
C
S
4
