Page | 1
Itn 262 Midterm study Questions and
Answers (Expert Solutions)
Q: Supervisory control and data acquisition (SCADA) devices are most often associated
with: ANS 🗹🗹: utilities
Q: What is a worm? ANS 🗹🗹: Malware
Q: True or False? Botnets can (often) perform distributed denial of service (DDoS) attacks
in which thousands of individual computers send overwhelming amounts of traffic at a
victim's computer.
Correct! ANS 🗹🗹: True
Q: Desktop malware may not represent a direct threat to ________- or PLC-based
equipment, but practical attacks exist on these systems. ANS 🗹🗹: SCADA
Q: True or False? In requirement-based security, we identify and prioritize our security
needs in a risk assessment process.
Correct! ANS 🗹🗹: True
Q: Car ignition locks are an example of what type of decision? ANS 🗹🗹: Rule-based
Q: Both forms of the RMF illustrate a(n) _______ engineering process as a way to plan,
design, and build a complicated system. ANS 🗹🗹: systems
Q: True or False? The security process and the Information engineering process find
their origin in the concept of Continuous Improvement. ANS 🗹🗹: False
, Page | 2
Q: True or False? A supervisory control and data acquisition (SCADA) device is a
computer that controls motors, valves, and other devices in industrial applications. ANS
🗹🗹: True
Q: A security decision, such as locking your vehicle when not in use, is an example of:
ANS 🗹🗹: rule-based security.
Q: Which of the following is an example of a rule-based security decision? ANS 🗹🗹:
Locking a car's ignition
Q: Which of the following is an example of security theater? ANS 🗹🗹: Installing a fake
video camera
Q: True or False? The term "security theater" refers to security measures intended to
make potential victims feel safe and secure without regard to their effectiveness.
Correct! ANS 🗹🗹: True
Q: Risk Management Framework is a way to assess _______________ risks when developing
large-scale computer systems. ANS 🗹🗹: cybersecurity
Q: True or False? Security Category RMF begins with a high-level estimate of the impact
caused by cyber security failures. ANS 🗹🗹: True
Q: True or False? A vulnerability is a weakness in the boundary that protects the assets
from the threat agents. ANS 🗹🗹: True
Q: True or False? A threat agent is a person who did attack our assets, while an attacker
might attack an asset. ANS 🗹🗹: False
Q: Which of the following is a person who has learned specific attacks on computer
systems and can use those specific attacks? ANS 🗹🗹: Cracker
Q: CIA properties do not include: ANS 🗹🗹: authentication.
Itn 262 Midterm study Questions and
Answers (Expert Solutions)
Q: Supervisory control and data acquisition (SCADA) devices are most often associated
with: ANS 🗹🗹: utilities
Q: What is a worm? ANS 🗹🗹: Malware
Q: True or False? Botnets can (often) perform distributed denial of service (DDoS) attacks
in which thousands of individual computers send overwhelming amounts of traffic at a
victim's computer.
Correct! ANS 🗹🗹: True
Q: Desktop malware may not represent a direct threat to ________- or PLC-based
equipment, but practical attacks exist on these systems. ANS 🗹🗹: SCADA
Q: True or False? In requirement-based security, we identify and prioritize our security
needs in a risk assessment process.
Correct! ANS 🗹🗹: True
Q: Car ignition locks are an example of what type of decision? ANS 🗹🗹: Rule-based
Q: Both forms of the RMF illustrate a(n) _______ engineering process as a way to plan,
design, and build a complicated system. ANS 🗹🗹: systems
Q: True or False? The security process and the Information engineering process find
their origin in the concept of Continuous Improvement. ANS 🗹🗹: False
, Page | 2
Q: True or False? A supervisory control and data acquisition (SCADA) device is a
computer that controls motors, valves, and other devices in industrial applications. ANS
🗹🗹: True
Q: A security decision, such as locking your vehicle when not in use, is an example of:
ANS 🗹🗹: rule-based security.
Q: Which of the following is an example of a rule-based security decision? ANS 🗹🗹:
Locking a car's ignition
Q: Which of the following is an example of security theater? ANS 🗹🗹: Installing a fake
video camera
Q: True or False? The term "security theater" refers to security measures intended to
make potential victims feel safe and secure without regard to their effectiveness.
Correct! ANS 🗹🗹: True
Q: Risk Management Framework is a way to assess _______________ risks when developing
large-scale computer systems. ANS 🗹🗹: cybersecurity
Q: True or False? Security Category RMF begins with a high-level estimate of the impact
caused by cyber security failures. ANS 🗹🗹: True
Q: True or False? A vulnerability is a weakness in the boundary that protects the assets
from the threat agents. ANS 🗹🗹: True
Q: True or False? A threat agent is a person who did attack our assets, while an attacker
might attack an asset. ANS 🗹🗹: False
Q: Which of the following is a person who has learned specific attacks on computer
systems and can use those specific attacks? ANS 🗹🗹: Cracker
Q: CIA properties do not include: ANS 🗹🗹: authentication.
