11/6/25, 8:09 PM CSE 4471 MIDTERM 1 Exam 2025 (Actual Exam) Questions with verified Answers (Latest Update 2025) UPDATE!! Flashcards | Q…
Science Computer Science Computer Security and Reliability
CSE 4471 MIDTERM 1 Exam 2025 (Actual Exam)
Questions with verified Answers (Latest Update
2025) UPDATE!!
- protectorganization's ability to function
- protect assets
Needs of the business - enable safe enterprise operation
- establish or maintain a market segment
- establish or improve profitability
Damage caused by software lost to piracy (lost revenue,
1. Compromised reputation damage)
intellectual property
Violating protections and end user licensing agreements (EULA)
Includes both situations where products or services not delivered
as expected Information system may depend on many
interdependent internal support systems
2. Quality of Service Internet service, communications, and power irregularities may
Deviations dramatically affect availability of information and systems
DoS (Denial of Service) an attack which attempts to overload a target host so that it
cannot respond to legitimate requests, thus effectively taking
the provided service off-line.
a DoS attack which coordinates multipleattackers to provide a
greater attack volume
DDoS (Distributed
Denial of Service)
… 1/22
,11/6/25, 8:09 PM CSE 4471 MIDTERM 1 Exam 2025 (Actual Exam) Questions with verified Answers (Latest Update 2025) UPDATE!! Flashcards | Q…
An attack that broadcasts a ping request to
computers yet changes the
Smurf Attack
address so that all responses
are sent to the victim.
- Send thousands of emails to legitimate mail server
Reflection Email Attack - uses illegitimate email
-source email is victim
◦ Master sends commands to compromised zombie
Botnet ◦ Zombies attack victim
◦ Victim only sees attacks from zombie
Business
Intelligence (legal),
3. Espionage
open source
intelligence (osint),
industrial espionage
(apple car)
state-sponsored espionage
a side-channel attack that passively monitors acoustic,
tempest
electrical or other emissions to gain confidential
information
Employee or contractor that enters a trusted relationship with an
organization.
◦ Trust means that by entering a work relationship, the
insiders agree to the rules and obligations that come
insider
with the role
◦ This relationship of trust does not, and should not,
include alleged dishonest, unethical or illegal
activity.
◦ The insider must obey laws and hold to ethical
practices, despite the trusted relationship.
… 2/22
, 11/6/25, 8:09 PM CSE 4471 MIDTERM 1 Exam 2025 (Actual Exam) Questions with verified Answers (Latest Update 2025) UPDATE!! Flashcards | Q…
An insider that reports wrongdoing (generally not for personal
gain).
◦ It is unlawful for an employer to retaliate against
you for making a "protected disclosure." A
Whistleblower
disclosure is protected only if it meets two
criteria:
1 The disclosure based on a reasonable belief that wrongdoing
has occurred.
2 The disclosure must also be made to a person or entity
that is authorized to receive it
(news media and sensitive data not included)
… 3/22
Science Computer Science Computer Security and Reliability
CSE 4471 MIDTERM 1 Exam 2025 (Actual Exam)
Questions with verified Answers (Latest Update
2025) UPDATE!!
- protectorganization's ability to function
- protect assets
Needs of the business - enable safe enterprise operation
- establish or maintain a market segment
- establish or improve profitability
Damage caused by software lost to piracy (lost revenue,
1. Compromised reputation damage)
intellectual property
Violating protections and end user licensing agreements (EULA)
Includes both situations where products or services not delivered
as expected Information system may depend on many
interdependent internal support systems
2. Quality of Service Internet service, communications, and power irregularities may
Deviations dramatically affect availability of information and systems
DoS (Denial of Service) an attack which attempts to overload a target host so that it
cannot respond to legitimate requests, thus effectively taking
the provided service off-line.
a DoS attack which coordinates multipleattackers to provide a
greater attack volume
DDoS (Distributed
Denial of Service)
… 1/22
,11/6/25, 8:09 PM CSE 4471 MIDTERM 1 Exam 2025 (Actual Exam) Questions with verified Answers (Latest Update 2025) UPDATE!! Flashcards | Q…
An attack that broadcasts a ping request to
computers yet changes the
Smurf Attack
address so that all responses
are sent to the victim.
- Send thousands of emails to legitimate mail server
Reflection Email Attack - uses illegitimate email
-source email is victim
◦ Master sends commands to compromised zombie
Botnet ◦ Zombies attack victim
◦ Victim only sees attacks from zombie
Business
Intelligence (legal),
3. Espionage
open source
intelligence (osint),
industrial espionage
(apple car)
state-sponsored espionage
a side-channel attack that passively monitors acoustic,
tempest
electrical or other emissions to gain confidential
information
Employee or contractor that enters a trusted relationship with an
organization.
◦ Trust means that by entering a work relationship, the
insiders agree to the rules and obligations that come
insider
with the role
◦ This relationship of trust does not, and should not,
include alleged dishonest, unethical or illegal
activity.
◦ The insider must obey laws and hold to ethical
practices, despite the trusted relationship.
… 2/22
, 11/6/25, 8:09 PM CSE 4471 MIDTERM 1 Exam 2025 (Actual Exam) Questions with verified Answers (Latest Update 2025) UPDATE!! Flashcards | Q…
An insider that reports wrongdoing (generally not for personal
gain).
◦ It is unlawful for an employer to retaliate against
you for making a "protected disclosure." A
Whistleblower
disclosure is protected only if it meets two
criteria:
1 The disclosure based on a reasonable belief that wrongdoing
has occurred.
2 The disclosure must also be made to a person or entity
that is authorized to receive it
(news media and sensitive data not included)
… 3/22
