WGU C191 Module 5 Protection and
Security Study guide Exam Questions
with Key Marking Scheme Updated
2024/2025
A fragment of code embedded in a legitimate program - correct answer Virus
In the UNIX operating system, a domain is associated with the ____. - correct answer
user
The most common method used by attackers to breach security is ____. - correct
answer masquerading
A code segment that misuses its environment is called ____. - correct answer a Trojan
horse
In an access matrix, the ____ right allows a process to change the entries in a row. -
correct answer control
Worms ____. - correct answer use the spawn mechanism to ravage system
performance/can shut down an entire network/continue to grow as the Internet expands
A denial of service attack is ____. - correct answer aimed at disrupting legitimate use
of a system
In a paired-password system, ____. - correct answer the computer supplies one part of
a password and the user enters the other part
In the reacquisition scheme for implementing the revocation of capabilities, ____. -
correct answer capabilities are periodically deleted from each domain
,Which of the following is a true statement regarding the relative merits between access
rights enforcement based solely on a kernel, as opposed to enforcement provided
largely by a compiler? - correct answer Enforcement by the kernel is less flexible than
enforcement by the programming language for user-defined policy.
____ layer security generally has been standardized on IPSec. - correct answer
Network
Secure - correct answer Protects the integrity of a system. A system whose resources
are used and accessed as intended under all circumstances.
Cracker - correct answer Someone attempting to breach security
Threat - correct answer The potential for a security violation
Attack - correct answer The attempt to break security
DoS - correct answer An attack that attempts to disrupt or prevent legitimate use of a
system
Trojan horse - correct answer A code segment that tries to misuse its environment
Virus - correct answer A fragment of code embedded in a legitimate program
Worm - correct answer Similar to virus but self replicates through out a network
Domain - correct answer Specifies resources a process may access. Specifies a set of
objects and the operations that may be invoked on those objects. Set of access rights.
Protection - correct answer a mechanism for controlling the access of programs,
processes, or users to the resources defined by a computer system.
, Security - correct answer requires not only an adequate protection of system but also
consideration of the external environment within which the system operates ( ie , threats
and attacks).
Breach of confidentiality - correct answer Getting a hold of information, credit card
numbers etc
Breach of integrity - correct answer Modify data
Breach of availability - correct answer Destruction of data
Theft of service - correct answer Unauthorized use of resources, Example-using a
server for your own file server
Trap door - correct answer hole purposely left in software program that only the
programmer is capable of using.
In unix the domain is associated with what? - correct answer the user
What is the most common method used by an attacker? - correct answer
Masquerading
Principle where just enough privilege is given to perform a task. - correct answer
Principle of least privilege
Principle where a process is only given access to resources it currently needs. - correct
answer Need to know principle
Rights needed to change entries in a column of an access matrix - correct answer
Copy and owner rights
Security Study guide Exam Questions
with Key Marking Scheme Updated
2024/2025
A fragment of code embedded in a legitimate program - correct answer Virus
In the UNIX operating system, a domain is associated with the ____. - correct answer
user
The most common method used by attackers to breach security is ____. - correct
answer masquerading
A code segment that misuses its environment is called ____. - correct answer a Trojan
horse
In an access matrix, the ____ right allows a process to change the entries in a row. -
correct answer control
Worms ____. - correct answer use the spawn mechanism to ravage system
performance/can shut down an entire network/continue to grow as the Internet expands
A denial of service attack is ____. - correct answer aimed at disrupting legitimate use
of a system
In a paired-password system, ____. - correct answer the computer supplies one part of
a password and the user enters the other part
In the reacquisition scheme for implementing the revocation of capabilities, ____. -
correct answer capabilities are periodically deleted from each domain
,Which of the following is a true statement regarding the relative merits between access
rights enforcement based solely on a kernel, as opposed to enforcement provided
largely by a compiler? - correct answer Enforcement by the kernel is less flexible than
enforcement by the programming language for user-defined policy.
____ layer security generally has been standardized on IPSec. - correct answer
Network
Secure - correct answer Protects the integrity of a system. A system whose resources
are used and accessed as intended under all circumstances.
Cracker - correct answer Someone attempting to breach security
Threat - correct answer The potential for a security violation
Attack - correct answer The attempt to break security
DoS - correct answer An attack that attempts to disrupt or prevent legitimate use of a
system
Trojan horse - correct answer A code segment that tries to misuse its environment
Virus - correct answer A fragment of code embedded in a legitimate program
Worm - correct answer Similar to virus but self replicates through out a network
Domain - correct answer Specifies resources a process may access. Specifies a set of
objects and the operations that may be invoked on those objects. Set of access rights.
Protection - correct answer a mechanism for controlling the access of programs,
processes, or users to the resources defined by a computer system.
, Security - correct answer requires not only an adequate protection of system but also
consideration of the external environment within which the system operates ( ie , threats
and attacks).
Breach of confidentiality - correct answer Getting a hold of information, credit card
numbers etc
Breach of integrity - correct answer Modify data
Breach of availability - correct answer Destruction of data
Theft of service - correct answer Unauthorized use of resources, Example-using a
server for your own file server
Trap door - correct answer hole purposely left in software program that only the
programmer is capable of using.
In unix the domain is associated with what? - correct answer the user
What is the most common method used by an attacker? - correct answer
Masquerading
Principle where just enough privilege is given to perform a task. - correct answer
Principle of least privilege
Principle where a process is only given access to resources it currently needs. - correct
answer Need to know principle
Rights needed to change entries in a column of an access matrix - correct answer
Copy and owner rights
