TEST BANK
M
For
PR
CompTIA Security+ SY0-501 Cert Guide, Academic
Edition (Certification Guide) 2nd Edition
ES
by Dave Prowse
SI
VE
G
All Chapters Included
R
All Answers Included
AD
ES
jhgfds
, jhgfdsa
Chapter 1: Introduction to Security
M
Chapter 1 True/False Questions
1. In information security, the three core principles are known as
confidentiality, integrity, and availability.
PR
2. A system can easily be completely secure.
3. Individuals who hack into systems at an organization’s request, but are
not employed by the organization are known as blue hats.
ES
4. Encryption, authentication, and anti-malware are all ways to protect
against malicious threats.
5. Social engineering includes viruses, worms, and Trojan horses.
SI
VE
G
All Chapters Included
R
AD
All Answers Included
ES
, Chapter 1 True/False Answers/Explanations
1. True—Confidentiality, integrity, and availability (known as CIA or the CIA
M
triad) are the three core principles for information security. Another principle
within information security is accountability.
2. False—A system can never truly be completely secure. The scales are
PR
always tipping back and forth; a hacker develops a way to break into a
system, then an administrator finds a way to block that attack, and then the
hacker looks for an alternative method. It goes on and on; be ready to wage
the eternal battle!
3. True—Blue hats are individuals asked by an organization to attempt to
hack into a system who are not employed by the organization. Blue hats are
ES
often used when testing systems.
4. True—To protect against threats such as malware, social engineering, and
so on, an IT person can implement encryption, authentication, anti-malware,
and user awareness.
SI
5. False—Social engineering is the act of manipulating users into revealing
confidential information.
VE
G
R
AD
ES
3
, Chapter 1 Multiple Choice Questions
1. Tom sends out many e-mails containing secure information to other
M
companies. What concept should be implemented to prove that Tom did
indeed send the e-mails?
A. Authenticity
B. Nonrepudiation
PR
C. Confidentiality
D. Integrity
2. Which type of hacker has no affiliation with an organization, yet will hack
systems without malicious intent?
A. Gray hat
B. Blue hat
ES
C. White hat
D. Black hat
3. Which of the following does the “A” in “CIA” stand for when relating to IT
security? (Select the best answer.)
A. Accountability
SI
B. Assessment
C. Availability
D. Auditing
4. Which of the following is the greatest risk for removable storage?
VE
A. Integrity of data
B. Availability of data
C. Confidentiality of data
D. Accountability of data
5. For information security, what is the I in CIA?
G
A. Insurrection
B. Information
C. Identification
D. Integrity
R
AD
ES
4
M
For
PR
CompTIA Security+ SY0-501 Cert Guide, Academic
Edition (Certification Guide) 2nd Edition
ES
by Dave Prowse
SI
VE
G
All Chapters Included
R
All Answers Included
AD
ES
jhgfds
, jhgfdsa
Chapter 1: Introduction to Security
M
Chapter 1 True/False Questions
1. In information security, the three core principles are known as
confidentiality, integrity, and availability.
PR
2. A system can easily be completely secure.
3. Individuals who hack into systems at an organization’s request, but are
not employed by the organization are known as blue hats.
ES
4. Encryption, authentication, and anti-malware are all ways to protect
against malicious threats.
5. Social engineering includes viruses, worms, and Trojan horses.
SI
VE
G
All Chapters Included
R
AD
All Answers Included
ES
, Chapter 1 True/False Answers/Explanations
1. True—Confidentiality, integrity, and availability (known as CIA or the CIA
M
triad) are the three core principles for information security. Another principle
within information security is accountability.
2. False—A system can never truly be completely secure. The scales are
PR
always tipping back and forth; a hacker develops a way to break into a
system, then an administrator finds a way to block that attack, and then the
hacker looks for an alternative method. It goes on and on; be ready to wage
the eternal battle!
3. True—Blue hats are individuals asked by an organization to attempt to
hack into a system who are not employed by the organization. Blue hats are
ES
often used when testing systems.
4. True—To protect against threats such as malware, social engineering, and
so on, an IT person can implement encryption, authentication, anti-malware,
and user awareness.
SI
5. False—Social engineering is the act of manipulating users into revealing
confidential information.
VE
G
R
AD
ES
3
, Chapter 1 Multiple Choice Questions
1. Tom sends out many e-mails containing secure information to other
M
companies. What concept should be implemented to prove that Tom did
indeed send the e-mails?
A. Authenticity
B. Nonrepudiation
PR
C. Confidentiality
D. Integrity
2. Which type of hacker has no affiliation with an organization, yet will hack
systems without malicious intent?
A. Gray hat
B. Blue hat
ES
C. White hat
D. Black hat
3. Which of the following does the “A” in “CIA” stand for when relating to IT
security? (Select the best answer.)
A. Accountability
SI
B. Assessment
C. Availability
D. Auditing
4. Which of the following is the greatest risk for removable storage?
VE
A. Integrity of data
B. Availability of data
C. Confidentiality of data
D. Accountability of data
5. For information security, what is the I in CIA?
G
A. Insurrection
B. Information
C. Identification
D. Integrity
R
AD
ES
4
