CompTIA Security+ SY0-501 Cert Guide
ST
Academic Version– 2nd Edition
UV
TEST BANK
IA
_A
PP
David L. Prowse
RO
Comprehensive Test Bank for Instructors and
VE
Students
D?
© David L.Prowse
All rights reserved. Reproduction or distribution without permission is prohibited.
??
©STUDYSTREAM
, Chapter 1: Introduction to Security
ST
Chapter 1 True/False Questions
1. In information security, the three core principles are known as
confidentiality, integrity, and availability.
UV
2. A system can easily be completely secure.
3. Individuals who hack into systems at an organization’s request, but are
not employed by the organization are known as blue hats.
4. Encryption, authentication, and anti-malware are all ways to protect
IA
against malicious threats.
5. Social engineering includes viruses, worms, and Trojan horses.
_A
PP
RO
VE
D?
??
2
, Chapter 1 True/False Answers/Explanations
1. True—Confidentiality, integrity, and availability (known as CIA or the CIA
ST
triad) are the three core principles for information security. Another principle
within information security is accountability.
2. False—A system can never truly be completely secure. The scales are
always tipping back and forth; a hacker develops a way to break into a
UV
system, then an administrator finds a way to block that attack, and then the
hacker looks for an alternative method. It goes on and on; be ready to wage
the eternal battle!
3. True—Blue hats are individuals asked by an organization to attempt to
hack into a system who are not employed by the organization. Blue hats are
IA
often used when testing systems.
4. True—To protect against threats such as malware, social engineering, and
so on, an IT person can implement encryption, authentication, anti-malware,
_A
and user awareness.
5. False—Social engineering is the act of manipulating users into revealing
confidential information.
PP
RO
VE
D?
??
3
, Chapter 1 Multiple Choice Questions
1. Tom sends out many e-mails containing secure information to other
ST
companies. What concept should be implemented to prove that Tom did
indeed send the e-mails?
A. Authenticity
B. Nonrepudiation
C. Confidentiality
UV
D. Integrity
2. Which type of hacker has no affiliation with an organization, yet will hack
systems without malicious intent?
A. Gray hat
B. Blue hat
IA
C. White hat
D. Black hat
3. Which of the following does the “A” in “CIA” stand for when relating to IT
_A
security? (Select the best answer.)
A. Accountability
B. Assessment
C. Availability
D. Auditing
PP
4. Which of the following is the greatest risk for removable storage?
A. Integrity of data
B. Availability of data
C. Confidentiality of data
RO
D. Accountability of data
5. For information security, what is the I in CIA?
A. Insurrection
B. Information
C. Identification
VE
D. Integrity
D?
??
4
ST
Academic Version– 2nd Edition
UV
TEST BANK
IA
_A
PP
David L. Prowse
RO
Comprehensive Test Bank for Instructors and
VE
Students
D?
© David L.Prowse
All rights reserved. Reproduction or distribution without permission is prohibited.
??
©STUDYSTREAM
, Chapter 1: Introduction to Security
ST
Chapter 1 True/False Questions
1. In information security, the three core principles are known as
confidentiality, integrity, and availability.
UV
2. A system can easily be completely secure.
3. Individuals who hack into systems at an organization’s request, but are
not employed by the organization are known as blue hats.
4. Encryption, authentication, and anti-malware are all ways to protect
IA
against malicious threats.
5. Social engineering includes viruses, worms, and Trojan horses.
_A
PP
RO
VE
D?
??
2
, Chapter 1 True/False Answers/Explanations
1. True—Confidentiality, integrity, and availability (known as CIA or the CIA
ST
triad) are the three core principles for information security. Another principle
within information security is accountability.
2. False—A system can never truly be completely secure. The scales are
always tipping back and forth; a hacker develops a way to break into a
UV
system, then an administrator finds a way to block that attack, and then the
hacker looks for an alternative method. It goes on and on; be ready to wage
the eternal battle!
3. True—Blue hats are individuals asked by an organization to attempt to
hack into a system who are not employed by the organization. Blue hats are
IA
often used when testing systems.
4. True—To protect against threats such as malware, social engineering, and
so on, an IT person can implement encryption, authentication, anti-malware,
_A
and user awareness.
5. False—Social engineering is the act of manipulating users into revealing
confidential information.
PP
RO
VE
D?
??
3
, Chapter 1 Multiple Choice Questions
1. Tom sends out many e-mails containing secure information to other
ST
companies. What concept should be implemented to prove that Tom did
indeed send the e-mails?
A. Authenticity
B. Nonrepudiation
C. Confidentiality
UV
D. Integrity
2. Which type of hacker has no affiliation with an organization, yet will hack
systems without malicious intent?
A. Gray hat
B. Blue hat
IA
C. White hat
D. Black hat
3. Which of the following does the “A” in “CIA” stand for when relating to IT
_A
security? (Select the best answer.)
A. Accountability
B. Assessment
C. Availability
D. Auditing
PP
4. Which of the following is the greatest risk for removable storage?
A. Integrity of data
B. Availability of data
C. Confidentiality of data
RO
D. Accountability of data
5. For information security, what is the I in CIA?
A. Insurrection
B. Information
C. Identification
VE
D. Integrity
D?
??
4
