Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 1: Introduction to Security

Full screen (f)
exit full mode
Question
In a general sense, assurance may be defined as the necessary steps to protect a person or property from harm.
Use Space or
up arrow
down arrow
to flip the card.
Question
____ involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain.

A) Cyberterrorism
B) Identity theft
C) Phishing
D) Scam
Question
Weakness in software can be more quickly uncovered and exploited with new software tools and techniques.
Question
In a ____ attack, attackers can attackers use hundreds or thousands of computers in an attack against a single computer or network.

A) centered
B) local
C) remote
D) distributed
Question
The position of ____ is generally an entry-level position for a person who has the necessary technical skills.

A) security technician
B) security administrator
C) CISO
D) security manager
Question
____ ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter.

A) Encryption
B) Authentication
C) Authorization
D) Accounting
Question
The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security.
Question
Approximately ____ percent of households in the United States use the Internet for managing their finances.

A) 60
B) 70
C) 80
D) 90
Question
Recent employment trends indicate that employees with security certifications are in high demand.
Question
In information security, a loss can be ____.

A) theft of information
B) a delay in transmitting information that results in a financial penalty
C) the loss of good will or a reputation
D) all of the above
Question
____ ensures that information is correct and that no unauthorized person or malicious software has altered that data.

A) Availability
B) Confidentiality
C) Integrity
D) Identity
Question
____ attacks are responsible for half of all malware delivered by Web advertising.

A) "Canadian Pharmacy"
B) Fake antivirus
C) Melissa
D) Slammer
Question
Under the ____, health care enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format.

A) HIPAA
B) HLPDA
C) HCPA
D) USHIPA
Question
____ ensures that only authorized parties can view information.

A) Security
B) Availability
C) Integrity
D) Confidentiality
Question
The demand for IT professionals who know how to secure networks and computers is at an all-time low.
Question
An information security ____ position focuses on the administration and management of plans, policies, and people.

A) manager
B) engineer
C) auditor
D) inspector
Question
The term ____ is frequently used to describe the tasks of securing information that is in a digital format.

A) network security
B) information security
C) physical security
D) logical security
Question
In information security, an example of a threat agent can be ____.

A) a force of nature such as a tornado that could destroy computer equipment
B) a virus that attacks a computer network
C) an unsecured computer network
D) both a and b
Question
A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts.

A) 10 to 14
B) 12 to 15
C) 13 to 14
D) 14 to 16
Question
Business ____ theft involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire.

A) identity
B) data
C) plan
D) record
Question
An example of a(n) ____________________ that information security must deal with is a software defect in an operating system that allows an unauthorized user to gain access to a computer without the user's knowledge or permission.
Question
Why is the speed of attacks making the challenge of keeping computers secure more difficult?
Question
What is another name for unsolicited e-mail messages?

A) spam
B) spawn
C) trash
D) scam
Question
In a general sense, ____________________ may be defined as the necessary steps to protect a person or property from harm.
Question
The single most expensive malicious attack was the 2000 ____, which cost an estimated $8.7 billion.

A) Nimda
B) Slammer
C) Love Bug
D) Code Red
Question
____ are a loose-knit network of attackers, identity thieves, and financial fraudsters.

A) Cybercriminals
B) Cyberterrorists
C) Computer spies
D) Hackers
Question
____________________ provides tracking of events.
Question
List and describe three of the characteristics of information that must be protected by information security?
Question
Discuss why delays in patching are making information security more difficult.
Question
Security ____________________ have both technical knowledge and managerial skills and analyze and design security solutions within a specific entity.
Question
Information security is achieved through a combination of what three entities? Provide at least one example of each entity.
Question
What is a hacker?
Question
The ____ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.

A) Gramm-Leach-Bliley
B) Sarbanes-Oxley
C) California Database Security Breach
D) USA Patriot
Question
List and describe two of the four generally recognized security positions.
Question
What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it?

A) $100,000
B) $250,000
C) $500,000
D) $1,000,000
Question
Describe script kiddies.
Question
List three of the federal and state laws that have been enacted to protect the privacy of electronic data.
Question
_________________________ is focused on protecting the valuable electronic information of organizations and users.
Question
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as ____.

A) spam
B) phishing
C) cybercrime
D) cyberterrorism
Question
Briefly describe computer spies.
Question
Describe the security principle of simplicity.
Question
Match between columns
Premises:
Responses:
a person who has been hired to break into a computer and steal information
risk
a person who has been hired to break into a computer and steal information
cyberterrorism
a person who has been hired to break into a computer and steal information
threat agent
a person who has been hired to break into a computer and steal information
computer spy
a person who has been hired to break into a computer and steal information
asset
a person who has been hired to break into a computer and steal information
exploit
a person who has been hired to break into a computer and steal information
threat
a person who has been hired to break into a computer and steal information
vulnerability
a person who has been hired to break into a computer and steal information
procedures
intended to cause panic, provoke violence, or result in a financial catastrophe
risk
intended to cause panic, provoke violence, or result in a financial catastrophe
cyberterrorism
intended to cause panic, provoke violence, or result in a financial catastrophe
threat agent
intended to cause panic, provoke violence, or result in a financial catastrophe
computer spy
intended to cause panic, provoke violence, or result in a financial catastrophe
asset
intended to cause panic, provoke violence, or result in a financial catastrophe
exploit
intended to cause panic, provoke violence, or result in a financial catastrophe
threat
intended to cause panic, provoke violence, or result in a financial catastrophe
vulnerability
intended to cause panic, provoke violence, or result in a financial catastrophe
procedures
an event or action that might defeat security measures in place and result in a loss
risk
an event or action that might defeat security measures in place and result in a loss
cyberterrorism
an event or action that might defeat security measures in place and result in a loss
threat agent
an event or action that might defeat security measures in place and result in a loss
computer spy
an event or action that might defeat security measures in place and result in a loss
asset
an event or action that might defeat security measures in place and result in a loss
exploit
an event or action that might defeat security measures in place and result in a loss
threat
an event or action that might defeat security measures in place and result in a loss
vulnerability
an event or action that might defeat security measures in place and result in a loss
procedures
plans and policies established by an organization to ensure that people correctly use the products
risk
plans and policies established by an organization to ensure that people correctly use the products
cyberterrorism
plans and policies established by an organization to ensure that people correctly use the products
threat agent
plans and policies established by an organization to ensure that people correctly use the products
computer spy
plans and policies established by an organization to ensure that people correctly use the products
asset
plans and policies established by an organization to ensure that people correctly use the products
exploit
plans and policies established by an organization to ensure that people correctly use the products
threat
plans and policies established by an organization to ensure that people correctly use the products
vulnerability
plans and policies established by an organization to ensure that people correctly use the products
procedures
a weakness that allows a threat agent to bypass security
risk
a weakness that allows a threat agent to bypass security
cyberterrorism
a weakness that allows a threat agent to bypass security
threat agent
a weakness that allows a threat agent to bypass security
computer spy
a weakness that allows a threat agent to bypass security
asset
a weakness that allows a threat agent to bypass security
exploit
a weakness that allows a threat agent to bypass security
threat
a weakness that allows a threat agent to bypass security
vulnerability
a weakness that allows a threat agent to bypass security
procedures
the likelihood that a threat agent will exploit a vulnerability
risk
the likelihood that a threat agent will exploit a vulnerability
cyberterrorism
the likelihood that a threat agent will exploit a vulnerability
threat agent
the likelihood that a threat agent will exploit a vulnerability
computer spy
the likelihood that a threat agent will exploit a vulnerability
asset
the likelihood that a threat agent will exploit a vulnerability
exploit
the likelihood that a threat agent will exploit a vulnerability
threat
the likelihood that a threat agent will exploit a vulnerability
vulnerability
the likelihood that a threat agent will exploit a vulnerability
procedures
something that has value
risk
something that has value
cyberterrorism
something that has value
threat agent
something that has value
computer spy
something that has value
asset
something that has value
exploit
something that has value
threat
something that has value
vulnerability
something that has value
procedures
to take advantage of a vulnerability
risk
to take advantage of a vulnerability
cyberterrorism
to take advantage of a vulnerability
threat agent
to take advantage of a vulnerability
computer spy
to take advantage of a vulnerability
asset
to take advantage of a vulnerability
exploit
to take advantage of a vulnerability
threat
to take advantage of a vulnerability
vulnerability
to take advantage of a vulnerability
procedures
a person or thing that has the power to carry out a threat
risk
a person or thing that has the power to carry out a threat
cyberterrorism
a person or thing that has the power to carry out a threat
threat agent
a person or thing that has the power to carry out a threat
computer spy
a person or thing that has the power to carry out a threat
asset
a person or thing that has the power to carry out a threat
exploit
a person or thing that has the power to carry out a threat
threat
a person or thing that has the power to carry out a threat
vulnerability
a person or thing that has the power to carry out a threat
procedures
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/42
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 1: Introduction to Security
1
In a general sense, assurance may be defined as the necessary steps to protect a person or property from harm.
False
2
____ involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain.

A) Cyberterrorism
B) Identity theft
C) Phishing
D) Scam
B
3
Weakness in software can be more quickly uncovered and exploited with new software tools and techniques.
True
4
In a ____ attack, attackers can attackers use hundreds or thousands of computers in an attack against a single computer or network.

A) centered
B) local
C) remote
D) distributed
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
5
The position of ____ is generally an entry-level position for a person who has the necessary technical skills.

A) security technician
B) security administrator
C) CISO
D) security manager
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
6
____ ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter.

A) Encryption
B) Authentication
C) Authorization
D) Accounting
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
7
The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
8
Approximately ____ percent of households in the United States use the Internet for managing their finances.

A) 60
B) 70
C) 80
D) 90
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
9
Recent employment trends indicate that employees with security certifications are in high demand.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
10
In information security, a loss can be ____.

A) theft of information
B) a delay in transmitting information that results in a financial penalty
C) the loss of good will or a reputation
D) all of the above
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
11
____ ensures that information is correct and that no unauthorized person or malicious software has altered that data.

A) Availability
B) Confidentiality
C) Integrity
D) Identity
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
12
____ attacks are responsible for half of all malware delivered by Web advertising.

A) "Canadian Pharmacy"
B) Fake antivirus
C) Melissa
D) Slammer
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
13
Under the ____, health care enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format.

A) HIPAA
B) HLPDA
C) HCPA
D) USHIPA
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
14
____ ensures that only authorized parties can view information.

A) Security
B) Availability
C) Integrity
D) Confidentiality
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
15
The demand for IT professionals who know how to secure networks and computers is at an all-time low.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
16
An information security ____ position focuses on the administration and management of plans, policies, and people.

A) manager
B) engineer
C) auditor
D) inspector
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
17
The term ____ is frequently used to describe the tasks of securing information that is in a digital format.

A) network security
B) information security
C) physical security
D) logical security
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
18
In information security, an example of a threat agent can be ____.

A) a force of nature such as a tornado that could destroy computer equipment
B) a virus that attacks a computer network
C) an unsecured computer network
D) both a and b
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
19
A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts.

A) 10 to 14
B) 12 to 15
C) 13 to 14
D) 14 to 16
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
20
Business ____ theft involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire.

A) identity
B) data
C) plan
D) record
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
21
An example of a(n) ____________________ that information security must deal with is a software defect in an operating system that allows an unauthorized user to gain access to a computer without the user's knowledge or permission.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
22
Why is the speed of attacks making the challenge of keeping computers secure more difficult?
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
23
What is another name for unsolicited e-mail messages?

A) spam
B) spawn
C) trash
D) scam
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
24
In a general sense, ____________________ may be defined as the necessary steps to protect a person or property from harm.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
25
The single most expensive malicious attack was the 2000 ____, which cost an estimated $8.7 billion.

A) Nimda
B) Slammer
C) Love Bug
D) Code Red
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
26
____ are a loose-knit network of attackers, identity thieves, and financial fraudsters.

A) Cybercriminals
B) Cyberterrorists
C) Computer spies
D) Hackers
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
27
____________________ provides tracking of events.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
28
List and describe three of the characteristics of information that must be protected by information security?
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
29
Discuss why delays in patching are making information security more difficult.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
30
Security ____________________ have both technical knowledge and managerial skills and analyze and design security solutions within a specific entity.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
31
Information security is achieved through a combination of what three entities? Provide at least one example of each entity.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
32
What is a hacker?
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
33
The ____ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.

A) Gramm-Leach-Bliley
B) Sarbanes-Oxley
C) California Database Security Breach
D) USA Patriot
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
34
List and describe two of the four generally recognized security positions.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
35
What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it?

A) $100,000
B) $250,000
C) $500,000
D) $1,000,000
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
36
Describe script kiddies.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
37
List three of the federal and state laws that have been enacted to protect the privacy of electronic data.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
38
_________________________ is focused on protecting the valuable electronic information of organizations and users.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
39
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as ____.

A) spam
B) phishing
C) cybercrime
D) cyberterrorism
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
40
Briefly describe computer spies.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
41
Describe the security principle of simplicity.
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
42
Match between columns
Premises:
Responses:
a person who has been hired to break into a computer and steal information
risk
a person who has been hired to break into a computer and steal information
cyberterrorism
a person who has been hired to break into a computer and steal information
threat agent
a person who has been hired to break into a computer and steal information
computer spy
a person who has been hired to break into a computer and steal information
asset
a person who has been hired to break into a computer and steal information
exploit
a person who has been hired to break into a computer and steal information
threat
a person who has been hired to break into a computer and steal information
vulnerability
a person who has been hired to break into a computer and steal information
procedures
intended to cause panic, provoke violence, or result in a financial catastrophe
risk
intended to cause panic, provoke violence, or result in a financial catastrophe
cyberterrorism
intended to cause panic, provoke violence, or result in a financial catastrophe
threat agent
intended to cause panic, provoke violence, or result in a financial catastrophe
computer spy
intended to cause panic, provoke violence, or result in a financial catastrophe
asset
intended to cause panic, provoke violence, or result in a financial catastrophe
exploit
intended to cause panic, provoke violence, or result in a financial catastrophe
threat
intended to cause panic, provoke violence, or result in a financial catastrophe
vulnerability
intended to cause panic, provoke violence, or result in a financial catastrophe
procedures
an event or action that might defeat security measures in place and result in a loss
risk
an event or action that might defeat security measures in place and result in a loss
cyberterrorism
an event or action that might defeat security measures in place and result in a loss
threat agent
an event or action that might defeat security measures in place and result in a loss
computer spy
an event or action that might defeat security measures in place and result in a loss
asset
an event or action that might defeat security measures in place and result in a loss
exploit
an event or action that might defeat security measures in place and result in a loss
threat
an event or action that might defeat security measures in place and result in a loss
vulnerability
an event or action that might defeat security measures in place and result in a loss
procedures
plans and policies established by an organization to ensure that people correctly use the products
risk
plans and policies established by an organization to ensure that people correctly use the products
cyberterrorism
plans and policies established by an organization to ensure that people correctly use the products
threat agent
plans and policies established by an organization to ensure that people correctly use the products
computer spy
plans and policies established by an organization to ensure that people correctly use the products
asset
plans and policies established by an organization to ensure that people correctly use the products
exploit
plans and policies established by an organization to ensure that people correctly use the products
threat
plans and policies established by an organization to ensure that people correctly use the products
vulnerability
plans and policies established by an organization to ensure that people correctly use the products
procedures
a weakness that allows a threat agent to bypass security
risk
a weakness that allows a threat agent to bypass security
cyberterrorism
a weakness that allows a threat agent to bypass security
threat agent
a weakness that allows a threat agent to bypass security
computer spy
a weakness that allows a threat agent to bypass security
asset
a weakness that allows a threat agent to bypass security
exploit
a weakness that allows a threat agent to bypass security
threat
a weakness that allows a threat agent to bypass security
vulnerability
a weakness that allows a threat agent to bypass security
procedures
the likelihood that a threat agent will exploit a vulnerability
risk
the likelihood that a threat agent will exploit a vulnerability
cyberterrorism
the likelihood that a threat agent will exploit a vulnerability
threat agent
the likelihood that a threat agent will exploit a vulnerability
computer spy
the likelihood that a threat agent will exploit a vulnerability
asset
the likelihood that a threat agent will exploit a vulnerability
exploit
the likelihood that a threat agent will exploit a vulnerability
threat
the likelihood that a threat agent will exploit a vulnerability
vulnerability
the likelihood that a threat agent will exploit a vulnerability
procedures
something that has value
risk
something that has value
cyberterrorism
something that has value
threat agent
something that has value
computer spy
something that has value
asset
something that has value
exploit
something that has value
threat
something that has value
vulnerability
something that has value
procedures
to take advantage of a vulnerability
risk
to take advantage of a vulnerability
cyberterrorism
to take advantage of a vulnerability
threat agent
to take advantage of a vulnerability
computer spy
to take advantage of a vulnerability
asset
to take advantage of a vulnerability
exploit
to take advantage of a vulnerability
threat
to take advantage of a vulnerability
vulnerability
to take advantage of a vulnerability
procedures
a person or thing that has the power to carry out a threat
risk
a person or thing that has the power to carry out a threat
cyberterrorism
a person or thing that has the power to carry out a threat
threat agent
a person or thing that has the power to carry out a threat
computer spy
a person or thing that has the power to carry out a threat
asset
a person or thing that has the power to carry out a threat
exploit
a person or thing that has the power to carry out a threat
threat
a person or thing that has the power to carry out a threat
vulnerability
a person or thing that has the power to carry out a threat
procedures
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 42 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree