Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 1: Introduction to Security

Full screen (f)
exit full mode
Question
Select the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.

A)availability
B)confidentiality
C)integrity
D)identity
Use Space or
up arrow
down arrow
to flip the card.
Question
What term refers to an action that provides an immediate solution to a problem by cutting through the complexity that surrounds it?

A)unicorn
B)approved action
C)secure solution
D)silver bullet
Question
To mitigate risk is the attempt to address risk by making the risk less serious.
Question
In information security,what can constitute a loss?

A)theft of information
B)a delay in transmitting information that results in a financial penalty
C)the loss of good will or a reputation
D)all of the above
Question
Brokers steal new product research or a list of current customers to gain a competitive advantage.
Question
Which position below is considered an entry-level position for a person who has the necessary technical skills?

A)security technician
B)security administrator
C)CISO
D)security manager
Question
The Security Administrator reports directly to the CIO.
Question
One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by the federal government.
Question
According to the U.S.Bureau of Labor Statistics,what percentage of growth for information security analysts is the available job outlook supposed to reach through 2024?

A)10
B)15
C)18
D)27
Question
In what kind of attack can attackers make use of millions of computers under their control in an attack against a single server or network?

A)centered
B)local
C)remote
D)distributed
Question
Which of the following ensures that data is accessible to authorized users?

A)availability
B)confidentiality
C)integrity
D)identity
Question
Smart phones give the owner of the device the ability to download security updates.
Question
Which of the three protections ensures that only authorized parties can view information?

A)security
B)availability
C)integrity
D)confidentiality
Question
The Sarbanes-Oxley Act restricts electronic and paper data containing personally identifiable financial information.
Question
The CompTIA Security+ certification is a vendor-neutral credential.
Question
Successful attacks are usually not from software that is poorly designed and has architecture/design weaknesses.
Question
What information security position reports to the CISO and supervises technicians,administrators,and security staff?

A)security manager
B)security engineer
C)security auditor
D)security administrator
Question
Which term below is frequently used to describe the tasks of securing information that is in a digital format?

A)network security
B)information security
C)physical security
D)logical security
Question
A vulnerability is a flaw or weakness that allows a threat to bypass security.
Question
As security is increased,convenience is often increased.
Question
What type of theft involves stealing another person's personal information,such as a Social Security number,and then using the information to impersonate the victim,generally for financial gain?

A)cyberterrorism
B)identity theft
C)phishing
D)social scam
Question
In information security,which of the following is an example of a threat actor?

A)a force of nature such as a tornado that could destroy computer equipment
B)a virus that attacks a computer network
C)a person attempting to break into a secure computer network
D)all of the above
Question
Which of the following is a common security framework? (Choose all that apply. )

A)ISO
B)COBIT
C)RFC
D)ASA
Question
Under which laws are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?

A)HIPAA
B)HLPDA
C)HCPA
D)USHIPA
Question
What term is used to describe state-sponsored attackers that are used for launching computer attacks against their foes?

A)nation state threats
B)cyber military
C)nation state actors
D)state hackers
Question
What class of attacks use innovative attack tools and once a system is infected it silently extracts data over an extended period?

A)Inside Attacks
B)Advanced Persistent Threat
C)Embedded Attacks
D)Modified Threat
Question
Which of the following is a valid fundamental security principle? (Choose all that apply. )

A)signature
B)diversity
C)simplicity
D)layering
Question
Which of the following are considered threat actors? (Choose all that apply. )

A)brokers
B)competitors
C)administrators
D)individuals
Question
What process describes using technology as a basis for controlling the access and usage of sensitive data?

A)technical controls
B)administrative controls
C)control diversity
D)vendor diversity
Question
What term is used to describe a group that is strongly motivated by ideology,but is usually not considered to be well-defined and well-organized?

A)hactivists
B)hacker
C)script kiddies
D)cyberterrorist
Question
What term best describes any premeditated,politically motivated attack against information,computer systems,computer programs,and data which results in violence against noncombatant targets by subnational groups or clandestine agents?

A)cybercriminal
B)cracking
C)cyberterrorism
D)hacking
Question
To date,the single most expensive malicious attack occurred in 2000,which cost an estimated $8.7 billion.What was the name of this attack?

A)Nimda
B)Slammer
C)Love Bug
D)Code Red
Question
Which term is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so?

A)cybercriminal
B)hacker
C)script kiddies
D)cyberterrorist
Question
Select the term that best describes automated attack software?

A)open-source utility
B)insider software
C)open-source intelligence
D)intrusion application
Question
Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?

A)$50,000
B)$250,000
C)$500,000
D)$1,500,000
Question
What level of security access should a computer user have to do their job?

A)password protected
B)least amount
C)limiting amount
D)authorized access
Question
What term describes a layered security approach that provides the comprehensive protection?

A)comprehensive-security
B)diverse-defense
C)limiting-defense
D)defense-in-depth
Question
Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information?

A)Gramm-Leach-Bliley
B)Sarbanes-Oxley
C)California Database Security Breach
D)USA Patriot
Question
Which of the following describes various supporting structures for implementing security that provides a resource of how to create a secure IT environment? (Choose all that apply. )

A)regulatory frameworks
B)reference architectures
C)industry-standard frameworks
D)reference frameworks
Question
What type of diversity is being implemented if a company is using multiple security products from different manufacturers?

A)multiple-product security
B)manufacturer diversity
C)vendor diversity
D)vendor-control security
Question
Why are there delays in updating products such as anti-virus software to resist attacks?
Question
What threat actors are generally believed to be the most dangerous threat actors? Explain your answer.
Question
List and describe three of the characteristics of information that must be protected by information security?
Question
Why is the speed of malicious attacks making the challenge of keeping computers secure more difficult?
Question
What is the Payment Card Industry Data Security Standard (PCI DSS)?
Question
What are script kiddies?
Question
What are the four different risk response techniques?
Question
What is occurring when an attacker manipulates commonplace actions that are routinely performed in a business?
Question
Information security is achieved through a combination of what three entities? Provide at least one example of each entity.
Question
Describe the security principle of simplicity.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 1: Introduction to Security
1
Select the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.

A)availability
B)confidentiality
C)integrity
D)identity
C
2
What term refers to an action that provides an immediate solution to a problem by cutting through the complexity that surrounds it?

A)unicorn
B)approved action
C)secure solution
D)silver bullet
D
3
To mitigate risk is the attempt to address risk by making the risk less serious.
True
4
In information security,what can constitute a loss?

A)theft of information
B)a delay in transmitting information that results in a financial penalty
C)the loss of good will or a reputation
D)all of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
Brokers steal new product research or a list of current customers to gain a competitive advantage.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
Which position below is considered an entry-level position for a person who has the necessary technical skills?

A)security technician
B)security administrator
C)CISO
D)security manager
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
The Security Administrator reports directly to the CIO.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by the federal government.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
According to the U.S.Bureau of Labor Statistics,what percentage of growth for information security analysts is the available job outlook supposed to reach through 2024?

A)10
B)15
C)18
D)27
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
In what kind of attack can attackers make use of millions of computers under their control in an attack against a single server or network?

A)centered
B)local
C)remote
D)distributed
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
Which of the following ensures that data is accessible to authorized users?

A)availability
B)confidentiality
C)integrity
D)identity
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
Smart phones give the owner of the device the ability to download security updates.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
Which of the three protections ensures that only authorized parties can view information?

A)security
B)availability
C)integrity
D)confidentiality
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
The Sarbanes-Oxley Act restricts electronic and paper data containing personally identifiable financial information.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
The CompTIA Security+ certification is a vendor-neutral credential.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
Successful attacks are usually not from software that is poorly designed and has architecture/design weaknesses.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
What information security position reports to the CISO and supervises technicians,administrators,and security staff?

A)security manager
B)security engineer
C)security auditor
D)security administrator
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
Which term below is frequently used to describe the tasks of securing information that is in a digital format?

A)network security
B)information security
C)physical security
D)logical security
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
A vulnerability is a flaw or weakness that allows a threat to bypass security.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
As security is increased,convenience is often increased.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
What type of theft involves stealing another person's personal information,such as a Social Security number,and then using the information to impersonate the victim,generally for financial gain?

A)cyberterrorism
B)identity theft
C)phishing
D)social scam
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
In information security,which of the following is an example of a threat actor?

A)a force of nature such as a tornado that could destroy computer equipment
B)a virus that attacks a computer network
C)a person attempting to break into a secure computer network
D)all of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
Which of the following is a common security framework? (Choose all that apply. )

A)ISO
B)COBIT
C)RFC
D)ASA
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
Under which laws are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?

A)HIPAA
B)HLPDA
C)HCPA
D)USHIPA
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
What term is used to describe state-sponsored attackers that are used for launching computer attacks against their foes?

A)nation state threats
B)cyber military
C)nation state actors
D)state hackers
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
What class of attacks use innovative attack tools and once a system is infected it silently extracts data over an extended period?

A)Inside Attacks
B)Advanced Persistent Threat
C)Embedded Attacks
D)Modified Threat
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
Which of the following is a valid fundamental security principle? (Choose all that apply. )

A)signature
B)diversity
C)simplicity
D)layering
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
Which of the following are considered threat actors? (Choose all that apply. )

A)brokers
B)competitors
C)administrators
D)individuals
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
What process describes using technology as a basis for controlling the access and usage of sensitive data?

A)technical controls
B)administrative controls
C)control diversity
D)vendor diversity
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
What term is used to describe a group that is strongly motivated by ideology,but is usually not considered to be well-defined and well-organized?

A)hactivists
B)hacker
C)script kiddies
D)cyberterrorist
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
What term best describes any premeditated,politically motivated attack against information,computer systems,computer programs,and data which results in violence against noncombatant targets by subnational groups or clandestine agents?

A)cybercriminal
B)cracking
C)cyberterrorism
D)hacking
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
To date,the single most expensive malicious attack occurred in 2000,which cost an estimated $8.7 billion.What was the name of this attack?

A)Nimda
B)Slammer
C)Love Bug
D)Code Red
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
Which term is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so?

A)cybercriminal
B)hacker
C)script kiddies
D)cyberterrorist
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
Select the term that best describes automated attack software?

A)open-source utility
B)insider software
C)open-source intelligence
D)intrusion application
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?

A)$50,000
B)$250,000
C)$500,000
D)$1,500,000
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
What level of security access should a computer user have to do their job?

A)password protected
B)least amount
C)limiting amount
D)authorized access
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
What term describes a layered security approach that provides the comprehensive protection?

A)comprehensive-security
B)diverse-defense
C)limiting-defense
D)defense-in-depth
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information?

A)Gramm-Leach-Bliley
B)Sarbanes-Oxley
C)California Database Security Breach
D)USA Patriot
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
Which of the following describes various supporting structures for implementing security that provides a resource of how to create a secure IT environment? (Choose all that apply. )

A)regulatory frameworks
B)reference architectures
C)industry-standard frameworks
D)reference frameworks
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
What type of diversity is being implemented if a company is using multiple security products from different manufacturers?

A)multiple-product security
B)manufacturer diversity
C)vendor diversity
D)vendor-control security
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
Why are there delays in updating products such as anti-virus software to resist attacks?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
What threat actors are generally believed to be the most dangerous threat actors? Explain your answer.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
List and describe three of the characteristics of information that must be protected by information security?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
Why is the speed of malicious attacks making the challenge of keeping computers secure more difficult?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
What is the Payment Card Industry Data Security Standard (PCI DSS)?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
What are script kiddies?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
What are the four different risk response techniques?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
What is occurring when an attacker manipulates commonplace actions that are routinely performed in a business?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
Information security is achieved through a combination of what three entities? Provide at least one example of each entity.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
Describe the security principle of simplicity.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree