Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 1: Introduction to Security

Full screen (f)
exit full mode
Question
The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security.
Use Space or
up arrow
down arrow
to flip the card.
Question
Select below the term that is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so:

A)Cybercriminal
B)Hacker
C)Script kiddies
D)Cyberterrorist
Question
Security is the goal to be free from danger as well as the process that achieves that freedom.
Question
What kind of server connects a remote system through the Internet to local serial ports using TCP/IP?

A)Remote Access Server
B)VPN server
C)Serial server
D)HTTP server
Question
The security protection item that ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter is known as?

A)Encryption
B)Authentication
C)Authorization
D)Accounting
Question
In information security, an example of a threat agent can be ____.

A)a force of nature such as a tornado that could destroy computer equipment
B)a virus that attacks a computer network
C)A person attempting to break into a secure computer network
D)All of the above
Question
According to the U.S. Bureau of Labor Statistics, what percentage of growth is the available job outlook supposed to reach by the end of the decade?

A)10
B)15
C)22
D)27
Question
The ____ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.

A)Gramm-Leach-Bliley
B)Sarbanes-Oxley
C)California Database Security Breach
D)USA Patriot
Question
In information security, what constitutes a loss?

A)theft of information
B)a delay in transmitting information that results in a financial penalty
C)the loss of good will or a reputation
D)all of the above
Question
A security administrator has both technical ​knowledge and managerial skills.
Question
Script kiddies acquire which item below from other attackers to easily craft an attack:

A)Exploit kit
B)Botnet
C)Zero day
D)Backdoor
Question
Which position below is considered an entry-level position for a person who has the necessary technical skills?

A)security technician
B)security administrator
C)CISO
D)security manager
Question
Select below the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.

A)Availability
B)Confidentiality
C)Integrity
D)Identity
Question
Today's software attack tools do not require any sophisticated knowledge on the part of the attacker.
Question
What country is now the number one source of attack traffic?

A)India
B)Indonesia
C)China
D)Russia
Question
Which term below is frequently used to describe the tasks of securing information that is in a digital format?

A)network security
B)information security
C)physical security
D)logical security
Question
What term is used to describe a loose network of attackers, identity thieves, and financial fraudsters?

A)Cybercriminals
B)Cyberterrorists
C)Computer spies
D)Hackers
Question
To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack?

A)Nimda
B)Slammer
C)Love Bug
D)Code Red
Question
The demand for certified IT professionals who know how to secure networks and computers is at an all-time low.
Question
In what kind of attack can attackers make use of hundreds of thousands of computers under their control in an attack against a single server or network?

A)centered
B)local
C)remote
D)distributed
Question
____________________ provides tracking of events.
Question
Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?

A)$100,000
B)$250,000
C)$500,000
D)$1,500,000
Question
What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?

A)Cyberterrorism
B)Identity theft
C)Phishing
D)Scam
Question
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
The means by which an attack could occur​
Question
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
A situation that involves exposure to danger
Question
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
A premeditated, politically motivated attack against information, computer systems, computer programs, and data, which often results in violence.
Question
Proper ________________ involves identifying risks but making the decision to not engage in the activity.​
Question
Which of the three protections ensures that only authorized parties can view information?

A)Security
B)Availability
C)Integrity
D)Confidentiality
Question
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
Automated attack package that can be used without an advanced knowledge of computers
Question
The ___________________ reports directly to the chief information officer (CIO), and is responsible for assessing, managing, and implementing security.
Question
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
A type of action that has the potential to cause harm.
Question
An _______________ is a type of threat that can come from employees, contractors, and business partners, such as a disgruntled worker.​
Question
Under which law are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?

A)HIPAA
B)HLPDA
C)HCPA
D)USHIPA
Question
What information security position reports to the CISO and supervises technicians, administrators, and security staff?

A)manager
B)engineer
C)auditor
D)inspector
Question
An example of a(n) ____________________ that information security must deal with is a software defect in an operating system that allows an unauthorized user to gain access to a computer without the user's knowledge or permission.
Match the following terms to the appropriate definitions.
a.asset
b.cyberterrorism
c.hactivist
d.exploit kit
e.computer spy
Question
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
​Automated attack package that can be used without an advanced knowledge of computers
Question
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
An item that has value.
Question
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
Attacker who attacks for ideological reasons that are generally not as well defined as a cyberterrorist's motivation
Question
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
A person or element that has the power to carry out a threat
Question
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
A flaw or weakness that allows a threat agent to bypass security
Question
What is a hacker?
Question
Information security is achieved through a combination of what three entities? Provide at least one example of each entity.
Question
Why are there delays in updating products such as anti-virus to resist attacks?
Question
List three of the federal and state laws that have been enacted to protect the privacy of electronic data.
Question
Why is the speed of attacks making the challenge of keeping computers secure more difficult?
Question
List and describe two of the four generally recognized security positions.
Question
List and describe three of the characteristics of information that must be protected by information security?
Question
Describe the security principle of simplicity.
Question
What is a state sponsored attacker?​
Question
Describe script kiddies.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 1: Introduction to Security
1
The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security.
True
2
Select below the term that is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so:

A)Cybercriminal
B)Hacker
C)Script kiddies
D)Cyberterrorist
C
3
Security is the goal to be free from danger as well as the process that achieves that freedom.
True
4
What kind of server connects a remote system through the Internet to local serial ports using TCP/IP?

A)Remote Access Server
B)VPN server
C)Serial server
D)HTTP server
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
The security protection item that ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter is known as?

A)Encryption
B)Authentication
C)Authorization
D)Accounting
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
In information security, an example of a threat agent can be ____.

A)a force of nature such as a tornado that could destroy computer equipment
B)a virus that attacks a computer network
C)A person attempting to break into a secure computer network
D)All of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
According to the U.S. Bureau of Labor Statistics, what percentage of growth is the available job outlook supposed to reach by the end of the decade?

A)10
B)15
C)22
D)27
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
The ____ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.

A)Gramm-Leach-Bliley
B)Sarbanes-Oxley
C)California Database Security Breach
D)USA Patriot
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
In information security, what constitutes a loss?

A)theft of information
B)a delay in transmitting information that results in a financial penalty
C)the loss of good will or a reputation
D)all of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
A security administrator has both technical ​knowledge and managerial skills.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
Script kiddies acquire which item below from other attackers to easily craft an attack:

A)Exploit kit
B)Botnet
C)Zero day
D)Backdoor
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
Which position below is considered an entry-level position for a person who has the necessary technical skills?

A)security technician
B)security administrator
C)CISO
D)security manager
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
Select below the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.

A)Availability
B)Confidentiality
C)Integrity
D)Identity
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
Today's software attack tools do not require any sophisticated knowledge on the part of the attacker.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
What country is now the number one source of attack traffic?

A)India
B)Indonesia
C)China
D)Russia
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
Which term below is frequently used to describe the tasks of securing information that is in a digital format?

A)network security
B)information security
C)physical security
D)logical security
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
What term is used to describe a loose network of attackers, identity thieves, and financial fraudsters?

A)Cybercriminals
B)Cyberterrorists
C)Computer spies
D)Hackers
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack?

A)Nimda
B)Slammer
C)Love Bug
D)Code Red
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
The demand for certified IT professionals who know how to secure networks and computers is at an all-time low.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
In what kind of attack can attackers make use of hundreds of thousands of computers under their control in an attack against a single server or network?

A)centered
B)local
C)remote
D)distributed
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
____________________ provides tracking of events.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?

A)$100,000
B)$250,000
C)$500,000
D)$1,500,000
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?

A)Cyberterrorism
B)Identity theft
C)Phishing
D)Scam
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
The means by which an attack could occur​
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
A situation that involves exposure to danger
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
A premeditated, politically motivated attack against information, computer systems, computer programs, and data, which often results in violence.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
Proper ________________ involves identifying risks but making the decision to not engage in the activity.​
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
Which of the three protections ensures that only authorized parties can view information?

A)Security
B)Availability
C)Integrity
D)Confidentiality
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
Automated attack package that can be used without an advanced knowledge of computers
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
The ___________________ reports directly to the chief information officer (CIO), and is responsible for assessing, managing, and implementing security.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
A type of action that has the potential to cause harm.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
An _______________ is a type of threat that can come from employees, contractors, and business partners, such as a disgruntled worker.​
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
Under which law are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?

A)HIPAA
B)HLPDA
C)HCPA
D)USHIPA
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
What information security position reports to the CISO and supervises technicians, administrators, and security staff?

A)manager
B)engineer
C)auditor
D)inspector
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
An example of a(n) ____________________ that information security must deal with is a software defect in an operating system that allows an unauthorized user to gain access to a computer without the user's knowledge or permission.
Match the following terms to the appropriate definitions.
a.asset
b.cyberterrorism
c.hactivist
d.exploit kit
e.computer spy
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
​Automated attack package that can be used without an advanced knowledge of computers
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
An item that has value.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
Attacker who attacks for ideological reasons that are generally not as well defined as a cyberterrorist's motivation
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
A person or element that has the power to carry out a threat
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
Match the following terms to the appropriate definitions.
a. asset
b. cyberterrorism
c. hactivist
d. exploit kit
e. computer spy
f. risk
g. threat
h. threat agent
i. vulnerability
j. threat vector
A flaw or weakness that allows a threat agent to bypass security
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
What is a hacker?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
Information security is achieved through a combination of what three entities? Provide at least one example of each entity.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
Why are there delays in updating products such as anti-virus to resist attacks?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
List three of the federal and state laws that have been enacted to protect the privacy of electronic data.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
Why is the speed of attacks making the challenge of keeping computers secure more difficult?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
List and describe two of the four generally recognized security positions.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
List and describe three of the characteristics of information that must be protected by information security?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
Describe the security principle of simplicity.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
What is a state sponsored attacker?​
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
Describe script kiddies.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree