Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

COMPSCI 101 Intro to Cyber Sec > Final Practice Exam > Flashcards

Final Practice Exam Flashcards

You may prefer our related Brainscape-certified flashcards:
Physics 101 flashcards Psychology 101 flashcards Chemistry 101 flashcards Biology 101 flashcards Organic Chemistry 101 flashcards Sociology 101 flashcards
1
Q

Which of the following software development processes follows a linear sequence from initiation and conception to maintenance?

  • v- model
  • iterative and incremental
  • prototyping
  • waterfall
  • spiral
A

waterfall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Computer forensic experts work with two primary types of data. What are they?

  • quantitative and qualitative
  • digital and physical
  • visible and latent
  • mob
A

visible and latent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The national institute of Standards and Technologyy (Nist) released AES in what year?

  • 2003
  • 2002
  • 2001
  • 2004
A

2001

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Information security is the umbrella term used to describe the collection of ____ and ____ employed to protect information.

  • Techniques, Technologies
  • Processes, Techniques
  • Processes, Technologies
  • Technologies, Equipment
A

Processes, Technologies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is one of the major challenges of information security policies?

  • They can be time-consuming.
  • They can be difficult to implement.
  • The administrative, regulatory and technological policies can all interact.
  • They can be hard to understand.
A

The administrative, regulatory and technological policies can all interact.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A collection of standardized policies, procedures and guides, meant to direct a firm or any organization, which adopts its use, on how to protect its infrastructure from security breaches is called _____

  • Information Security Framework
  • Access Control Handbook
  • Company Protection Handbook
  • Security Guidelines
A

Information Security Framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of these is considered a decreased measurable

  • Increase in battery life
  • Loss of battery life
  • Increase in storage space
  • Rooting phone
A

Loss of battery life

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following describes a technological response to phishing attacks?

  • Private Lawsuits
  • FTC investigations
  • User training and awareness
  • Spam filters
A

Spam filters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The internet security threat referred to as ‘pharming’ can be described as _____.

  • Denial-of-service
  • Identity theft
  • Hacking
  • Online fraud
A

Online fraud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

After a catastrophe, _____ disaster plan(s) are often needed to recover.

  • Multiple
  • Blanket
  • New
  • a single uniformed
A

multiple

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

AREAS of Weakness

A

Disaster Recovery in Cysec
Basics of Cybercrime
Policies & Procedures for Cybersecurity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following is a major function of the Facilities Team?

  • Supplying needed staffing and management for standby data centers and backup libraries in order to meet user requirements
  • Supervising equipment and line installations for new networks
  • Arranging transportation to standby centers
  • Restoring networks at standby sites and installing new voice networks for critical telephony users
A

Arranging transportation to standby centers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Maintaining IT disaster recovery master copies, offsite copies and plans are the responsibilities of the _____.

  • Disaster Management Team
  • Recovery Coordinators
  • Facilities Team
  • Communication Team
A

Recovery Coordinators

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Processes and actions taken to implement the requirements in the policy documents is called _____

  • Procedures
  • Policy steps
  • Directions
  • Instructions
A

Procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What form of analysis involves running the possibly infected file?

  • Virtual Analysis
  • Malware Analysis
  • Dynamic Analysis
  • Static Analysis
A

Dynamic Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The U.S. Government adopted AES as a standard in what year?

  • 2001
  • 2003
  • 2004
  • 2002
A

2002

17
Q

A benefit of symmetric encryption is:

  • That it doesn’t increase the size of the encrypted message and impede system performance
  • that it is stronger than asymmetric encryption
  • that it is only used in the United States
  • that one key does not need to be shared in order to decode an encrypted message
A

That it doesn’t increase the size of the encrypted message and impede system performance

18
Q

If your employer could view your medical records without your permission, what principle of information security would be violated?

  • Repudiation
  • Confidentiality
  • Availability
  • Integrity
A

Confidentiality

19
Q

Which of the following is not a responsibility of the Operations Team?

  • Restoring current applications, software and database platforms
  • Supplying needed staffing and management for standby data centers and backup libraries
  • Maintaining needed network documentation
  • Restoring computer operations
A

Maintaining needed network documentation

20
Q

If you want to prevent employees from disclosing sensitive company information, which network security type would be best to implement?

  • web content filter
  • DDos protection
  • IPS /IDS
  • DLP
A

DLP

21
Q

IoT devices create more significant security challenges for networks due to all of these concerns EXCEPT which?

  • They produce an event log.
  • They do not have security alerts
  • They are always on
  • they are always connected
A

They produce an event log.

22
Q

Which software is used to process instructions and coordinate between devices?

  • Operating System
  • Control Panel
  • Network interface
  • Web browser
A

Operating System

23
Q

Which of the following tools can be used to scan a network for network discovery and security auditing

  • Nslookup
  • Netstat
  • Netdiscovery
  • Nmap
A

Nmap

24
Q

Which method works like an antivirus program?

  • Honey pots
  • Misuse detectors
  • Configuration checking tools
  • Signature-based approach
A

Signature-based approach

25
Q

The LOphtCrack password recovery and auditing tool is capable of cracking the algorithm for which of the following?

  • Microsoft LM and NTLM hashes.
  • SSH
  • SSL
  • Kerberos authentication
A

Microsoft LM and NTLM hashes

26
Q

Three catastrophes data is susceptible to include:

  • Becoming corrupt, becoming outdated, being irrelevant
  • Corruption, sabotage and loss
  • Theft, becoming outdated, being lost
  • Failure, loss of power, deletion
A

Corruption, sabotage and loss

27
Q

Instant messaging platforms are common among cyber criminals for all of the following reasons EXCEPT which?

  • they are less secure
  • they are popular
  • they are always on
  • they occur in real time
A

They are less secure.

28
Q

Encrypt the following message using a Caesar cipher with a shift of 7: ET TU BRUTE

  • XM MN UKNMX
  • KZ ZA HXAZK
  • LA AB IYBAL
  • YN NO VLONY
A

LA AB IYBAL

29
Q

Which of the following best defines cryptanalysis?

  • It is the name of specialized software used to verify that data has been encrypted properly.
  • It refers to the act making data unreadable to everyone besides those for whom the data is intended.
  • It refers to the study of cracking the secret codes used in cryptography.
  • It is the concept of making something unreadable.
A

It refers to the study of cracking the secret codes used in cryptography.

30
Q

Encryption strength is a measure of:

  • How practical the encryption is to break.
  • The encryption’s ability to resist brute force attacks.
  • None of these answers are correct.
  • How difficult the encryption is to implement.
A

The encryption’s ability to resist brute force attacks.

31
Q

What is an example of an administrative information security policy?

  • Complying with laws regarding information.
  • Requiring password changes.
  • Installing antivirus software.
  • Making a policy to shred confidential documents when they’re disposed of.
A

Making a policy to shred confidential documents when they’re disposed of.

32
Q

Which of the following is false with respect to BCP (business continuity planning)?

  • Business continuity planning ensures that all business operations continue functioning during and even after a disaster.
  • Business continuance is an interdisciplinary domain that helps create and validate logistical solutions for an organization’s restoration and recovery operations.
  • Disaster recovery is a major component of business continuity planning.
  • Business continuity planning is a major component of disaster recovery.
A

Business continuity planning is a major component of disaster recovery.

33
Q

Which of the following data recovery tools utilizes a system’s command prompt in order to operate?

  • Disk Drill
  • EaseUS
  • Gauranteed Recovery
  • TestDisk
A

TestDisk

34
Q

Which of the following best describes a proactive approach to digital crime?

  • It involves preventing a network service from functioning normally.
  • It involves investigating the cause of an attack after it has occurred
  • It refers to actively searching for the clues that typically precede an attack in an effort to prevent the crime from taking place.
  • It requires that network administrators look through network logs to determine what caused a cyber attack.
A

It refers to actively searching for the clues that typcially precede an attack in an effort to prevent the crime from taking place.

35
Q

In a pharming attack, the goal of the criminal is to _____.

  • Steal victim’s email credentials to illegally login into their computer network.
  • steal the victim’s DNS server database entries in order clone sites to steal their information
  • steal the victim’s network information in order to crash the network
  • misdirect website traffic to bogus websites where the victims information will be stolen.
A

misdirect website traffic bogus websites where the victim’s information will be stolen.

36
Q

Which of the following is a characteristic of cyber crime?

  • Is an offense
  • Affects a computer (or more than one)
  • All of the answers are correct.
  • A computer is primary instrument of offense
A

All of the answers are correct

37
Q

A software is secure when _____.

  • It has an antivirus installed.
  • It complies with industry specification and standards
  • the database is isolated from running code
  • It is developed in a way in which attacks and breaches do not affect its normal operations and functions.
A

It is developed in a way in which attacks and breaches do not affect its normal operations and functions.

38
Q

Which system resource is most likely to use IRQ?

  • DMA
  • Software
  • ROM
  • Hardware
A

Hardware

COMPSCI 101 Intro to Cyber Sec (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions