Door 1
Door 2
Door 3
Door 4
Door 5
100

What term best describes any premeditated, politically motivated attack against information, computer systems, computer programs, and data that results in violence against noncombatant targets by subnational groups or clandestine agents?

A - Cyberterrorism

See Ch. 1: Introduction to Security, Section - Understanding the Importance of Information Security

100

In terms of C.I.A., what ensures that data is accessible to authorized users?

A - Availability

See Ch. 1: Introduction to Security, Section - Defining Information Security

100

When an attack is designed to prevent authorized users from accessing a system, it is called what kind of attack?

A - Denial of Service

See Ch. 5: Networking and Server Attacks, Section - Denial of Service (DoS)

100

What block cipher mode of operation uses the most basic approach where the plaintext is divided into blocks, and each block is then encrypted separately?

A - ECB (Electronic Code Book)

See Ch. 4: Advanced Cryptography and PKI, Section - Block Cipher Modes of Operation

100

This term represents a system of security tools that are used to recognize and identify data that is critical to the organization and ensure that it is protected?

A - Data Loss Prevention (DLP)

See Ch. 6: Network Security Devices, Design, and Technology, Section - Data Loss Prevention (DLP)

200

A virus that infects an executable program file is known as?

A - Program virus

See Ch. 2: Malware and Social Engineering Attacks, Section - Circulation

200

Name 2 types of attacks that are considered to be interception attacks?

A - Man-in-the-middle, Man-in-the-browser, replay

See Ch. 5: Networking and Server Attacks, Section - Interception

200

When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:

A - DNS

See Ch. 5: Networking and Server Attacks, Section - DNS Poisoning

200

Which type of DDoS attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer?

A - Smurf Attack

See Ch. 5: Networking and Server Attacks, Section - Denial of Service (DoS)

200

What type of trust model is used as the basis for most digital certificates used on the Internet?

A - Distributed Trust

See Ch. 4: Advanced Cryptography and PKI, Section - Trust Models

300

What are the two types of cross-site attacks?

A - Cross-site scripting attacks and cross-site request forgery attacks

See Ch. 5: Networking and Server Attacks, Section - Web Server Application Attacks

300

Where a virus needs users to spread, this type of malware spreads to other computers on the network by itself:

A - Worm

See Ch. 2: Malware and Social Engineering Attacks, Section - Circulation

300

What dedicated hardware device aggregates hundreds or thousands of VPN connections?

A - VPN concentrator

See Ch. 6: Network Security Devices, Design, and Technology, Section - Network Security Hardware

300

Which of the three C.I.A. protections ensures that only authorized parties can view information?

A - Confidentiality

See Ch. 1: Introduction to Security, Section - Defining Information Security

300

What type of certificates are self-signed?

A - Root digital certificates

See Ch. 4: Advanced Cryptography and PKI, Section - Types of Digital Certificates

400

Under which laws are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?

A - HIPAA

See Ch. 1: Introduction to Security, Section - Understanding the Importance of Information Security

400

What term best describes when cryptography is applied to entire disks instead of individual files or groups of files?

A - Full disk encryption

See Ch. 3: Basic Cryptography, Section - Encryption through Software

400

What data unit is associated with the Open Systems Interconnection layer two?

A - Frame

See Ch. 6: Network Security Devices, Design, and Technology, Section - Standard Network Devices

400

This term is used to describe a trusted third-party agency that is responsible for issuing digital certificates:

A - Certificate Authority (CA)

See Ch. 4: Advanced Cryptography and PKI, Section - Managing Digital Certificates

400

What process links several certificates together to establish trust between all the certificates involved?

A - Certificate chaining

See Ch. 4: Advanced Cryptography and PKI, Section - Types of Digital Certificates

500

An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:

A - Session hijacking

See Ch. 5: Networking and Server Attacks, Section - Hijacking

500

What type of ransomware was developed to block the user from accessing the computer and encrypts all the files on the user's device?

A - Crypto-malware

See Ch. 2: Malware and Social Engineering Attacks, Section - Infection

500

Name any 1 of the 5 fundamental security principles that should be implemented to defend against attacks.

A - Layering, Limiting, Diversity, Obscurity, or Simplicity

See Ch. 1: Introduction to Security, Section - Fundamental Security Principles

500

When a private network uses a single public IP address, and each outgoing TCP packet uses a different port to allow for proper translation, what networking technology is in use?

A - PAT (Port Address Translation)

See Ch. 6: Network Security Devices, Design, and Technology, Section - Network Security Hardware

500

The information protection item (C.I.A.) that ensures that information is correct and that no unauthorized person or malicious software has altered that data.

A - Integrity

See Ch. 1: Introduction to Security, Section - Defining Information Security