Information Security Ultimate Exam Quiz!

Reviewed by Godwin Iheuwa

Godwin Iheuwa, MS (Computer Science) |

Database Administrator

Review Board Member

Godwin Iheuwa, a Database Administrator at MTN Nigeria, holds an MS in Computer Science, specializing in Agile Methodologies and Database Administration from the University of Bedfordshire and a Bachelor's in Computer Science from the University of Port Harcourt. His proficiency in SQL Server Integration Services (SSIS) and SQL Server Management Studio contributes to his expertise in database management.

, MS (Computer Science)

By IS_EXAM

IS_EXAM

Community Contributor

Quizzes Created: 1 | Total Attempts: 15,288

| Attempts: 15,305

Questions

Feedback

During the Quiz End of Quiz

Difficulty

Sequential Easy First Hard First

1/50 Questions

Another name for the information security triad is:
- The FBI triad.
- The ISS triad.
- The CIA triad.
- The IST triad.

About This Quiz

Play this informative quiz on Information Security to see how well you know the topic. Information security is used to describe the procedures and devices created and used to safeguard confidential company data against change, interruption, destruction, and examination. Solutions and use cases for security. The quiz contains various questions ranging from easy, medium, to hard levels that will enhance See moreyour understanding of the topic. The quiz will also help you with last-minute revision before the exam. If you like this quiz, share it with your friends.

Information Security Ultimate Exam Quiz! - Quiz

Quiz Preview

2.

Risk, as it applies to information technology, is not associated with which one or more of the following items:
- People
- Practices
- Processes
- Principles
Correct Answer(s)

A. People
A. Practices
A. Processes

Explanation

Risk in information technology is associated with all of the listed items - people, practices, processes, and principles. People can pose a risk through their actions or lack of knowledge. Practices can introduce vulnerabilities if not followed correctly. Processes can have weaknesses that can be exploited. Principles guide the overall approach to managing risk. Therefore, none of the listed items are exempt from being associated with risk in information technology.

Rate this question:

5
3.

Which one of these represents the property of keeping an organization's information accurate, without error, and without unauthorized modification?
- Availability
- Integrity
- Confidentiality
- Accountability
Correct Answer

A. Integrity

Explanation

Integrity represents the property of keeping an organization's information accurate, without error, and without unauthorized modification. This means that the information remains complete, consistent, and trustworthy, ensuring that it has not been tampered with or altered in any unauthorized way. It involves maintaining the reliability and authenticity of the data, ensuring its consistency and preventing any unauthorized changes or modifications.

Rate this question:

1
4.

Which one or more access control categories are sufficient to maintain the CIA triad?
- Detective
- Preventative
- Compensating
- Corrective
Correct Answer(s)

A. Detective
A. Preventative
A. Corrective

Explanation

Detective, Preventative, and Corrective access control categories are sufficient to maintain the CIA triad. Detective controls help in identifying and detecting security incidents or breaches. Preventative controls are implemented to prevent security incidents from occurring. Corrective controls are used to rectify and recover from security incidents that have already occurred. These three categories together ensure the confidentiality, integrity, and availability of data and systems, which are the key components of the CIA triad. Compensating controls, on the other hand, are additional measures used to compensate for the weaknesses or limitations of other controls and are not directly related to maintaining the CIA triad.

Rate this question:

2
5.

Which one of the following access control services determines the capabilities of a subject when accessing the object?
- Accountability
- Authorization
- Audit
- I&A
Correct Answer

A. Authorization

Explanation

Authorization is the access control service that determines the capabilities of a subject when accessing the object. It involves granting or denying permissions to subjects based on their identity and the policies defined by the system. By authorizing subjects, the system ensures that they have the necessary privileges to perform certain actions on objects. This helps in protecting sensitive information and resources from unauthorized access or misuse.

Rate this question:

1
6.

Which one of the following access control types covers personnel security, monitoring, user and password management, and permissions management?
- Corrective
- Physical
- Administrative
- Technical
Correct Answer

A. Administrative

Explanation

The correct answer is "Administrative." Administrative access control types cover personnel security, monitoring, user and password management, and permissions management. This type of access control involves the implementation of policies, procedures, and guidelines to ensure that only authorized individuals have access to resources and information. It focuses on the administrative aspects of managing access to systems and data, including user provisioning, authentication, authorization, and user account management.

Rate this question:
7.

While applying the access control matrix may be impractical, an access control list can be employed as a solution.
- True
- False
Correct Answer

A. True

Explanation

The statement suggests that using an access control matrix may not be feasible, but an access control list can be used as an alternative. This implies that the access control matrix may have certain limitations or challenges that make it impractical to implement. On the other hand, an access control list provides a more practical and effective approach to managing access control. Therefore, the correct answer is true, indicating that an access control list can be employed as a solution.

Rate this question:
8.

Restricting access to objects based on the sensitivity of the information contained in the objects is an example of:
- MAC
- DAC
- RBAC
- ACL
Correct Answer

A. MAC

Explanation

Restricting access to objects based on the sensitivity of the information contained in the objects is an example of Mandatory Access Control (MAC). MAC is a security model where access to resources is determined by the system administrator based on the security classification of the objects and the security clearances of the users. In this model, users have limited control over access permissions and cannot modify them. The system enforces access control policies, ensuring that only authorized users with appropriate clearances can access sensitive information.

Rate this question:

2
9.

Which one of the following non-discretionary access control techniques limits a subject's access to objects by examining object data so that the subject's access rights can be determined?
- Rule-based
- Role-based
- Time-based
- Content-dependent
Correct Answer

A. Content-dependent

Explanation

Content-dependent access control is a non-discretionary technique that limits a subject's access to objects by examining the object data. This means that the access rights of a subject are determined based on the content of the object they are trying to access. This technique ensures that only authorized subjects can access objects that contain specific content, regardless of their role, time of access, or any other factors.

Rate this question:

2
10.

True or False? For identification to be useful, it is sufficient for each identity to be recognizable to the system.
- True
- False
Correct Answer

A. False

Explanation

For identification to be useful, it is not sufficient for each identity to be recognizable to the system. In addition to being recognizable, the system should also be able to differentiate between different identities and assign them accurately. Simply recognizing identities without proper differentiation can lead to confusion and incorrect identification. Therefore, the statement "For identification to be useful, it is sufficient for each identity to be recognizable to the system" is false.

Rate this question:
11.

What are one or more methods used to authenticate identity?
- Something you have
- Something you do
- Something you are
- Something you know
Correct Answer(s)

A. Something you have
A. Something you are
A. Something you know

Explanation

The methods used to authenticate identity include "Something you have," which refers to possessing a physical item like an ID card or a key; "Something you are," which involves biometric traits like fingerprints or facial recognition; and "Something you know," which requires knowledge of a password or PIN. These methods provide multiple layers of security to ensure the accurate identification of an individual.

Rate this question:
12.

Which one of the following authentication methods is necessary to safeguard systems and facilities in high-security environments?
- A token
- A PIN
- Biometrics
- Strong/two-factor authentication
Correct Answer

A. Strong/two-factor authentication

Explanation

Strong/two-factor authentication is necessary to safeguard systems and facilities in high-security environments because it adds an extra layer of security by requiring users to provide two different forms of identification. This can include a combination of something the user knows (such as a PIN) and something the user possesses (such as a token or biometric data). By requiring two factors of authentication, it becomes much more difficult for unauthorized individuals to gain access to sensitive information or restricted areas, enhancing the overall security of the environment.

Rate this question:

1
13.

Though single sign-on can be convenient, what is a potential security problem?
- It can allow an unauthenticated user access to all systems.
- It can allow hackers through the firewall.
- It can allow an unauthenticated user access to secure facilities.
- If you forget your user ID and password, you will not have access to any systems.
Correct Answer

A. It can allow an unauthenticated user access to all systems.

Explanation

Single sign-on (SSO) is a system that allows users to access multiple applications or systems with a single set of login credentials. While SSO offers convenience, it also poses a potential security problem. By providing access to all systems with just one login, SSO can allow an unauthenticated user to gain access to sensitive information or resources without proper authentication. This can lead to unauthorized access, data breaches, and compromise of secure facilities.

Rate this question:

3
14.

Which one of the following access control administration methods involves distributing the process to localized parts of the enterprise?
- Centralized
- Hybrid
- Decentralized
- RADIUS
Correct Answer

A. Decentralized

Explanation

Decentralized access control administration involves distributing the process to localized parts of the enterprise. This means that the responsibility for managing access control is delegated to different departments or divisions within the organization, allowing them to have control over their own access control policies and procedures. This method is often used in large organizations with multiple locations or departments that have unique access control needs. It can help streamline the administration process and ensure that access control is tailored to the specific requirements of each department or location.

Rate this question:
15.

What is the simplest way to attack an access control system?
- Break into a building.
- Social engineering.
- Capture a user ID and steal a password.
- Guess a password through a brute force process.
Correct Answer

A. Capture a user ID and steal a password.

Explanation

The simplest way to attack an access control system is to capture a user ID and steal a password. This method involves obtaining someone's login credentials, either by physically stealing them or through techniques like phishing or keylogging. By doing so, an attacker can gain unauthorized access to the system by impersonating the legitimate user. This method is considered simple because it relies on exploiting human vulnerabilities rather than technical weaknesses in the system itself.

Rate this question:

1
16.

An attack where an attacker pretends to be someone else to hide his or her actual identity is known as:
- Spoofing.
- Shoulder surfing.
- Theft.
- Guessing.
Correct Answer

A. Spoofing.

Explanation

Spoofing is the correct answer because it refers to the act of an attacker pretending to be someone else to conceal their true identity. This is commonly done through techniques such as IP spoofing, email spoofing, or caller ID spoofing. By impersonating someone else, the attacker can deceive and manipulate victims into providing sensitive information or gaining unauthorized access to systems or networks. Shoulder surfing, theft, and guessing are not specific to hiding one's identity and do not involve impersonation.

Rate this question:
17.

True or False? The audit function is the principal function for monitoring access.
- True
- False
Correct Answer

A. False

Explanation

While the audit function is an important component of monitoring access, it is not the principal function for monitoring access. The principal function for monitoring access is typically associated with access control mechanisms. Access control involves policies, procedures, and technical controls that determine who or what is allowed or denied access to a system or its resources.

The audit function comes into play after access has occurred and involves reviewing logs and records to track and analyze system activities. It is a crucial part of monitoring and maintaining the security of a system, but it is not the primary function for controlling or managing access.

Rate this question:

1
18.

Which one of the following penetration test process phases includes gaining more detailed information about the selected or potential target?
- Vulnerability
- Network scanning
- Enumeration
- Reconnaissance
Correct Answer

A. Enumeration

Explanation

Enumeration is the correct answer because it is a phase in the penetration test process where the tester gathers more detailed information about the selected or potential target. This phase involves actively querying the target system or network to identify and enumerate any vulnerabilities, services, or resources that may be present. By conducting enumeration, the tester can gain a better understanding of the target's infrastructure, which can then be used to exploit any weaknesses and further penetrate the system.

Rate this question:
19.

True or False? War dialing locates and then attempts to penetrate wireless systems.
- True
- False
Correct Answer

A. False

Explanation

War dialing is a technique used to locate and exploit vulnerabilities in telephone systems, not wireless systems. It involves dialing a range of phone numbers to identify active lines and potentially gain unauthorized access. Therefore, the statement that war dialing locates and attempts to penetrate wireless systems is false.

Rate this question:

1
20.

True or False? Because the TCB ensures system security through the implementation of security policies, protection against system-wide deficiencies is guaranteed.
- True
- False
Correct Answer

A. False

Explanation

The statement is false because although the Trusted Computing Base (TCB) helps ensure system security through security policies, it does not guarantee protection against system-wide deficiencies. While the TCB can provide a level of security, it is not infallible and can still have vulnerabilities. Additionally, system-wide deficiencies can arise from various factors outside the scope of the TCB, such as configuration errors, human errors, or external threats. Therefore, the TCB alone cannot guarantee protection against system-wide deficiencies.

Rate this question:
21.

Which of the following descriptions best explains the function of the security perimeter?
- It acts as a physical barrier to the TCB.
- It determines access to objects by subjects.
- It separates the trusted and untrusted parts of a computer system.
- It implements the RM in an operating system.
Correct Answer

A. It separates the trusted and untrusted parts of a computer system.

Explanation

The security perimeter refers to the boundary that separates the trusted and untrusted parts of a computer system. It acts as a physical barrier to prevent unauthorized access and protect the trusted components from potential threats or attacks originating from the untrusted parts. This separation helps to ensure the integrity, confidentiality, and availability of the system's resources and data.

Rate this question:
22.

Which of the following statements best describes the primary objective for implementing layered protection?
- It eliminates the risk of security infringements.
- It manages the security of computer components.
- It creates a series of layers that impede penetration attempts.
Correct Answer

A. It creates a series of layers that impede penetration attempts.

Explanation

Layered protection is a security strategy that involves implementing multiple layers of security measures to protect against various types of threats and attacks. By creating a series of layers, each with its own security controls and defenses, the objective is to make it more difficult for attackers to penetrate the system or network. This approach helps to minimize the risk of successful penetration attempts by adding multiple barriers and obstacles for attackers to overcome. It does not eliminate the risk entirely or manage the security of computer components, but rather focuses on impeding penetration attempts.

Rate this question:
23.

Which one or more categories form the software architecture of a computer system?
- Operating systems
- Firmware
- Appliances
- Application programs
Correct Answer(s)

A. Operating systems
A. Application programs

Explanation

The software architecture of a computer system is formed by the operating systems and application programs. Operating systems provide the foundation for the computer system, managing hardware resources and providing services to other software. Application programs, on the other hand, are designed to perform specific tasks or functions for the user. Together, these two categories play a crucial role in the overall software architecture of a computer system.

Rate this question:
24.

Which software category is the first line of defense in a computer system?
- Operating system
- Application program
Correct Answer

A. Operating system

Explanation

The operating system is the first line of defense in a computer system because it manages and controls the hardware and software resources of the computer. It provides security features such as user authentication, access control, and data encryption to protect the system from unauthorized access and malicious attacks. Additionally, the operating system monitors and manages the execution of all other software programs, ensuring their proper functioning and preventing any potential threats or vulnerabilities. Therefore, the operating system plays a crucial role in safeguarding the computer system from various risks and acts as the primary defense mechanism.

Rate this question:
25.

Which of the following techniques allows several programs to appear to operate simultaneously in a single-processor computing system?
- Threading
- Multitasking
- Multithreading
Correct Answer

A. Multitasking

Explanation

Multitasking is the technique that allows several programs to appear to operate simultaneously in a single-processor computing system. It achieves this by rapidly switching between different programs, giving the illusion of parallel execution. This allows users to run multiple applications at the same time, improving efficiency and productivity. Multitasking is commonly used in operating systems to manage resources and allocate CPU time to different programs.

Rate this question:
26.

True or False? Multiprocessing facilitates an operating system's capacity to support more than one processor and allocate tasks between processors.
- True
- False
Correct Answer

A. True

Explanation

Multiprocessing is a technique that allows an operating system to utilize multiple processors simultaneously. It enhances the system's ability to handle multiple tasks by distributing them among the available processors. This improves overall performance and efficiency. Therefore, the statement is true.

Rate this question:
27.

Which one of the following items is software that is used on hardware devices to control their elementary functions?
- Microcontroller
- CPU
- Spyware
- Firmware
Correct Answer

A. Firmware

Explanation

Firmware is a type of software that is embedded in hardware devices to control their basic functions. It is specifically designed for a particular hardware device and is responsible for managing the device's operations and interactions with other software and hardware components. Unlike regular software, firmware is typically stored in non-volatile memory and remains persistent even when the device is powered off. It plays a crucial role in ensuring the proper functioning and performance of hardware devices.

Rate this question:
28.

Which one or more of the following security models are integrity models?
- BLP
- Lattice
- Biba
- Clark-Wilson
Correct Answer(s)

A. Biba
A. Clark-Wilson

Explanation

Biba and Clark-Wilson are both integrity models. The Biba model focuses on preventing unauthorized modification of data by enforcing a hierarchy of integrity levels, where data can only flow from lower to higher integrity levels. The Clark-Wilson model, on the other hand, ensures the integrity of data through well-formed transaction and certification rules, maintaining the consistency and correctness of data. Both models aim to protect the integrity of data and prevent unauthorized modifications.

Rate this question:
29.

There are times when a user is prevented from accessing specific data on a computer because of competing system information. A user's access to additional information may be dependent upon the discontinuation of active data access. Which security model does this represent?
- Harrison-Ruzzo-Ullman
- Graham-Denning
- Non-Interference
- Information Flow
- Brewer-Nash
Correct Answer

A. Brewer-Nash

Explanation

The Brewer-Nash security model is based on the concept of the "principle of least privilege," which means that a user should only have access to the specific data and resources that they need to perform their tasks. In this scenario, the user is prevented from accessing specific data due to competing system information, indicating that their access is being restricted based on the principle of least privilege. Therefore, the correct answer is Brewer-Nash.

Rate this question:
30.

Which data recovery process potentially produces an insecure system environment?
- Trusted recovery
- Untrusted recovery
Correct Answer

A. Untrusted recovery

Explanation

Untrusted recovery potentially produces an insecure system environment because it involves relying on an untrusted source or method to recover the data. This means that the recovery process may not be reliable or secure, and there is a higher risk of data corruption or compromise. Trusted recovery, on the other hand, implies using a trusted source or method, which is more likely to ensure the security and integrity of the recovered data.

Rate this question:
31.

Which of the following acronyms applies to the first national standard for system security evaluations?
- DoD
- TCSEC
- TDI
- TNI
Correct Answer

A. TCSEC

Explanation

The correct answer is TCSEC. TCSEC stands for Trusted Computer System Evaluation Criteria, which was the first national standard for system security evaluations. It was developed by the United States Department of Defense (DoD) to establish a set of requirements and guidelines for evaluating the security capabilities of computer systems. TCSEC provided a framework for assessing the security of computer systems and assigning them a security level based on their capabilities and vulnerabilities.

Rate this question:
32.

Which of the following is NOT a core principle of information security?
- Confidentiality
- Integrity
- Availability
- Obscurity
Correct Answer

A. Obscurity

Explanation

Obscurity is not a core principle of information security because it relies on hiding systems or data, which can create a false sense of security and may not be effective against determined attackers. The core principles of information security are confidentiality, integrity, and availability, often referred to as the CIA triad. These principles ensure that information is protected from unauthorized access, modification, and disruption.

Rate this question:

1
33.

Which of the following reference models exchanges data between any two points on a telecommunications network?
- Data service model
- TCP/IP model
- OSI model
- Data network model
Correct Answer

A. OSI model

Explanation

The OSI model is a reference model that defines how different devices and systems communicate with each other over a network. It consists of seven layers, each responsible for a specific function in the communication process. The OSI model allows for the exchange of data between any two points on a telecommunications network by providing a standardized framework for communication protocols and services. It ensures that data can be transmitted reliably and efficiently across different network devices and technologies.

Rate this question:
34.

Which one of the following OSI model layers is not correct?
- Layer 7: Application
- Layer 3: Physical
- Layer 6: Presentation
- Layer 2: Data Link
- Layer 5: Session
Correct Answer

A. Layer 3: Physical

Explanation

The OSI model is a conceptual framework that helps understand how different network protocols and technologies interact. It consists of seven layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application. The Physical layer (Layer 1) is responsible for the transmission and reception of raw bit streams over a physical medium. Therefore, Layer 3: Physical is not correct as the correct layer at this position is Layer 4: Transport, which is responsible for end-to-end communication and error recovery.

Rate this question:
35.

Which model was developed in the late 1960s from a project sponsored by DARPA to design the Internet's protocols?
- TCP/IP model
- OSI model
- ISO model
- IPX/SPX
Correct Answer

A. TCP/IP model

Explanation

The TCP/IP model was developed in the late 1960s from a project sponsored by DARPA to design the Internet's protocols. This model is a set of protocols that allows computers to communicate with each other over the Internet. It is widely used and forms the basis for the modern Internet. The OSI model, ISO model, and IPX/SPX are all different networking models but were not specifically developed for the Internet's protocols like the TCP/IP model was.

Rate this question:
36.

A multinational company with offices all over the world needs to communicate. What type of network will this be?
- CAN
- WAN
- MAN
- LAN
Correct Answer

A. WAN

Explanation

A multinational company with offices all over the world needs to communicate. In this scenario, the company will require a Wide Area Network (WAN). A WAN is a network that connects multiple local area networks (LANs) over a large geographical area, such as different office locations across the globe. It allows for the seamless exchange of data and communication between these offices, ensuring efficient and effective communication within the multinational company.

Rate this question:
37.

Which one of the following TCP/IP protocols is a connection-oriented protocol used in the TCP/IP model?
- UDP
- TCP
- IP
- DNS
Correct Answer

A. TCP

Explanation

TCP (Transmission Control Protocol) is a connection-oriented protocol used in the TCP/IP model. It establishes a reliable and ordered connection between two devices, ensuring that all data packets are delivered in the correct order and without errors. TCP provides features like flow control, congestion control, and error detection, making it suitable for applications that require reliable and error-free data transmission, such as web browsing, file transfer, and email communication. UDP (User Datagram Protocol) is a connectionless protocol in the TCP/IP model, which does not guarantee reliable delivery of data packets. IP (Internet Protocol) is responsible for addressing and routing packets, while DNS (Domain Name System) is a protocol used for translating domain names into IP addresses.

Rate this question:
38.

True or False? Data services are combinations of hardware and software dedicated to managing network functions and resources.
- True
- False
Correct Answer

A. False

Explanation

Data services typically refer to services related to the processing, storage, and manipulation of data rather than being specific to managing network functions and resources. Network functions and resources are typically managed by network services or network management systems.

Rate this question:
39.

Which one of the following remote access technologies uses secure transport protocols like IPsec to transfer information from a remote client over the Internet?
- Dial-up
- Ethernet
- Wireless
- VPN
Correct Answer

A. VPN

Explanation

A VPN (Virtual Private Network) is a remote access technology that uses secure transport protocols like IPsec to transfer information from a remote client over the Internet. IPsec provides a secure and encrypted connection between the remote client and the network, ensuring that the information transferred is protected from unauthorized access or interception. This makes VPNs a reliable and secure option for remote access to networks, especially when accessing sensitive or confidential information.

Rate this question:
40.

Which one of the following actions is a capability of the PPTP remote access protocol?
- Supporting automatic configuration using the associated LCP
- Encapsulating PPP packets for remote delivery over the Internet to the target network
- Identifying the beginning and end of an IP datagram
- Securing wireless transmissions over the 802.11 networks
Correct Answer

A. Encapsulating PPP packets for remote delivery over the Internet to the target network

Explanation

The PPTP remote access protocol is capable of encapsulating PPP packets for remote delivery over the Internet to the target network. This means that it can package PPP (Point-to-Point Protocol) packets within IP (Internet Protocol) packets, allowing them to be transmitted over the Internet to the intended network. This encapsulation ensures that the PPP packets can traverse the internet and reach their destination network securely.

Rate this question:
41.

True or False? Wi-Fi Protected Access is the latest advancement of wireless protection protocols.
- True
- False
Correct Answer

A. False

Explanation

Wi-Fi Protected Access (WPA) is not the latest advancement of wireless protection protocols. The latest advancement is Wi-Fi Protected Access 3 (WPA3), which was introduced in 2018. WPA3 provides enhanced security features and replaces WPA2 as the most secure protocol for Wi-Fi networks. Therefore, the correct answer is False.

Rate this question:
42.

A user calls the help desk complaining that there is a strange application on his computer. Upon further investigation, you discover that he had downloaded what he thought was a music application but was actually some type of unauthorized software. Which of the following attacks could this be?
- Spam
- DoS
- Worm
- Trojan horse
Correct Answer

A. Trojan horse

Explanation

The correct answer is Trojan horse. A Trojan horse is a type of malware that disguises itself as legitimate software or application, tricking users into downloading and installing it. Once installed, it can give unauthorized access to the attacker, allowing them to control the user's computer, steal information, or perform other malicious activities. In this scenario, the user believed they were downloading a music application but unknowingly downloaded malicious software instead, indicating a Trojan horse attack.

Rate this question:
43.

Your users cannot access a server, and you notice almost 100% network saturation. Which of the following attacks might be underway?
- Spam
- DoS
- Worm
- Trojan horse
Correct Answer

A. DoS

Explanation

The correct answer is the DoS (Denial of Service) attack. A DoS attack occurs when an attacker overwhelms a server or network with a flood of illegitimate requests, causing it to become inaccessible to legitimate users. In this scenario, the high network saturation indicates that the server is being flooded with traffic, resulting in the denial of service to users. The other options, such as spam, worm, and Trojan horse, do not directly cause network saturation and prevent user access to the server.

Rate this question:
44.

Which one of the following security protocols is an upgraded version of SSL?
- TLS
- S-SSL
- HTTPS
- S-HTTP
Correct Answer

A. TLS

Explanation

TLS (Transport Layer Security) is the correct answer because it is an upgraded version of SSL (Secure Sockets Layer). TLS was developed as a replacement for SSL to provide improved security and encryption for internet communications. It is commonly used to secure data transmission over networks and is widely implemented in web browsers and servers. TLS and SSL are similar in many ways, but TLS has undergone various updates and enhancements to address vulnerabilities found in SSL. Therefore, TLS is considered the upgraded version of SSL.

Rate this question:
45.

Which of the following network security mechanisms detect unwanted network attacks and alert an administrator to the event?
- Firewall
- ACL
- IPS
- IDS
Correct Answer

A. IDS

Explanation

IDS stands for Intrusion Detection System. It is a network security mechanism that monitors network traffic for suspicious or malicious activity. It detects unwanted network attacks and alerts an administrator to the event, allowing them to take appropriate action. Unlike a firewall or ACL (Access Control List), which primarily focus on preventing unauthorized access to a network, an IDS is specifically designed to detect and respond to potential security breaches.

Rate this question:
46.

Your company uses an IP mobility application, and you want your roaming wireless remote users to be able to access the company network securely. Which one of the following remote access mechanisms should you choose?
- TACACS
- RADIUS
- Diameter
- Circumference
Correct Answer

A. RADIUS

Explanation

In the context of providing secure remote access for roaming users, the most appropriate choice is B. RADIUS, as it is commonly used for authentication and authorization in remote access scenarios.

A. TACACS (Terminal Access Controller Access Control System): TACACS is a security protocol that provides centralized validation of users attempting to gain access to a router or network access server. It's commonly used for device administration, not specifically for remote access or mobility.

B. RADIUS (Remote Authentication Dial-In User Service): RADIUS is a networking protocol that provides centralized authentication, authorization, and accounting (AAA) management for users who connect and use a network service. It is often used for remote access solutions, including virtual private network (VPN) connections, making it suitable for providing secure remote access for roaming users.

C. Diameter: Diameter is an authentication, authorization, and accounting protocol used for applications such as network access or IP mobility. While it is similar to RADIUS in its purpose, it is more extensible and designed to address some limitations of RADIUS.

D. Circumference: There is no standard networking or security protocol known as "Circumference." It seems to be a term that does not relate to any common remote access mechanisms.

Rate this question:
47.

Your network has been attacked, and you want to check the inline device that should have identified the intrusion and blocked it. Which of the following network security mechanisms should you choose?
- Firewall
- ACL
- IPS
- Intrusion protection system
Correct Answer

A. IPS

Explanation

An Intrusion Protection System (IPS) is a network security mechanism that monitors network traffic for suspicious activity or known attack patterns. It identifies intrusions and takes immediate action to block or prevent them. In the given scenario, the network has been attacked, and the question asks for the mechanism that should have identified and blocked the intrusion. A firewall and ACL (Access Control List) can provide some level of security, but they do not actively monitor and block intrusions like an IPS does. Therefore, the correct answer is IPS.

Rate this question:
48.

Which data backup method is used to copy modified files to an offsite location?
- Remote journaling
- Electronic vaulting
- Incremental backup
- Differential backup
Correct Answer

A. Electronic vaulting

Explanation

Electronic vaulting is a data backup method that involves copying modified files to an offsite location. This method ensures that the most up-to-date versions of the files are stored in a secure location, protecting against data loss in case of a disaster or system failure. Unlike incremental or differential backups, electronic vaulting does not rely on keeping track of changes made to files over time, but rather focuses on regularly copying the modified files to a separate location for safekeeping.

Rate this question:
49.

Which of these are single points of failure?
- Disks
- A local LAN
- Servers
- Circuits
Correct Answer(s)

A. Disks
A. Servers
A. Circuits

Explanation

Disks, servers, and circuits are all examples of single points of failure. A single point of failure refers to a component or system that, if it fails, will cause the entire system or network to fail. In the case of disks, if a disk fails, the data stored on it may be lost or inaccessible. Similarly, if a server fails, the services or applications it provides will be unavailable. Circuits, such as network connections or communication lines, if they fail, can disrupt the flow of data or communication within a network. Therefore, these components are considered single points of failure as their failure can have a significant impact on the overall system or network.

Rate this question:

Godwin Iheuwa |MS (Computer Science) |

Database Administrator

Quiz Review Timeline (Updated): Nov 10, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Nov 10, 2024

Quiz Edited by
ProProfs Editorial Team

Expert Reviewed by
Godwin Iheuwa
Nov 16, 2012

Quiz Created by
IS_EXAM

Information Security Ultimate Exam Quiz!

Another name for the information security triad is:

Quiz Preview

Risk, as it applies to information technology, is not associated with which one or more of the following items:

Which one of these represents the property of keeping an organization's information accurate, without error, and without unauthorized modification?

Which one or more access control categories are sufficient to maintain the CIA triad?

Which one of the following access control services determines the capabilities of a subject when accessing the object?

Which one of the following access control types covers personnel security, monitoring, user and password management, and permissions management?

While applying the access control matrix may be impractical, an access control list can be employed as a solution.

Restricting access to objects based on the sensitivity of the information contained in the objects is an example of:

Which one of the following non-discretionary access control techniques limits a subject's access to objects by examining object data so that the subject's access rights can be determined?

True or False? For identification to be useful, it is sufficient for each identity to be recognizable to the system.

What are one or more methods used to authenticate identity?

Which one of the following authentication methods is necessary to safeguard systems and facilities in high-security environments?

Though single sign-on can be convenient, what is a potential security problem?

Which one of the following access control administration methods involves distributing the process to localized parts of the enterprise?

What is the simplest way to attack an access control system?

An attack where an attacker pretends to be someone else to hide his or her actual identity is known as:

True or False? The audit function is the principal function for monitoring access.

Which one of the following penetration test process phases includes gaining more detailed information about the selected or potential target?

True or False? War dialing locates and then attempts to penetrate wireless systems.

True or False? Because the TCB ensures system security through the implementation of security policies, protection against system-wide deficiencies is guaranteed.

Which of the following descriptions best explains the function of the security perimeter?

Which of the following statements best describes the primary objective for implementing layered protection?

Which one or more categories form the software architecture of a computer system?

Which software category is the first line of defense in a computer system?

Which of the following techniques allows several programs to appear to operate simultaneously in a single-processor computing system?

True or False? Multiprocessing facilitates an operating system's capacity to support more than one processor and allocate tasks between processors.

Which one of the following items is software that is used on hardware devices to control their elementary functions?

Which one or more of the following security models are integrity models?

There are times when a user is prevented from accessing specific data on a computer because of competing system information. A user's access to additional information may be dependent upon the discontinuation of active data access. Which security model does this represent?

Which data recovery process potentially produces an insecure system environment?

Which of the following acronyms applies to the first national standard for system security evaluations?

Which of the following is NOT a core principle of information security?

Which of the following reference models exchanges data between any two points on a telecommunications network?

Which one of the following OSI model layers is not correct?

Which model was developed in the late 1960s from a project sponsored by DARPA to design the Internet's protocols?

A multinational company with offices all over the world needs to communicate. What type of network will this be?

Which one of the following TCP/IP protocols is a connection-oriented protocol used in the TCP/IP model?

True or False? Data services are combinations of hardware and software dedicated to managing network functions and resources.

Which one of the following remote access technologies uses secure transport protocols like IPsec to transfer information from a remote client over the Internet?

Which one of the following actions is a capability of the PPTP remote access protocol?

True or False? Wi-Fi Protected Access is the latest advancement of wireless protection protocols.

A user calls the help desk complaining that there is a strange application on his computer. Upon further investigation, you discover that he had downloaded what he thought was a music application but was actually some type of unauthorized software. Which of the following attacks could this be?

Your users cannot access a server, and you notice almost 100% network saturation. Which of the following attacks might be underway?

Which one of the following security protocols is an upgraded version of SSL?

Which of the following network security mechanisms detect unwanted network attacks and alert an administrator to the event?

Your company uses an IP mobility application, and you want your roaming wireless remote users to be able to access the company network securely. Which one of the following remote access mechanisms should you choose?

Your network has been attacked, and you want to check the inline device that should have identified the intrusion and blocked it. Which of the following network security mechanisms should you choose?

Which data backup method is used to copy modified files to an offsite location?

Which of these are single points of failure?