IT Computer Security Quiz Questions

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Sickfredo
S
Sickfredo
Community Contributor
Quizzes Created: 3 | Total Attempts: 285
| Attempts: 161
SettingsSettings
Please wait...
  • 1/68 Questions

    A closed port responds to a SYN Packet with a(n) ___packet

Please wait...
About This Quiz

(These quizzes were derived from the ITS curriculum at algonquin college in order to help with study of material. These quizzes, in no way represent the curriculum as a whole. Is just a gathering of information to help you study)

IT Computer SecurITy Quiz Questions - Quiz

Quiz Preview

  • 2. 

    A friend lends you the latest music CD he just purchased. You take it home and make acopy for your own use. Have you broken any laws?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    Yes, making a copy of a music CD without the permission of the copyright holder is considered copyright infringement and is against the law.

    Rate this question:

  • 3. 

    Vulnerability is defined as a way that an attacker could use to get into the system

    • True

    • False

    Correct Answer
    A. True
    Explanation
    The statement accurately defines vulnerability as a means for an attacker to gain unauthorized access to a system. A vulnerability refers to a weakness or flaw in the system's security measures that can be exploited by an attacker to compromise the system's integrity, confidentiality, or availability. Therefore, the correct answer is "True."

    Rate this question:

  • 4. 

    It is possible to capture packets that are not destined for your machine.

    • True

    • False

    Correct Answer
    A. True
    Explanation
    It is possible to capture packets that are not destined for your machine because of the way network protocols work. When packets are sent over a network, they are often broadcasted or sent to multiple devices. Network sniffing tools can intercept and capture these packets, allowing users to analyze the network traffic and potentially capture packets that are not intended for their own machine.

    Rate this question:

  • 5. 

      It is not possible to notice someone using a packet sniffer on the network.

    • False

    • True

    Correct Answer
    A. False
    Explanation
    This statement is false because it is possible to notice someone using a packet sniffer on the network. A packet sniffer is a tool used to capture and analyze network traffic, and there are various ways to detect its presence. Network administrators can monitor network traffic for suspicious activity, such as an unusually high number of packets being captured or unusual patterns in the captured data. Additionally, network security measures can be implemented to detect and block packet sniffers on the network.

    Rate this question:

  • 6. 

    Physical dangers - i.e. earthquakes, flooding - are not considered a security concern.

    • True

    • False

    Correct Answer
    A. False
    Explanation
    Physical dangers such as earthquakes and flooding can indeed be considered a security concern. While they may not directly relate to issues of personal safety or protection from intentional harm, they can still pose significant risks to individuals, communities, and even national security. For example, natural disasters can disrupt critical infrastructure, lead to loss of life and property, create social unrest, and even provide opportunities for malicious actors to exploit vulnerabilities. Therefore, it is incorrect to say that physical dangers are not considered a security concern.

    Rate this question:

  • 7. 

    A ___ attaches itself to a program or file so it can spread from one computer to anotherwith the file as it travels, leaving infections as it travels.

    • Worm

    • Trojan

    • Virus

    • Rootkit

    • None of the above

    Correct Answer
    A. Virus
    Explanation
    A virus is a type of malicious software that attaches itself to a program or file and spreads from one computer to another. As it travels, it leaves infections in the files it infects. Unlike worms or Trojans, viruses require a host file or program to propagate and cannot spread on their own. Rootkits, on the other hand, are a type of malware that allows unauthorized access to a computer system, but they do not spread like viruses. Therefore, the correct answer is virus.

    Rate this question:

  • 8. 

      Which of the following is considered a reason why hackers attack systems?

    • Profit

    • Religious / political / ethical reasons

    • “Mount Everest” syndrome

    • Revenge

    • All of the above

    Correct Answer
    A. All of the above
    Explanation
    Hackers attack systems for various reasons, including profit, religious/political/ethical motivations, the "Mount Everest" syndrome (the desire to conquer a challenging target), and revenge. These motivations can drive hackers to exploit vulnerabilities in systems and gain unauthorized access, causing damage, stealing sensitive information, or disrupting services. The combination of these different reasons makes it difficult to pinpoint a single motive for hacking, as hackers can be driven by a mix of financial gain, personal beliefs, and personal vendettas.

    Rate this question:

  • 9. 

    Which one of the following is NOT a fundamental principle of the Computer Security Triad?

    • Confidentiality

    • Ease of Use

    • Availability

    • Integrity

    • Accountability

    Correct Answer
    A. Ease of Use
    Explanation
    The Computer Security Triad consists of three fundamental principles: confidentiality, integrity, and availability. These principles are essential for ensuring the security of computer systems and data. Ease of use, on the other hand, is not a fundamental principle of the triad. While it is important to consider usability in the design and implementation of security measures, it is not one of the core principles that the triad focuses on.

    Rate this question:

  • 10. 

    In security environments, Authentication refers to:

    • Supplying your identity

    • Confirming your identify with an element unique to the individual

    • Using your identity to assign access rights

    • Tracking what users are doing while accessing the systems

    • None of the above

    Correct Answer
    A. Confirming your identify with an element unique to the individual
    Explanation
    Authentication in security environments refers to the process of confirming an individual's identity with a unique element. This unique element could be a password, a fingerprint, a smart card, or any other factor that is specific to the individual. By confirming the identity, the system ensures that the user is who they claim to be before granting access to resources or assigning access rights.

    Rate this question:

  • 11. 

    Which of the CIA Triad elements is responsible for ensuring that personal information is notdisclosed to unauthorized users?

    • Availability

    • Confidentiality

    • Integrity

    • Accountability

    • Ease of Use

    Correct Answer
    A. Confidentiality
    Explanation
    Confidentiality is responsible for ensuring that personal information is not disclosed to unauthorized users. It involves protecting sensitive data from being accessed, viewed, or disclosed by unauthorized individuals. Confidentiality measures, such as encryption, access controls, and secure transmission protocols, are implemented to safeguard personal information and maintain privacy.

    Rate this question:

  • 12. 

    ___ reconnaissance is used by hackers for observing and learning about the target fromafar, while _____ reconnaissance is used to gain more active and direct knowledge of thetarget.

    • Active, Passive

    • Passive, Active

    • Active, Submissive

    • Positive, Active

    • None of the above

    Correct Answer
    A. Passive, Active
    Explanation
    Passive reconnaissance is used by hackers to observe and gather information about the target without directly interacting with it. This can include activities such as scanning networks, collecting publicly available information, or monitoring communication channels. On the other hand, active reconnaissance involves more direct and aggressive techniques to gain knowledge about the target. This can include activities such as port scanning, vulnerability scanning, or attempting to exploit weaknesses in the target's security.

    Rate this question:

  • 13. 

    The ICMP protocol is specifically designed to:

    • Check & report on network error conditions

    • Generate networking stats

    • Control traffic flow across networks

    • Track end-to-end connectivity

    • None of the above

    Correct Answer
    A. Check & report on network error conditions
    Explanation
    The ICMP protocol, or Internet Control Message Protocol, is specifically designed to check and report on network error conditions. It is used by network devices to send error messages and operational information, allowing for the detection and reporting of issues such as unreachable hosts, network congestion, or routing problems. ICMP helps in troubleshooting and diagnosing network problems by providing feedback about the status and errors occurring within a network.

    Rate this question:

  • 14. 

    Packet sniffers cannot read / interpret the payload in a packet for you.

    • True

    • False

    Correct Answer
    A. False
    Explanation
    Packet sniffers are tools used to capture and analyze network traffic. They can intercept and display the contents of packets, including the payload. Therefore, the statement that packet sniffers cannot read or interpret the payload in a packet is false. Packet sniffers are specifically designed to capture and analyze the data within packets, allowing users to examine the contents and analyze network communication.

    Rate this question:

  • 15. 

    Of all the vulnerabilities listed below, which one is considered the hardest to properlyprotect against?

    • Low physical security

    • Active services

    • Open ports

    • The human element

    • Bad passwords

    Correct Answer
    A. The human element
    Explanation
    The human element is considered the hardest vulnerability to properly protect against because humans are susceptible to making mistakes, being manipulated, or intentionally causing security breaches. Unlike technical vulnerabilities like open ports or bad passwords, which can be addressed through technological solutions, the human element involves unpredictable behavior and requires a combination of training, awareness, and ongoing monitoring to mitigate the risks.

    Rate this question:

  • 16. 

    It is not possible to map out a network, its resources and how they are connected without physical access to the resources themselves

    • True

    • False

    Correct Answer
    A. False
    Explanation
    The statement is false because it is possible to map out a network, its resources, and how they are connected without physical access to the resources themselves. This can be done through various network mapping techniques such as network scanning, network discovery tools, and network monitoring software. These methods allow network administrators to gather information about the network topology, devices, and connections remotely, without the need for physical access to the resources.

    Rate this question:

  • 17. 

    A threat becomes a risk only when it is identified as being linked to a specific vulnerability

    • True

    • False

    Correct Answer
    A. True
    Explanation
    When a threat is identified as being linked to a specific vulnerability, it becomes a risk. This means that the potential harm or damage that the threat can cause is now more likely to occur because there is a vulnerability that can be exploited. Without the identification of a vulnerability, the threat remains just a potential danger without a high likelihood of actually causing harm. Therefore, the statement "A threat becomes a risk only when it is identified as being linked to a specific vulnerability" is true.

    Rate this question:

  • 18. 

    Which of the following command lines would you use to conduct a Christmas scan usingnmap?

    • Nmap -sP 192.168.1.1

    • Nmap -sX 192.168.1.1

    • Nmap -sU 192.168.1.1

    • Nmap -sN 192.168.1.1

    • Nmap -sC 192.168.1.1

    Correct Answer
    A. Nmap -sX 192.168.1.1
  • 19. 

    A weakness in a computer system, or a point where the system is susceptible to attack.The weakness could be exploited to violate system security. This is the definition of a(n)

    • Exploit

    • Vulnerability

    • Threat

    • Risk

    • Hole

    Correct Answer
    A. Vulnerability
    Explanation
    A vulnerability refers to a weakness in a computer system that can be exploited by attackers to compromise its security. It represents a point of susceptibility where an attacker can gain unauthorized access, steal data, or disrupt system operations. Identifying and addressing vulnerabilities is crucial to maintaining the security and integrity of computer systems.

    Rate this question:

  • 20. 

       A security exploit is defined as:

    • Something used to shutdown a system

    • A threat turned into a vulnerability

    • A flaw in the system

    • Anything that can be used to compromise a system

    • None of the above

    Correct Answer
    A. Anything that can be used to compromise a system
    Explanation
    A security exploit refers to any method, technique, or tool that can be utilized to compromise or breach the security of a system. It can encompass various forms such as software vulnerabilities, hardware weaknesses, social engineering tactics, or even physical attacks. This broad definition includes all possible means by which an attacker can gain unauthorized access, steal information, disrupt operations, or cause harm to a system or its users.

    Rate this question:

  • 21. 

    Which of the following is NOT a security mechanism that can be used to support the 3 elements of the CIA Triad?

    • Identification

    • Granularity

    • Authentication

    • Authorization

    • Accountability

    Correct Answer
    A. Granularity
    Explanation
    Granularity is not a security mechanism that can be used to support the elements of the CIA Triad. The CIA Triad consists of three components - confidentiality, integrity, and availability - which are essential for information security. Identification, authentication, authorization, and accountability are all security mechanisms that can be used to support these elements. Granularity, on the other hand, refers to the level of detail or precision in which something is measured or controlled, and it is not directly related to the CIA Triad or information security.

    Rate this question:

  • 22. 

    Which of the authentication methods below will ensure the strongest degree of authentication to access a system?

    • Token-based authentication

    • Password authentication

    • Biometric authentication

    • Multi-factor authentication

    • None of the above

    Correct Answer
    A. Multi-factor authentication
    Explanation
    Multi-factor authentication ensures the strongest degree of authentication to access a system because it requires multiple forms of identification to verify the user's identity. This typically includes a combination of something the user knows (such as a password), something the user has (such as a token or smart card), and something the user is (such as a fingerprint or iris scan). By requiring multiple factors, it significantly increases the security of the authentication process and reduces the risk of unauthorized access.

    Rate this question:

  • 23. 

    Which of the following security goals provides a means for objective verification of a user’sidentity?

    • Authorization

    • Authentication

    • Verification

    • Identification

    • Clarification

    Correct Answer
    A. Authentication
    Explanation
    Authentication is the correct answer because it refers to the process of verifying the identity of a user. It provides a means for objective verification by confirming that the user is who they claim to be, typically through the use of passwords, biometrics, or other security measures. Authentication is essential for ensuring that only authorized individuals can access sensitive information or perform certain actions, thereby enhancing the overall security of a system or network.

    Rate this question:

  • 24. 

    Computer A wishes to open a TCP session with Computer B. If Computer A's initialsequence number is 145678913, then Computer B will respond with:

    • An initial sequence number of its own and an acknowledgement number of 145678914

    • An initial sequence number of its own and no acknowledgement number since no data was received

    • An acknowledgment number of 145678914

    • An acknowledgement number of 145678913

    • An initial

    Correct Answer
    A. An initial sequence number of its own and an acknowledgement number of 145678914
    Explanation
    Computer B will respond with an initial sequence number of its own and an acknowledgement number of 145678914. This is because in a TCP session, both computers need to establish synchronization by exchanging initial sequence numbers. Computer B generates its own initial sequence number and acknowledges the receipt of Computer A's initial sequence number by sending an acknowledgement number.

    Rate this question:

  • 25. 

    ___ spread from computer to computer, but unlike the malware , it has theability to travel and replicate itself without any user intervention.A- WormB- TrojanC- VirusD- RootkitE- None of the above

    • Worm

    • Trojan

    • Virus

    • Rootkit

    • None of the above

    Correct Answer
    A. Worm
    Explanation
    A worm is a type of malware that can spread from computer to computer without any user intervention. Unlike viruses and trojans, worms do not require a host file or user action to replicate themselves. They can exploit vulnerabilities in network protocols or operating systems to automatically propagate and infect other systems. This makes worms particularly dangerous as they can quickly infect a large number of computers and cause widespread damage. In this case, the correct answer is A - Worm.

    Rate this question:

  • 26. 

    IUA small company is looking to implement a protocol to exchange large financial transaction information on a semi-regular basis. Their primary concern is security, with performance being a close second. Which protocol should they implement?

    • TCP

    • UDP

    • IP

    • ICMP

    • None of the above

    Correct Answer
    A. TCP
    Explanation
    The small company should implement TCP (Transmission Control Protocol) because it provides reliable and secure communication by establishing a connection, ensuring data integrity, and retransmitting lost packets. TCP also offers flow control and congestion control mechanisms to optimize performance. UDP (User Datagram Protocol) does not guarantee reliable transmission or security, making it unsuitable for large financial transactions. IP (Internet Protocol) is a network layer protocol and ICMP (Internet Control Message Protocol) is used for network troubleshooting, so they are not suitable for the company's requirements. Therefore, TCP is the best choice for the company's needs.

    Rate this question:

  • 27. 

    ____ is a connectionless protocol

    • ICMP

    • TCP

    • UDP

    • FTP

    • None of the above

    Correct Answer
    A. UDP
    Explanation
    UDP (User Datagram Protocol) is a connectionless protocol. Unlike TCP (Transmission Control Protocol), which establishes a connection between two devices before data transfer, UDP does not establish a connection and simply sends data packets without any guarantee of delivery or order. UDP is commonly used for applications that require low latency and can tolerate some data loss, such as streaming media, online gaming, and DNS (Domain Name System) queries.

    Rate this question:

  • 28. 

    Which of the tools below is designed as a vulnerability scanner?

    • Nmap

    • Snort

    • Nessus

    • Nmap

    • Tcpdump

    Correct Answer
    A. Nessus
    Explanation
    Nessus is designed as a vulnerability scanner. It is a widely used tool for identifying vulnerabilities in computer systems and networks. Nessus scans for known vulnerabilities and provides detailed reports on the findings. It helps organizations identify and address security weaknesses before they can be exploited by attackers.

    Rate this question:

  • 29. 

    1.    Which one of the circumstances below poses a significant risk?

    • Low threat, low vulnerability

    • Low threat, high vulnerability

    • High threat, low vulnerability

    • High threat, high vulnerability

    • None of the above

    Correct Answer
    A. High threat, high vulnerability
    Explanation
    High threat, high vulnerability poses a significant risk because it indicates a situation where there is a high likelihood of a threat occurring and a high potential for it to cause harm or damage. This combination increases the chances of negative consequences and the need for proactive measures to mitigate the risk.

    Rate this question:

  • 30. 

    Your system receives a few packets, but no connection seems to be established. Whenyou look at the logs, you notice you received a few SYN packets, immediately followed byRST packets, but no ACK packets. What could be happening?

    • SYN Stealth Open Port scan from Nmap

    • XMAS Open Port scan from Nmap

    • Hacker trying to identify the service running on a port

    • TCP/IP stack has failed

    • None of the above

    Correct Answer
    A. SYN Stealth Open Port scan from Nmap
    Explanation
    The given correct answer suggests that the system is experiencing a SYN Stealth Open Port scan from Nmap. This type of scan involves sending a SYN packet to initiate a connection with the target system, but instead of completing the connection with an ACK packet, the attacker sends a RST packet to terminate the connection. This technique is used by hackers to identify open ports on a system without being detected.

    Rate this question:

  • 31. 

    John received an e-mail from Suzy, but he wants to ensure that the content were not altered between the time Suzy sent it and John received it. What CIA Triad goal is John trying to achieve?

    • Confidentiality

    • Availability

    • Integrity

    • Accountability

    • Disclosure

    Correct Answer
    A. Integrity
    Explanation
    John is trying to achieve the goal of integrity. The goal of integrity ensures that the content of the e-mail remains unchanged and unaltered during transmission from Suzy to John. It ensures that the information has not been tampered with, modified, or corrupted in any way.

    Rate this question:

  • 32. 

      Which of the following is not considered a category of exploit?

    • Over the Internet

    • Over the LAN

    • Locally

    • Offline

    • Ignorance

    Correct Answer
    A. Ignorance
    Explanation
    Ignorance is not considered a category of exploit. Exploits are typically categorized based on the method or location of the attack. "Over the Internet," "Over the LAN," "Locally," and "Offline" are all categories that describe different ways in which an exploit can occur. However, "Ignorance" does not fit into any of these categories and is not a recognized category of exploit.

    Rate this question:

  • 33. 

    When using a packet sniffer, what part(s) of the packet can you observe?(Select all that apply)

    • IP header content

    • Protocol header (TCP, UDP, ICMP, etc) content

    • Payload

    • MAC Address

    • All of the above

    Correct Answer
    A. All of the above
    Explanation
    When using a packet sniffer, you can observe all of the above parts of the packet. A packet sniffer allows you to capture and analyze network traffic, and it provides visibility into various aspects of the packets. By using a packet sniffer, you can observe the IP header content, protocol header content (such as TCP, UDP, ICMP), payload, and MAC address. This allows you to analyze and understand the different layers and components of the network packets being transmitted.

    Rate this question:

  • 34. 

    In the TCP/IP stack, the ____ layer is concerned with physically moving electrons across amedia or wire.

    • Internet

    • Network

    • Transport

    • Physical

    • Application

    Correct Answer
    A. Physical
    Explanation
    The Physical layer in the TCP/IP stack is responsible for physically moving electrons across a media or wire. This layer deals with the actual transmission of data bits over the network, including the electrical, mechanical, and functional aspects of the physical connection. It defines the specifications for cables, connectors, and other hardware components required for data transmission.

    Rate this question:

  • 35. 

    What security term, coined by the SANS institute, is used to represent the optimalinformation security strategy?

    • Separation of Privileges

    • Principle of Least Privileges

    • Defense in Depth

    • Security through obscurity

    • All of the above

    Correct Answer
    A. Defense in Depth
    Explanation
    Defense in Depth is a security term used to represent the optimal information security strategy. It involves implementing multiple layers of security measures to protect against potential threats. This approach ensures that even if one layer is breached, there are additional layers in place to prevent unauthorized access and protect sensitive information. By implementing a combination of physical, technical, and administrative controls, organizations can create a strong defense system that reduces the risk of successful attacks. Separation of Privileges, Principle of Least Privileges, and Security through obscurity are also important security concepts but are not specifically synonymous with the optimal security strategy represented by Defense in Depth.

    Rate this question:

  • 36. 

    Each TCP connection is uniquely identified by:

    • Source and Destination IP

    • Source and Destination port

    • Sequence Number

    • Connection Number

    • A & B only

    Correct Answer
    A. A & B only
    Explanation
    Each TCP connection is uniquely identified by the combination of the source and destination IP addresses and the source and destination port numbers. The IP addresses identify the source and destination devices, while the port numbers specify the specific application or service running on those devices. The sequence number and connection number are not used for uniquely identifying TCP connections.

    Rate this question:

  • 37. 

    You’ve captured a packet from the network using TCPDUMP, but it’s in raw hex format. Which of the following is the first part of the information in the packet concerned with?

    • Protocol (TCP, UDP, ICMP, etc) header

    • IP header

    • Payload

    • MAC header

    • None of the above

    Correct Answer
    A. IP header
    Explanation
    The correct answer is IP header. When capturing a packet using TCPDUMP, the packet is in raw hex format. The IP header is the first part of the packet that contains information such as the source and destination IP addresses, protocol version, packet length, and other important information about the IP packet.

    Rate this question:

  • 38. 

    In order for a packet sniffer to work properly, it needs to put the NIC card into _____ mode.

    • Listening

    • Active

    • Promiscuous

    • Normal

    • None of the above

    Correct Answer
    A. Promiscuous
    Explanation
    A packet sniffer needs to put the NIC card into promiscuous mode in order to work properly. This mode allows the network interface card to capture all network traffic, including packets that are not intended for the device. By enabling promiscuous mode, the packet sniffer can analyze and capture all network packets passing through the network, regardless of their destination. This is essential for monitoring and analyzing network traffic for security or troubleshooting purposes.

    Rate this question:

  • 39. 

    Which of the following software tools are not effective for security purposes?

    • Ping

    • Traceroute

    • Route

    • Nmap

    • None of the above

    Correct Answer
    A. None of the above
    Explanation
    All of the given software tools (Ping, Traceroute, Route, Nmap) can be effective for security purposes. Ping can be used to check the availability of a host and detect any potential network issues, Traceroute can help identify the path that network packets take to reach a destination and detect any suspicious hops, Route can be used to view and manipulate the routing table of a network device, and Nmap is a powerful network scanning tool that can be used for security auditing and discovering vulnerabilities. Therefore, none of the above options are not effective for security purposes.

    Rate this question:

  • 40. 

    The TCP three-way handshake used to open a TCP connection uses 3 packets.What 2 flags are required to be set across these 3 packets? (Select all that apply)

    • SYN Flag

    • Payload Flag

    • FIN Flag

    • ACK Flag

    • RST Flag

    Correct Answer(s)
    A. SYN Flag
    A. ACK Flag
    Explanation
    The TCP three-way handshake is a process used to establish a TCP connection between two devices. It involves the exchange of three packets. The SYN (synchronize) flag is set in the first packet sent by the client to the server to initiate the connection. The server responds with a packet that has both the SYN and ACK (acknowledge) flags set, indicating that it received the client's request and is willing to establish a connection. Finally, the client sends a packet with only the ACK flag set to acknowledge the server's response. Therefore, the two flags required to be set across these three packets are the SYN Flag and the ACK Flag.

    Rate this question:

  • 41. 

    A fragmented IP datagram is reassembled by

    • The router closest to the destination

    • Any router along the path when the MTU changes to permit a larger datagram

    • By the destination host

    • By the application processing the information datagram

    • None of the above

    Correct Answer
    A. By the destination host
    Explanation
    A fragmented IP datagram is reassembled by the destination host. When a large IP datagram is fragmented into smaller pieces for transmission over a network, it is the responsibility of the destination host to receive and reassemble these fragments into the original datagram. This process is done using the identification field and fragment offset field in the IP header, which allow the destination host to correctly order and combine the fragments. The routers along the path only handle the forwarding of the individual fragments, while the application processing the information datagram is not involved in the reassembly process.

    Rate this question:

  • 42. 

    The loss of one of the goals of security is known as a:

    • Hole

    • Vulnerability

    • Risk

    • Compromise

    • Threat

    Correct Answer
    A. Compromise
    Explanation
    Compromise refers to the loss of one of the goals of security, which is the protection of resources and data from unauthorized access, use, disclosure, disruption, modification, or destruction. When a compromise occurs, it means that the security measures in place have been breached, allowing an attacker to gain unauthorized access or control over the system, network, or data. This can lead to various negative consequences, such as data breaches, financial losses, reputational damage, and legal implications.

    Rate this question:

  • 43. 

    Which of the following is information security NOT concerned with?

    • Physical Security

    • Information Security

    • Resources Management

    • Asset Security

    • Backups

    Correct Answer
    A. Resources Management
    Explanation
    Information security is concerned with protecting the confidentiality, integrity, and availability of information. Resources management, on the other hand, focuses on efficiently and effectively managing an organization's resources, such as personnel, finances, and equipment. While information security is closely related to resources management, it is not solely concerned with it. Information security also includes other aspects such as risk management, incident response, and security awareness training. Therefore, resources management is the correct answer as it is not directly related to information security.

    Rate this question:

  • 44. 

    Security goals are a balancing act between 3 key elements. What are these elements?

    • Security, Integrity, Functionality

    • Security, Ease of Use, Functionality

    • Availability, Ease of Use, Functionality

    • Confidentiality, Security, Ease of Use

    • Confidentiality, Integrity, Availability

    Correct Answer
    A. Security, Ease of Use, Functionality
    Explanation
    The three key elements in balancing security goals are security, ease of use, and functionality. Security ensures the protection of data and systems from unauthorized access or attacks. Ease of use focuses on making security measures user-friendly and convenient for individuals to use. Functionality ensures that security measures do not hinder the proper functioning and performance of systems and processes. Balancing these three elements is crucial in designing effective and efficient security measures that meet the needs of users while maintaining the integrity and availability of data and systems.

    Rate this question:

  • 45. 

    Based on the highlighted portion of the captured packet code below, what protocol isidentified as being used in the payload portion of this IP packet?4500 0064 0000 4000 4017 b755 c0a8 0101

    • IP

    • UDP

    • TCP

    • ICMP

    • None of the above

    Correct Answer
    A. UDP
    Explanation
    The highlighted portion of the captured packet code "4017" indicates the protocol field in the IP header. In this case, the value "17" corresponds to the UDP (User Datagram Protocol) protocol. Therefore, the protocol identified as being used in the payload portion of this IP packet is UDP.

    Rate this question:

  • 46. 

    Which of the software tools below is considered an Intrusion Detection System?

    • Ping

    • Snort

    • Nessus

    • Ethereal

    • Tcpdump

    Correct Answer
    A. Snort
    Explanation
    Snort is considered an Intrusion Detection System (IDS) because it is an open-source network intrusion prevention and detection system. It analyzes network traffic in real-time, looking for patterns and signatures of known attacks. It can also be configured to generate alerts or take action when suspicious activity is detected. Snort is widely used in the cybersecurity industry as an effective tool for monitoring and protecting network systems against various types of intrusions and attacks.

    Rate this question:

  • 47. 

    Which one of the following mechanisms can hackers use to defeat Availability?

    • Destruction

    • Integrity

    • Alteration

    • Disclosure

    • Confidentiality

    Correct Answer
    A. Destruction
    Explanation
    Hackers can defeat Availability by using the mechanism of Destruction. This means they can intentionally destroy or disrupt the availability of a system, network, or service, making it inaccessible or unusable for legitimate users. This can be done through various methods such as launching a denial of service (DoS) attack, destroying physical infrastructure, or deleting critical data. By causing destruction, hackers can effectively prevent users from accessing or using the targeted resource, compromising its availability.

    Rate this question:

  • 48. 

    Which of the following is one method of gathering information about the operating system acompany is using?

    • Search the Web for e-mail addresses of IT employees

    • Connect via telnet to the company’s Web server

    • Ping the URL and analyze the ICMP messages

    • Use the ipconfig /os command

    • None of the above

    Correct Answer
    A. Connect via telnet to the company’s Web server
    Explanation
    Connecting via telnet to the company's web server is one method of gathering information about the operating system a company is using. By connecting through telnet, one can access the command-line interface of the web server and gather information about the operating system running on it. This method allows for direct interaction with the server and can provide valuable information about the underlying technology being used.

    Rate this question:

  • 49. 

    1.    The OSI layer which provides data encryption is the:

    • Application Layer

    • Presentation Layer

    • Session Layer

    • Transport Layer

    • Network Layer

    Correct Answer
    A. Presentation Layer
    Explanation
    The Presentation Layer in the OSI model is responsible for data encryption and decryption. It ensures that the data is properly formatted and encrypted before transmission, and decrypts it at the receiving end. This layer also handles data compression, encryption, and decryption algorithms, ensuring that the data is secure and can be understood by the receiving application.

    Rate this question:

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Mar 25, 2010
    Quiz Created by
    Sickfredo

Recent Quizzes

computer hardware and software startup functions computer hardware and software startup functions
Intro to Computers 1st Quarter Test 2015 Intro to Computers 1st Quarter Test 2015
Fun trivia questions on Computers Fun trivia questions on Computers
Do you actually know Computers? Do you actually know Computers?
Test your knowledge on Computers Test your knowledge on Computers
The Big Quiz On Computers The Big Quiz On Computers

Popular Topics

+ Show more
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.