Type
Quiz
Book Title
Computer Security Fundamentals (Pearson IT Cybersecurity Curriculum (ITCC)) 3rd Edition
ISBN 13
978-0789757463

978-0789757463 Chapter 1

February 27, 2021
True / False
1. The Domain Name Service is what translates human-readable domain names into IP
addresses that computers and routers understand.
2. The type of hacking that involves breaking into telephone systems is called sneaking.
3. The technique for breaching a system’s security by exploiting human nature rather than
technology is war-driving.
4. Malware is a generic term for software that has a malicious purpose.
5. Software that lays dormant until some specific condition is met is a Trojan horse.
6. Someone who breaks into a system legally to assess security deficiencies is a sneaker.
7. Auditing is the process to determine if a user’s credentials are authorized to access a
network resource.
8. Confidentiality, integrity, and availability are three pillars of the CIA triangle.
9. The Health Insurance Portability and Accountability Act of 1996 requires government
agencies to identify sensitive systems, conduct computer security training, and develop
computer security plans.
10The SANS Institute website is a vast repository of security-related documentation.
Multiple Choice
1. In which type of hacking does the user block access from legitimate users without
actually accessing the attacked system?
a. Denial of service
b. Web attack
c. Session hijacking
d. None of the above
2. Your company is instituting a new security awareness program. You are responsible
for educating end users on a variety of threats, including social engineering. Which of the
following best defines social engineering?
a. Illegal copying of software
b. Gathering information from discarded manuals and printouts
c. Using people skills to obtain proprietary information
d. Destruction or alteration of data
3. Which type of hacking occurs when the attacker monitors an authenticated session
between the client and the server and takes over that session?
a. Denial of service
b. Web attack
c. Session hijacking
d. None of the above
4. Someone who finds a flaw in a system and reports that flaw to the vendor of the
system is a __________.
a. White hat hacker
b. Black hat hacker
c. Gray hat hacker
d. Red hat hacker
5. Someone who gains access to a system and causes harm is a __________?
a. White hat hacker
b. Black hat hacker
c. Grey hat hacker
d. Red hat hacker
6. A black hat hacker is also called a ___________
a. Thief
b. Cracker
c. Sneaker
d. None of the above
7. Someone who calls himself a hacker but lacks the expertise is a ________.
a. Script kiddy
b. Sneaker
c. White hat hacker
d. Black hat hacker
8. Someone who legally breaks into a system to assess security deficiencies is a
________.
a. Script kiddy
b. Penetration tester
c. White hat hacker
d. Black hat hacker
9. A(n) ______ is a basic security device that filters traffic and is a barrier between a
network and the outside world or between a system and other systems.
a. Firewall
b. Proxy server
c. Intrusion detection system
d. Network Monitor
10. A(n) hides the internal network’s IP address and presents a single IP address to the
outside world.
a. Firewall
b. Proxy server
c. Intrusion detection system
d. Network Monitor
11. Which one of these is NOT one the three pillars of security in the CIA triangle?
a. Confidentiality
b. Integrity
c. Availability
d. Authentication
12. Which of these is the process to determine if the credentials given by a user or
another system are authorized to access the network resource in question?
a. Confidentiality
b. Integrity
c. Availability
d. Authentication
13. Which of these is a repository of security-related documentation and also sponsors a
number of security research projects?
a. Computer Emergency Response Team
b. F-Secure
c. SANS Institute
d. Microsoft Security Advisor
14. Which of these was the first computer incident-response team?
a. Computer Emergency Response Team
b. F-Secure
c. SANS Institute
d. Microsoft Security Advisor
15. Which of these is a repository for detailed information on virus outbreaks?
a. Computer Emergency Response Team
b. F-Secure
c. SANS Institute
d. Microsoft Security Advisor
1. in which type of hacking does the user block access from legitimate users without actually accessing the attacked system? a. denial of service b. web attack c. session hijacking d. none of the above answer a. a denial-of-service attack is probably the most common attack on the web. 2. your company is instituting a new security awareness program. you are responsible for educating end users on a variety of threats, including social engineering. which of the following best defines social engineering? a. illegal copying of software 3. which type of hacking occurs when the attacker monitors an authenticated session between the client and the server and takes over that session? a. denial of service b. web attack c. session hijacking d. none of the above answer c. 4. someone who finds a flaw in a system and reports that flaw to the vendor of the system is a __________. a. white hat hacker b. black hat hacker c. gray hat hacker d. red hat hacker answer a. white hat hackers are often hired by companies to do penetration tests. 5. someone who gains access to a system and causes harm is a __________? a. white hat hacker b. black hat hacker c. grey hat hacker d. red hat hacker answer b. a black hat hacker might steal data, erase files, or deface websites. 6. a black hat hacker is also called a ___________ a. thief b. cracker c. sneaker d. none of the above answer b. 7. someone who calls himself a hacker but lacks the expertise is a ________. a. script kiddy b. sneaker c. white hat hacker d. black hat hacker answer a. there are many internet tools that can be used to perform hacking tasks, and users of these tools who don’t understand the target system are script kiddies. 8. someone who legally breaks into a system to assess security deficiencies is a ________. a. script kiddy b. penetration tester c. white hat hacker d. black hat hacker answer b. anyone hired to assess the vulnerabilities of a system should be both technically proficient and ethical. 9. a(n) ______ is a basic security device that filters traffic and is a barrier between a network and the outside world or between a system and other systems. a. firewall b. proxy server c. intrusion detection system d. network monitor answer a. a firewall can be a server, a router, or software running on a machine. 10. a(n) hides the internal network’s ip address and presents a single ip address to the outside world. a. firewall b. proxy server c. intrusion detection system d. network monitor answer b. 11. which one of these is not one the three pillars of security in the cia triangle? a. confidentiality b. integrity c. availability d. authentication answer d. 12. which of these is the process to determine if the credentials given by a user or another system are authorized to access the network resource in question? a. confidentiality b. integrity c. availability d. authentication answer d. 13. which of these is a repository of security-related documentation and also sponsors a number of security research projects? a. computer emergency response team b. f-secure c. sans institute d. microsoft security advisor answer c. 14. which of these was the first computer incident-response team? a. computer emergency response team b. f-secure c. sans institute d. microsoft security advisor answer a. 15. which of these is a repository for detailed information on virus outbreaks? a. computer emergency response team b. f-secure c. sans institute d. microsoft security advisor answer b. information includes how a virus spreads, ways to recognize the virus, and, frequently, specific tools for cleaning an infected system.