IT6205A-2113T Introduction to Cybersecurity Introduction
(Chapter 1)
Question text
What is another name for confidentiality of information?
Select one:
trustworthiness
privacy
accuracy
consistency
Feedback
Refer to curriculum topic: 1.2.1
Privacy is another name for confidentiality. Accuracy, consistency, and trustworthiness describe integrity of data.
Privacy is another name for confidentiality. Accuracy, consistency, and trustworthiness describe integrity of data.
The correct answer is: privacy
Question text
Match the type of cyber attackers to the description. (Not all options are used.)
| gather intelligence or commit sabotage on specific goals on behalf of their government | |
| make political statements, or create fear, by causing physical or psychological damage to victims | |
| make political statements in order to create an awareness of issues that are important to them |
Feedback
Refer to curriculum topic: 1.3.1
The correct answer is: gather intelligence or commit sabotage on specific goals on behalf of their government → state-sponsored attackers, make political statements, or create fear, by causing physical or psychological damage to victims → terrorists, make political statements in order to create an awareness of issues that are important to them → hacktivists
Question text
Which method is used to check the integrity of data?
Select one:
encryption
authentication
backup
checksum
Feedback
Refer to curriculum topic: 1.2.1
A checksum value of a block of data is calculated and transmitted with the data. After the data is received, the checksum hashing is performed again. The calculated value is compared with the transmitted value to verify the integrity of the data.
A checksum value of a block of data is calculated and transmitted with the data. After the data is received, the checksum hashing is performed again. The calculated value is compared with the transmitted value to verify the integrity of the data.
The correct answer is: checksum
Question text
Which statement describes cyberwarfare?
Select one:
It is simulation software for Air Force pilots that allows them to practice under a simulated war scenario.
Cyberwarfare is an attack carried out by a group of script kiddies.
It is Internet-based conflict that involves the penetration of information systems of other nations.
It is a series of personal protective equipment developed for soldiers involved in nuclear war.
Feedback
Refer to curriculum topic: 1.4.1
Cyberwarfare is Internet-based conflict that involves the penetration of the networks and computer systems of other nations. Organized hackers are typically involved in such an attack.
Cyberwarfare is Internet-based conflict that involves the penetration of the networks and computer systems of other nations. Organized hackers are typically involved in such an attack.
The correct answer is: It is Internet-based conflict that involves the penetration of information systems of other nations.
Question text
What is the motivation of a white hat attacker?
Select one:
discovering weaknesses of networks and systems to improve the security level of these systems
fine tuning network devices to improve their performance and efficiency
taking advantage of any vulnerability for illegal personal gain
studying operating systems of various platforms to develop a new system
Feedback
Refer to curriculum topic: 1.3.1
White hat attackers break into networks or computer systems in order to discover weaknesses for the purpose of improving the security of these systems. These break-ins are done with permission from the owner or the organization. Any results are reported back to the owner or the organization.
White hat attackers break into networks or computer systems in order to discover weaknesses for the purpose of improving the security of these systems. These break-ins are done with permission from the owner or the organization. Any results are reported back to the owner or the organization.
The correct answer is: discovering weaknesses of networks and systems to improve the security level of these systems
Question text
What three items are components of the CIA triad? (Choose three.)
Select one or more:
availability
integrity
intervention
scalability
confidentiality
access
Feedback
Refer to curriculum topic: 1.2.1
The CIA triad contains three components: confidentiality, integrity, and availability. It is a guideline for information security for an organization.
The CIA triad contains three components: confidentiality, integrity, and availability. It is a guideline for information security for an organization.
The correct answers are: integrity, availability, confidentiality
Question text
What is a reason that internal security threats might cause greater damage to an organization than external security threats?
Select one:
Internal users have direct access to the infrastructure devices.
Internal users can access the infrastructure devices through the Internet.
Internal users have better hacking skills.
Internal users can access the corporate data without authentication.
Feedback
Refer to curriculum topic: 1.3.1
Internal threats have the potential to cause greater damage than external threats because internal users have direct access to the building and its infrastructure devices. Internal users may not have better hacking skills than external attackers. Both internal users and external users can access the network devices through the Internet. A well designed security implementation should require authentication before corporate data is accessed, regardless of whether the access request is from within the corporate campus or from the outside network.
Internal threats have the potential to cause greater damage than external threats because internal users have direct access to the building and its infrastructure devices. Internal users may not have better hacking skills than external attackers. Both internal users and external users can access the network devices through the Internet. A well designed security implementation should require authentication before corporate data is accessed, regardless of whether the access request is from within the corporate campus or from the outside network.
The correct answer is: Internal users have direct access to the infrastructure devices.
Question text
What is an example of "hacktivism"?
Select one:
Criminals use the Internet to attempt to steal money from a banking company.
A country tries to steal defense secrets from another country by infiltrating government networks.
A teenager breaks into the web server of a local newspaper and posts a picture of a favorite cartoon character.
A group of environmentalists launch a denial of service attack against an oil company that is responsible for a large oil spill.
Feedback
Refer to curriculum topic: 1.3.1
Hacktivism is a term used to describe cyberattacks carried out by people who are considered political or ideological extremists. Hacktivists attack people or organizations that they believe are enemies to the hacktivist agenda.
Hacktivism is a term used to describe cyberattacks carried out by people who are considered political or ideological extremists. Hacktivists attack people or organizations that they believe are enemies to the hacktivist agenda.
The correct answer is: A group of environmentalists launch a denial of service attack against an oil company that is responsible for a large oil spill.
Question text
What are three methods that can be used to ensure confidentiality of information? (Choose three.)
Select one or more:
version control
backup
data encryption
username ID and password
two factor authentication
file permission settings
Feedback
Refer to curriculum topic: 1.2.1
Methods including data encryption, username ID and password, and two factor authentication can be used to help ensure confidentiality of information. File permission control, version control, and backup are methods that can be used to help ensure integrity of information.
Methods including data encryption, username ID and password, and two factor authentication can be used to help ensure confidentiality of information. File permission control, version control, and backup are methods that can be used to help ensure integrity of information.
The correct answers are: data encryption, two factor authentication, username ID and password