Scribd
Upload
92 views2 pages

IAS 302 Midterm Examination

This document contains questions about information security concepts across five sections: 1. Modified true/false questions test knowledge of information assurance, security, confidentiality, integrity, availability, and different security strategies. 2. Multiple choice questions cover topics like social engineering, advanced persistent threats, insider threats, denial of service attacks, and information security tools. 3. An enumeration section asks about types of flaws, malicious code, virus qualities, and virus effects. 4. A matching section links cryptography concepts like encryption, decryption, and ciphertexts to their definitions. 5. A definition section requires explaining 5 information security technologies.

Uploaded by

RickCy Perucho Pccbsit
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
92 views2 pages

IAS 302 Midterm Examination

This document contains questions about information security concepts across five sections: 1. Modified true/false questions test knowledge of information assurance, security, confidentiality, integrity, availability, and different security strategies. 2. Multiple choice questions cover topics like social engineering, advanced persistent threats, insider threats, denial of service attacks, and information security tools. 3. An enumeration section asks about types of flaws, malicious code, virus qualities, and virus effects. 4. A matching section links cryptography concepts like encryption, decryption, and ciphertexts to their definitions. 5. A definition section requires explaining 5 information security technologies.

Uploaded by

RickCy Perucho Pccbsit
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

I. Modified True or False.

Write TRUE if the statement is correct but if it is false, change the underlined
word or group of words to make the whole statement true.
1. Information assurance is a field that safeguards the integrity of data used by individuals or
organizations.
2. Information security is the practice of preventing illicit access to private information.
3. Confidentiality means to prevent unauthorized users from accessing information to protect the
privacy of information content.
4. Integrity means to ensure the authenticity and accuracy of information
5. Availability means to ensure that authorized users can reliably access information.
6. Infrastructure security strategies protect applications and application programming interfaces (APIs).
7. Cloud security strategies protect infrastructure components, including networks, servers, client
devices, mobile devices, and data centers.
8. Application security provides security but is focused on cloud or cloud-connected components and
information.
9. Cryptography uses a practice called encryption to secure information by obscuring the contents.
10. Vulnerability Management is a set of procedures and tools that you can use to identify, investigate,
and respond to threats or damaging events.

II. Multiple Choice. Choose the letter that corresponds to the BEST answer.
11. Involves using psychology to trick users into providing information or access to attackers.
a. Social engineering attacks b. APT c. Insider threats d. Cryptojacking
12. Individuals or groups gain access to your systems and remain for an extended period.
a. DDos b. APT c. Insider threats d. Cryptojacking
13. Vulnerabilities created by individuals within your organization.
a. DDos b. Ransomware c. Insider threats d. Cryptojacking
14. Attackers abuse your system resources to mine cryptocurrency.
a. DDos b. Ransomware c. MitM d. Cryptojacking
15. Occur when attackers overload servers or resources with requests.
a. DDos b. Ransomware c. MitM d. Cryptojacking
16. Use malware to encrypt your data and hold it for ransom.
a. Insider threats b. Ransomware c. MitM d. Cryptojacking
17. Occur when communications are sent over insecure channels.
a. DDos b. APT c. MitM d. Cryptojacking
18. Layer of protection that you can apply to networks or applications
a. Firewalls b. SIEM c. DLP d. IDS
19. Enables you to ingest and correlate information from across your systems.
a. IPS b. SIEM c. DLP d. IDS
20. Incorporate tools and practices that protect data from loss or modification.
a. IPS b. UBA c. DLP d. IDS
21. Tools for monitoring incoming traffic and detecting threats.
a. EDR b. CSPM c. DLP d. IDS
22. These solutions respond to traffic that is identified as suspicious or malicious, blocking requests or
ending user sessions.
a. CSPM b. EDR c. UBA d. IPS
23. Gathers information on user activities and correlate those behaviors into a baseline.
a. CSPM b. EDR c. UBA d. IPS
24. Enables you to monitor endpoint activity, identify suspicious activity, and automatically respond to
threats.
a. CSPM b. EDR c. UBA d. IPS
25. Set of practices and technologies you can use to evaluate your cloud resources’ security.
a. CSPM b. EDR c. UBA d. IPS

III. Enumeration. List down or enumerate what are asked for each of the following.
26-31. Categories of Inadvertent Flaws
32-38. Types of Malicious Code
39-44. Qualities of a Virus Appealing to Virus Writers
44-46. Issues of Viral Residence
48-53. Virus Effect
54-58. Techniques for a safe Electronic Contact
59-62. Truths about Viruses
63-65. New Techniques Used by Virus Writers

IV. Matching Type. Find the Answer of Column A to Column B.


Column A Column B
66. considered by some to be the father of
U.S. cryptography
67. the original message A. Watermarks
68. the encrypted message B. Covert Channels
69. how the message is scrambled C. Substitution
70. how the message is unscrambled D. Transposition
71. specific method of encryption and E. Cryptographic System
decryption F. Decryption
72. rearranging elements G. Encryption
73. replacing elements H. Ciphertext
74. communication paths that were neither I. Plaintext
designed nor intended to transfer J. Thomas Jefferson
information at all
75. used to indicate ownership

V. Definition. Give 5 Information Security Technologies and define them.


76.
77.
78.
79.
80.

You might also like