Chapter 1 Test Bank

Multiple-Choice Questions

1. Which term describes any action that could damage an asset?

A. Risk
B. Countermeasure
C. Vulnerability
D. Threat

Answer: D Reference: Risks, Threats, and Vulnerabilities

Explanation: A threat is any action that could damage an asset. Information systems face
both natural and human-induced threats.

Type: Multiple Choice Difficulty: Easy Category: Remember

2. Bob recently accepted a position as the information security and compliance manager
for a medical practice. Which regulation is likely to most directly apply to Bob's
employer?

A. Federal Information Security Management Act (FISMA)

B. Health Insurance Portability and Accountability Act (HIPAA)
C. Children's Internet Protection Act (CIPA)
D. Gramm-Leach-Bliley Act (GLBA)

Answer: B Reference: U.S. Compliance Laws Drive Need for Information Systems
Security

Explanation: HIPAA requires that health care organizations have security and privacy
controls implemented to ensure patient privacy.

Type: Multiple Choice Difficulty: Medium Category: Apply

3. Rachel is investigating an information security incident that took place at the high
school where she works. She suspects that students may have broken into the student
records system and altered their grades. If correct, which one of the tenets of
information security did this attack violate?
A. Confidentiality
B. Integrity
C. Availability
D. Nonrepudiation

Answer: B Reference: Tenets of Information Systems Security

Explanation: The scenario describes a case where an unauthorized user made a change
to information stored in a protected system. The integrity tenet requires that only
authorized users have the ability to change information.

Type: Multiple Choice Difficulty: Medium Category: Apply

4. Which one of the following measures the average amount of time that it takes to
repair a system, application, or component?

A. Uptime
B. Mean time to failure (MTTF)
C. Mean time to repair (MTTR)
D. Recovery time objective (RTO)

Answer: C Reference: Availability

Explanation: MTTR is the average amount of time that it takes to repair a system,
application, or component. The goal is to bring the system back up quickly.

Type: Multiple Choice Difficulty: Medium Category: Understand

5. Juan's web server was down for an entire day last September. It experienced no other
downtime during that month. Which one of the following represents the web server
uptime for that month?

A. 96.67%
B. 3.33%
C. 99.96%
D. 0.04%

Answer: A Reference: Availability

Explanation: To calculate availability for a given month, divide the total uptime by the
total amount of time. September has 30 days, so the web server had 29 days of uptime:
29/30=0.9667 or 96.67%.

Type: Multiple Choice Difficulty: Hard Category: Apply

6. Which mitigation plan is most appropriate to limit the risk of unauthorized access to
workstations?

A. Password protection
B. Antivirus software
C. Deactivating USB ports
D. Vulnerability scanning

Answer: A Reference: Risks, Threats, and Vulnerabilities Commonly Found in the

Workstation Domain

Explanation: To mitigate the risk of unauthorized access to workstations, enable

password protection, enable automatic screen lockouts, and disable system
administration rights for end users.

Type: Multiple Choice Difficulty: Medium Category: Understand

7. Which security control is most helpful in protecting against eavesdropping on wireless

LAN (WLAN) data transmissions that would jeopardize confidentiality?

A. Securing wiring closets

B. Applying patches promptly
C. Implementing LAN configuration standards
D. Applying strong encryption

Answer: D Reference: Risks, Threats, and Vulnerabilities Commonly Found in the WAN
Domain (Internet)

Explanation: To reduce the risk of compromised confidentiality of data transmissions

over a WLAN, implement encryption between the workstation and wireless access point
(WAP).

Type: Multiple Choice Difficulty: Medium Category: Understand

8. Matthew captures traffic on his network and notices connections using ports 20, 22,
23, and 80. Which port normally hosts a protocol that uses secure, encrypted
connections?

A. 20
B. 22
C. 23
D. 80

Answer: B Reference: LAN-to-WAN Domain

Explanation: The Secure Shell (SSH) protocol uses port 22. SSH is a network protocol for
performing remote terminal access to another device. SSH encrypts data for maintaining
confidentiality of communications. Port 20 corresponds to the File Transfer Protocol
(FTP), which is a cleartext protocol. Port 23 corresponds to the Telnet protocol, which is
a cleartext protocol. Port 80 corresponds to the Hypertext Transfer Protocol (HTTP),
which is a cleartext protocol.

Type: Multiple Choice Difficulty: Hard Category: Understand

9. Which network device is capable of blocking network connections that are identified
as potentially malicious?

A. Intrusion detection system (IDS)

B. Intrusion prevention system (IPS)
C. Demilitarized zone (DMZ)
D. Web server

Answer: B Reference: LAN-to-WAN Domain Roles, Responsibilities, and Accountability

Explanation: An IPS examines Internet Protocol (IP) data streams for signs of malicious
activity and can block those streams identified as malicious. IPSs can end the actual
communication session, filter by source IP addresses, and block access to the targeted
host.

Type: Multiple Choice Difficulty: Medium Category: Understand

10. Which risk is most effectively mitigated by an upstream Internet service provider
(ISP)?

A. Distributed denial of service (DDoS)

B. Lost productivity
C. Firewall configuration error
D. Unauthorized remote access

Answer: A Reference: Risks, Threats, and Vulnerabilities Commonly Found in the LAN-to-
WAN Domain

Explanation: Upstream ISPs must participate in DDoS attack prevention and discarding of
IP packets when a stream of half-open Transmission Control Protocol (TCP) SYN packets
start to flood the ISP link.

Type: Multiple Choice Difficulty: Hard Category: Analyze

11. Beth must purchase firewalls for several network circuits used by her organization.
Which one circuit will have the highest possible network throughput?

A. DS1
B. DS3
C. OC-3
D. OC-12

Answer: D Reference: WAN Domain Roles, Responsibilities, and Accountability

Explanation: OC-12 circuits have a maximum capacity of 622 Mbps compared to 155
Mbps for OC-3, 1.544 Mbps for DS1, and 45 Mbps for DS3.

Type: Multiple Choice Difficulty: Hard Category: Apply

12. What is NOT a common endpoint for a virtual private network (VPN) connection
used for remote network access?

A. Laptop
B. Firewall
C. Router
D. Content filter
Answer: D Reference: Remote Access Domain

Explanation: VPN connections used for client access to a remote network normally have
one endpoint at a user's workstation, laptop, or mobile device and another endpoint on
a firewall or router.

Type: Multiple Choice Difficulty: Medium Category: Understand

13. Which one of the following is typically used during the identification phase of a
remote access connection?

A. Username
B. Password
C. Token
D. Fingerprint

Answer: A Reference: Risks, Threats, and Vulnerabilities Commonly Found in the

Remote Access Domain

Explanation: During the identification process, the user provides identifying information,
such as a username, logon ID, or account number.

Type: Multiple Choice Difficulty: Medium Category: Understand

14. During what phase of a remote access connection does the end user prove his or her
claim of identity?

A. Identification
B. Authentication
C. Authorization
D. Tokenization

Answer: B Reference: Risks, Threats, and Vulnerabilities Commonly Found in the Remote
Access Domain

Explanation: The authentication process proves that a remote user is who the user
claims to be. The most common authentication method is supplying a password.

Type: Multiple Choice Difficulty: Medium Category: Understand

15. Which one of the following is NOT a good technique for performing authentication of
an end user?

A. Password
B. Biometric scan
C. Identification number
D. Token

Answer: C Reference: Risks, Threats, and Vulnerabilities Commonly Found in the Remote
Access Domain

Explanation: Passwords, biometric scans, and tokens are all valid authentication
techniques. Identification numbers are not secret and are more commonly used for the
identification phase, rather than the authentication phase.

Type: Multiple Choice Difficulty: Medium Category: Understand

16. Which element of the security policy framework requires approval from upper
management and applies to the entire organization?

A. Policy
B. Standard
C. Guideline
D. Procedure

Answer: A Reference: IT Security Policy Framework

Explanation: Policies are short written statements that the people in charge of an
organization have set as a course of action or direction. A policy comes from upper
management and applies to the entire organization.

Type: Multiple Choice Difficulty: Easy Category: Remember

17. Which element of the security policy framework offers suggestions rather than
mandatory actions?

A. Policy
B. Standard
C. Guideline
D. Procedure

Answer: C Reference: IT Security Policy Framework

Explanation: Guidelines are suggested courses of action for using policies, standards,
and/or procedures. Guidelines can be specific or flexible regarding use.

Type: Multiple Choice Difficulty: Medium Category: Understand

18. Chris is writing a document that provides step-by-step instructions for end users
seeking to update the security software on their computers. Performing these updates is
mandatory. Which type of document is Chris writing?

A. Policy
B. Standard
C. Guideline
D. Procedure

Answer: D Reference: IT Security Policy Framework

Explanation: Procedures are written instructions for carrying out actions required by a
policy or standard. They may include a plan of action, installation, testing, and auditing
of security controls.

Type: Multiple Choice Difficulty: Medium Category: Understand

19. Which element of the IT security policy framework provides detailed written
definitions for hardware and software and how they are to be used?

A. Policy
B. Standard
C. Guideline
D. Procedure

Answer: B Reference: IT Security Policy Framework

Explanation: A standard is a detailed written definition for hardware and software and
how they are to be used. Standards ensure that consistent security controls are used
throughout the IT system.
Type: Multiple Choice Difficulty: Easy Category: Remember

20. Which classification level is the highest level used by the U.S. federal government?

A. Top Secret
B. Secret
C. Confidential
D. Private

Answer: A Reference: Data Classification Standards

Explanation: Top Secret is the highest classification level used by the U.S. government. It
applies to information that the classifying authority finds would cause grave damage to
national security if it were disclosed.

Type: Multiple Choice Difficulty: Easy Category: Remember

True/False Questions

1. Hypertext Transfer Protocol (HTTP) is the communications protocol between web

browsers and websites with data in cleartext.

A. True
B. False

Answer: True Reference: LAN-to-WAN Domain

Explanation:

Type: True/False

2. The weakest link in the security of an IT infrastructure is the server.

A. True
B. False

Answer: B Reference: Weakest Link in the Security of an IT Infrastructure

Explanation: The weakest link in the security of an IT infrastructure is the user.

Type: True/False

3. Organizations should start defining their IT security policy framework by defining an

asset classification policy.

A. True
B. False

Answer: A Reference: Data Classification Standards

Explanation:

Type: True/False

4. The director of IT security is generally in charge of ensuring that the Workstation

Domain conforms to policy.

A. True
B. False

Answer: A Reference: Workstation Domain Roles, Responsibilities, and Accountability

Explanation:

Type: True/False

5. The Sarbanes-Oxley (SOX) Act requires all types of financial institutions to protect
customers' private financial information.

A. True
B. False

Answer: B Reference: U.S. Compliance Laws Drive Need for Information Systems
Security
Explanation: The Gramm-Leach-Bliley Act (GLBA) requires all types of financial
institutions to protect customers' private financial information. SOX requires publicly
traded companies to submit accurate and reliable financial reporting.

Type: True/False

6. Access control lists (ACLs) are used to permit and deny traffic in an IP router.

A. True
B. False

Answer: A Reference: LAN-to-WAN Domain Roles, Responsibilities, and Accountability

Explanation:

Type: True/False

7. Service-level agreements (SLAs) are optical backbone trunks for private optical
backbone networks.

A. True
B. False

Answer: B Reference: WAN Domain

Explanation: Nationwide optical backbones are optical backbone trunks for private
optical backbone networks.

Type: True/False

8. Networks, routers, and equipment require continuous monitoring and management

to keep wide area network (WAN) service available.

A. True
B. False

Answer: A Reference: WAN Domain

Explanation:

Type: True/False

9. A VPN router is a security appliance that is used to filter IP packets.

A. True
B. False

Answer: B Reference: WAN Domain Roles, Responsibilities, and Accountability

Explanation: An Internet Protocol (IP) stateful firewall is a security appliance that is used
to filter IP packets and block unwanted IP, Transmission Control Protocol (TCP), and User
Datagram Protocol (UDP) packet types from entering or leaving the network.

Type: True/False

10. Simple Network Management Protocol (SNMP) is used for network device
monitoring, alarm, and performance.

A. True
B. False

Answer: A Reference: WAN Domain Roles, Responsibilities, and Accountability

Explanation:

Type: True/False

11. The most critical aspect of a WAN services contract is how the service provider
supplies troubleshooting, network management, and security management services.

A. True
B. False

Answer: A Reference: Risks, Threats, and Vulnerabilities Commonly Found in the WAN
Domain (Internet)
Explanation:

Type: True/False

12. A IT security policy framework is like an outline that identifies where security
controls should be used.

A. True
B. False

Answer: A Reference: Confidentiality

Explanation:

Type: True/False

13. Hypertext Transfer Protocol (HTTP) encrypts data transfers between secure browsers
and secure web pages.

A. True
B. False

Answer: B Reference: Remote Access Domain Roles, Responsibilities, and Accountability

Explanation: Hypertext Transfer Protocol Secure (HTTPS) encrypts data transfers

between secure browsers and secure web pages. HTTP is the communications protocol
between web browsers and websites with data in cleartext.

Type: True/False

14. Cryptography is the process of transforming data from cleartext into ciphertext.

A. True
B. False

Answer: B Reference: Confidentiality

Explanation: Cryptography is the practice of hiding data and keeping it away from
unauthorized users. Encryption is the process of transforming data from cleartext into
ciphertext.

Type: True/False

15. Authorization is the process of granting rights to use an organization's IT assets,

systems, applications, and data to a specific user.

A. True
B. False

Answer: A Reference: Risks, Threats, and Vulnerabilities Commonly Found in the

Remote Access Domain

Explanation:

Type: True/False

16. The System/Application Domain holds all the mission-critical systems, applications,
and data.

A. True
B. False

Answer: A Reference: System/Application Domain

Explanation:

Type: True/False

17. In the Remote Access Domain, if private data or confidential data is compromised
remotely, you should set automatic blocking for attempted logon retries.

A. True
B. False

Answer: B Reference: Risks, Threats, and Vulnerabilities Commonly Found in the Remote
Access Domain

Explanation: In the Remote Access Domain, if private data or confidential data is

compromised remotely, you should encrypt all private data within the database or hard
drive.

Type: True/False

18. Encrypting the data within databases and storage devices gives an added layer of
security.

A. True
B. False

Answer: A Reference: System/Application Domain

Explanation:

Type: True/False

19. The asset protection policy defines an organization's data classification standard.

A. True
B. False

Answer: B Reference: Foundational IT Security Policies

Explanation: The asset protection policy helps organizations define a priority for mission-
critical IT systems and data. The asset classification policy defines an organization's data
classification standard.

Type: True/False

20. For businesses and organizations under recent compliance laws, data classification
standards typically include private, confidential, internal use only, and public domain
categories.

A. True
B. False
Answer: A Reference: Data Classification Standards

Explanation:

Type: True/False

True/False Question Stats

Total True/False Questions: 20

Multiple-Choice Question Stats

Total Multiple-Choice Questions: 20

Category Stats
Analyze: 1
Apply: 4
Evaluate: 0
Remember: 4
Understand: 11

Difficulty Stats
Easy: 4 Medium: 12 Hard: 4

Total Questions in Test Bank: 40