Security in Information Systems Practice Questions
Course Introduction
This course explores the principles and practices of securing information systems in modern organizations. Students will examine concepts such as risk management, threat modeling, cryptography, and access control as they apply to the protection of digital assets. The course covers security policies, methods for mitigating cyberattacks, and the legal and ethical considerations associated with information security. Through practical case studies and hands-on activities, participants will develop the skills needed to identify vulnerabilities, implement security measures, and maintain compliance with industry standards in dynamic technological environments.
Recommended Textbook
Corporate Computer Security 4th Edition by Randy J. Boyle
Available Study Resources on Quizplus
11 Chapters
1198 Verified Questions
1198 Flashcards
Source URL: https://quizplus.com/study-set/1400
Page 2
Chapter 1: The Threat Environment
Available Study Resources on Quizplus for this Chatper
103 Verified Questions
103 Flashcards
Source URL: https://quizplus.com/quiz/27878
Sample Questions
Q1) Someone sends you a "game." When you run it, it logs you into an IRS server. This is hacking.
A)True
B)False
Answer: False
Q2) Employees are very dangerous because they ________.
A) often have access to sensitive parts of the system
B) are trusted by companies
C) Both A and B
D) Neither A nor B
Answer: C
Q3) ________ threaten to do at least temporary harm to the victim company's IT infrastructure unless the victim pays the attacker.
A) Extortionists
B) Fraudsters
C) Bluffers
D) DoSers
Answer: A
To view all questions and flashcards with answers, click on the resource link above. Page 3
Chapter 2: Planning and Policy
Available Study Resources on Quizplus for this Chatper
124 Verified Questions
124 Flashcards
Source URL: https://quizplus.com/quiz/27880
Sample Questions
Q1) This book focuses on ________.
A) offense
B) defense
C) offense and defense about equally
D) None of the above
Answer: B
Q2) When companies studied where they stored private information, they found that much of this information was stored inside spreadsheets and word processing documents.
A)True
B)False
Answer: True
Q3) A technical security architecture should be created ________.
A) annually
B) before a firm creates individual countermeasures
C) before a firm creates a specific countermeasure
D) after each major compromise
Answer: B
To view all questions and flashcards with answers, click on the resource link above. Page 4
Chapter 3: Cryptography
Available Study Resources on Quizplus for this Chatper
122 Verified Questions
122 Flashcards
Source URL: https://quizplus.com/quiz/27881
Sample Questions
Q1) Quantum key distribution ________.
A) is a way to deliver enormously long keys to communication partners
B) creates a major threat to many traditional cryptographic methods
C) Both A and B
D) Neither A nor B
Answer: A
Q2) When a hashing algorithm is applied, the hash will ALWAYS have a fixed length.
A)True
B)False
Answer: True
Q3) To ensure that a digital certificate is valid, the receiver of the certificate must check
A) the digital signature
B) the valid period
C) whether the certificate has been revoked
D) All of the above.
Answer: D
To view all questions and flashcards with answers, click on the resource link above. Page 5
Chapter 4: Secure Networks
Available Study Resources on Quizplus for this Chatper
119 Verified Questions
119 Flashcards
Source URL: https://quizplus.com/quiz/27882
Sample Questions
Q1) An EAP message begins with an ________ message.
A) EAP request
B) EAP accept
C) EAP start
D) EAP response
Q2) Traditionally, Ethernet LANs offered no access security.
A)True
B)False
Q3) A ________ is an older attack that uses an illegally large IP packet to crash an operating system.
A) smurf flood
B) P2P redirect
C) ping of death
D) None of the above
Q4) ________ are an additional layer of compromised hosts that are used to manage large groups of bots.
A) Botnets
B) Handlers
C) Phatbots
D) None of the above
To view all questions and flashcards with answers, click on the resource link above. Page 6
Chapter 5: Access Control
Available Study Resources on Quizplus for this Chatper
124 Verified Questions
124 Flashcards
Source URL: https://quizplus.com/quiz/27883
Sample Questions
Q1) A ________ is a small device that plugs into a standard computer port to identify the owner.
A) one-time-password token
B) USB token
C) magnetic stripe card
D) smart card
Q2) A firm can be its own certificate authority for internal users.
A)True
B)False
Q3) Verification is the process where the verifier determines the identity of the supplicant.
A)True
B)False
Q4) If a laptop needs to be taken off premises, ________.
A) it should first be logged out.
B) it should be logged in when returned
C) all sensitive information should be removed
D) All of the above
To view all questions and flashcards with answers, click on the resource link above. Page 7
Chapter 6: Firewalls
Available Study Resources on Quizplus for this Chatper
100 Verified Questions
100 Flashcards
Source URL: https://quizplus.com/quiz/27884
Sample Questions
Q1) NAT is able to stop ________.
A) scanning probes
B) sniffers from learning anything about the internal IP address of internal hosts
C) Both A and B
D) Neither A nor B
Q2) Almost all main border firewalls use ________ filtering as their primary filtering mechanism.
A) unified threat management
B) application proxy
C) static packet filtering
D) None of the above
Q3) Zero-day attacks might be stopped by ________ detection.
A) signature
B) anomaly
C) Both A and B
D) Neither A nor B
Q4) Firewall appliances need little or no hardening before they are installed.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 8
Chapter 7: Host Hardening
Available Study Resources on Quizplus for this Chatper
100 Verified Questions
100 Flashcards
Source URL: https://quizplus.com/quiz/27885
Sample Questions
Q1) MMCs are administrative used to manage ________ servers.
A) Apple
B) Microsoft
C) UNIX
D) All of the above
Q2) Computer recover software reports its ________ to a recovery company that works with local police to recover the notebook.
A) physical location
B) logical location
C) IP address
D) None of the above.
Q3) The super user account has ________ control over the computer.
A) total or nearly total
B) substantial but not nearly total
C) little
D) no
Q4) Attackers frequently create exploits within hours or days after a fix is released by a vendor.
A)True
B)False
Page 9
To view all questions and flashcards with answers, click on the resource link above.
Chapter 8: Application Security
Available Study Resources on Quizplus for this Chatper
100 Verified Questions
100 Flashcards
Source URL: https://quizplus.com/quiz/27886
Sample Questions
Q1) Overall for firms, which is more time consuming to patch?
A) Applications
B) Operating systems
C) Both are about equally time consuming to patch
D) None of the above
Q2) Blind SQL injection uses a series of SQL statements that produce different responses based on true/false questions, or timed responses.
A)True
B)False
Q3) In VoIP, encryption may ________.
A) reduce throughput
B) increase jitter
C) increase latency
D) make traffic unreadable
Q4) PKI uses circles of trust.
A)True
B)False
Q5) Cookies can used to track users at a website.
A)True
B)False
Page 10
To view all questions and flashcards with answers, click on the resource link above.
Chapter 9: Data Protection
Available Study Resources on Quizplus for this Chatper
108 Verified Questions
108 Flashcards
Source URL: https://quizplus.com/quiz/27887
Sample Questions
Q1) The most common form of deletion in Windows-based systems is nominal deletion.
A)True
B)False
Q2) After wiping/clearing, data is ________.
A) recoverable
B) reusable
C) Both A and B
D) Neither A nor B
Q3) Wiping/clearing is the best approach to destroying media.
A)True
B)False
Q4) DRM restricts what people can do with sensitive material.
A)True
B)False
Q5) Most databases are relational databases.
A)True
B)False
Q6) Wiped data can be read.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 11
Chapter 10: Incident and Disaster Response
Available Study Resources on Quizplus for this Chatper
107 Verified Questions
107 Flashcards
Source URL: https://quizplus.com/quiz/27879
Sample Questions
Q1) ________ investigate(s) most violations of local and state computer laws.
A) Local police
B) The FBI
C) Both A and B
D) Neither A nor B
Q2) A major security incident is generally handled by the ________.
A) IT disaster response team
B) business continuity team
C) CSIRT
D) All of the above
Q3) An IDS is a ________ control.
A) preventative
B) detective
C) restorative
D) All of the above
Q4) Plaintiffs initiate legal proceedings in ________ cases.
A) civil
B) criminal
C) Both A and B
D) Neither A nor B
Page 12
To view all questions and flashcards with answers, click on the resource link above.
Chapter 11: Module A: Networking Concepts
Available Study Resources on Quizplus for this Chatper
91 Verified Questions
91 Flashcards
Source URL: https://quizplus.com/quiz/27888
Sample Questions
Q1) A ________ server gives an original host the IP address of another host to which the original host wishes to send packets.
A) DHCP
B) DNS
C) Both A and B
D) Neither A nor B
Q2) TCP has a comprehensive security protocol comparable to IPsec for IP.
A)True
B)False
Q3) A network that runs on the customer premises is a ________.
A) LAN
B) WAN
C) Both A and B
D) Neither A nor B
Q4) IP addresses are 32 octets long.
A)True
B)False
Q5) There usually are two protocols for each application.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 13