Chapter 1 Quiz Answers – ITC 2.12

  1. Which method is used to check the integrity of data?

    • checksum
    • backup
    • authentication
    • encryption
      Answers Explanation & Hints:

      A checksum value of a block of data is calculated and transmitted with the data. After the data is received, the checksum hashing is performed again. The calculated value is compared with the transmitted value to verify the integrity of the data.

  2. Which statement describes cyberwarfare?

    • Cyberwarfare is an attack carried out by a group of script kiddies.
    • It is Internet-based conflict that involves the penetration of information systems of other nations.
    • It is simulation software for Air Force pilots that allows them to practice under a simulated war scenario.
    • It is a series of personal protective equipment developed for soldiers involved in nuclear war.
      Answers Explanation & Hints:

      Cyberwarfare is Internet-based conflict that involves the penetration of the networks and computer systems of other nations. Organized hackers are typically involved in such an attack.

  3. What are three methods that can be used to ensure confidentiality of information? (Choose three.)

    • two factor authentication
    • version control
    • file permission settings
    • username ID and password
    • data encryption
    • backup
      Answers Explanation & Hints:

      Methods including data encryption, username ID and password, and two factor authentication can be used to help ensure confidentiality of information. File permission control, version control, and backup are methods that can be used to help ensure integrity of information.

  4. What is an example of “hacktivism”?

    • A group of environmentalists launch a denial of service attack against an oil company that is responsible for a large oil spill.
    • A teenager breaks into the web server of a local newspaper and posts a picture of a favorite cartoon character.
    • A country tries to steal defense secrets from another country by infiltrating government networks.
    • Criminals use the Internet to attempt to steal money from a banking company.
      Answers Explanation & Hints:

      Hacktivism is a term used to describe cyberattacks carried out by people who are considered political or ideological extremists. Hacktivists attack people or organizations that they believe are enemies to the hacktivist agenda.

  5. What is a reason that internal security threats might cause greater damage to an organization than external security threats?

    • Internal users can access the corporate data without authentication.
    • Internal users have better hacking skills.
    • Internal users have direct access to the infrastructure devices.
    • Internal users can access the infrastructure devices through the Internet.
      Answers Explanation & Hints:

      Internal threats have the potential to cause greater damage than external threats because internal users have direct access to the building and its infrastructure devices. Internal users may not have better hacking skills than external attackers. Both internal users and external users can access the network devices through the Internet. A well designed security implementation should require authentication before corporate data is accessed, regardless of whether the access request is from within the corporate campus or from the outside network.

  6. What is another name for confidentiality of information?

    • privacy
    • trustworthiness
    • accuracy
    • consistency
      Answers Explanation & Hints:

      Privacy is another name for confidentiality. Accuracy, consistency, and trustworthiness describe integrity of data.

  7. What is the motivation of a white hat attacker?

    • discovering weaknesses of networks and systems to improve the security level of these systems
    • fine tuning network devices to improve their performance and efficiency
    • studying operating systems of various platforms to develop a new system
    • taking advantage of any vulnerability for illegal personal gain
      Answers Explanation & Hints:

      White hat attackers break into networks or computer systems in order to discover weaknesses for the purpose of improving the security of these systems. These break-ins are done with permission from the owner or the organization. Any results are reported back to the owner or the organization.

  8. Match the type of cyber attackers to the description. (Not all options are used.)

    • make political statements, or create fear, by causing physical or psychological damage to victims → terrorists
    • gather intelligence or commit sabotage on specific goals on behalf of their government → state-sponsored attackers
    • make political statements in order to create an awareness of issues that are important to them → hacktivists
  9. What three items are components of the CIA triad? (Choose three.)

    • confidentiality
    • integrity
    • intervention
    • availability
    • access
    • scalability
      Answers Explanation & Hints:

      The CIA triad contains three components: confidentiality, integrity, and availability. It is a guideline for information security for an organization.