1)Which network device is capable of blocking network connections that are identified as potentially malicious?

Intrusion prevention system (IPS)

Demilitarized zone (DMZ)

Web server

Intrusion detection system (IDS)

Q2: Rachel is investigating an information security incident that took place at the high school where she works. She suspects that students may have broken into the student records system and altered their grades. If correct, which one of the tenets of information security did this attack violate?

Availability

Nonrepudiation

Integrity

Confidentiality

Q3 : Kaira's company recently switched to a new calendaring system provided by a vendor. Kaira and other users connect to the system, hosted at the vendor's site, using a web browser. Which service delivery model is Kaira's company using?

Communications as a Service (CaaS)

Software as a Service (SaaS)

Platform as a Service (PaaS)

Infrastructure as a Service (IaaS)

Q4: Which of the following doesn't help support remote telework?

Video Conferencing

Collaboration

IM Chat

Internet Access

Meetings in person at work.

Q5: Which Type of Hacker has authorization to identify vulnerabilities?

Black-hat Hackers

Red-hat Hackers

White-hat Hackers

Gray-hat Hackers

Q6: What is any action that can compromise or damage an asset or system?

A Risk

A Vulnerability

A Threat

An Exploit

Q7: Which is not one of the most common information security threats?

Malicious Software

Legal and Regulatory Compliance

Internal Attackers

Natural Disasters

Industrial Espionage

Q8: Which identity theft targets a specific organization, seeking unauthorized access to confidential data?

Phishing

Masquerading

Phreaking

Spear Phishing

Q9: The formula used by security professionals to show the relationship with Risk is?

Impact = Threat + Risk / Exploit

Vulnerabilities = Threats + Risk

Threats = Risk X Vulnerabilities

Risk = Threats X Vulnerabilities

Q10: Which type of Data Center alternative site is the least expensive but takes more time to get started up?

Cold Site

Mobile Site

Warm Site

Cloud Site

Hot Site

Q11: As part of protecting assets, which of the following is not one of the four parts of access control?

Authentication

Identification

Authorization

Accountability

Confidentiality

Q12: The five types of authentication are: Action, Location, Ownership, Characteristics, and ________.

Electronic

Information

Wisdom

Knowledge

Data

Q13: Access Control is one of the most visible types of tech control. Of the different Models of Access Control, which one is maintained by the data owner?

Discretionary access Control

Non-discretionary Access Control

User Registration

Rules-based Access Control

Operating Systems

Q14: Cloud computing is the practice of using computing services that are delivered over a network. Which category of Cloud is available to unrelated organizations or even individuals?

Community Cloud

Public Cloud

Hybrid Cloud

Private Cloud

Software as a Service (SaaS)

Q15: The human element remains the greatest challenge in securing today's information systems. Which Personnel Security Principle teaches users about security objectives and the latest trends?

Limiting Access

Security Awareness

Intimidation

Security Training

Job Rotation