Security Terminology Lecture 1 Quiz

Questions and Answers

What defines an attack in the context of information security?

An action of a malicious intruder exploiting system vulnerabilities (correct)

A system vulnerability waiting to be exploited

An action of a friendly intruder

A harmless action by a user

Which types of attacks are classified based on where they originate?

External and Internal attacks (correct)

Front-end and Back-end attacks

Phishing and Ransomware attacks

Structured and Unstructured attacks

What distinguishes a structured attack from an unstructured attack?

Structured attacks are carried out by individuals with experience and knowledge (correct)

Structured attacks involve a simple Google search for tools

Unstructured attacks are more complex and sophisticated

Unstructured attacks require discernible characteristics

How are external attacks defined?

Attacks from outside the trusted network

What is the role of an information security specialist in relation to attackers?

To make attackers' job difficult and provide countermeasures

Good integrity ensures that point A and point B are not who they claim to be.

False

Availability refers to the reliable and timely access of resources to unauthorized individuals.

False

An object in security terminology is an entity that contains or receives information.

True

A vulnerability is a point of strength within a system that can be exploited by attackers.

False

A threat is something that is a source of danger and can cause harm to a system.

True

Countermeasure in security refers to increasing the impact of an attack.

False

To achieve security, only a policy is needed to define what to protect.

False

Mechanisms in achieving security address how to protect data and resources.

True

Assurance in achieving security focuses on defining what needs protection.

False

An unstructured attack is typically well-organized and planned in advance.

False