Question#1 A metamorphic virus differs from a polymorphic virus because it _____ at each iteration. a) rewrites itself completely ✅ - Answer b) copies other code signatures c) stays hidden in boot record d) removes itself after infection Question#2 The core model guiding information security policy is known as the _____ triad. a) CIA ✅ - Answer b) OSI c) VPN d) SSL Question#3 A clandestine user can be either an insider or outsider and seizes _____ control. a) supervisory ✅ - Answer b) admin c) network d) physical Question#4 In the OSI security architecture, the process designed to detect, prevent or recover from a security attack is called a _____ a) security mechanism ✅ - Answer b) security protocol c) security policy d) security audit boot Question#5 A _____ is the marking bound to a resource to designate its security attributes. a) security label ✅ - Answer b) digital signature c) event detection d) notarization token Question#6 If only authorized entities can access sensitive data, the security pillar satisfied is _____. a) confidentiality ✅ - Answer b) integrity c) availability d) authenticity Question#7 A replay attack involves the capture and subsequent _____ of a data unit. a) retransmission ✅ - Answer b) modification c) deletion d) compression Question#8 Traffic padding is a security mechanism that adds bits to data streams to prevent _____. a) traffic analysis ✅ - Answer b) packet loss c) malware injection d) routing errors Question#9 A virus infected executable file that is a replica of the existing program is known as a _____ virus. a) parasitic ✅ - Answer b) boot sector c) stealth d) memory-resident Question#10 The assurance that the communicating entity is who it claims to be is called _____. a) authentication ✅ - Answer b) confidentiality c) availability d) access control Question#11 The insertion of unauthorized messages and altering message content is known as _____. a) modification of messages ✅ - Answer b) traffic analysis c) encipherment d) routing control Question#12 A _____ attack tries to inhibit the normal use or management of network services. a) denial of service ✅ - Answer b) masquerade c) passive eavesdropping d) polymorphic virus Question#13 The mechanism that allows for selection of secure data transmission routes is called _____. a) routing control ✅ - Answer b) data integrity c) authentication exchange d) virtual pathing Question#14 In the event of a detected security incident, a system’s _____ handles and recovers from it. a) security recovery ✅ - Answer b) message digest c) signature revoke d) penetration test Question#15 A security service protecting against denial of participation in communication is _____. a) non-repudiation ✅ - Answer b) encryption c) integrity d) network isolation Question#16 _____ viruses reside in the main memory and infect every program executed. a) Memory-resident ✅ - Answer b) Parasitic c) Stealth d) Polymorphic Question#17 A masquerader is most likely _____ who has penetrated system access controls. a) an outsider ✅ - Answer b) an administrator c) a system root process d) a company executive Question#18 If system resources are not available to legitimate users due to an attack, _____ is lost. a) availability ✅ - Answer b) integrity c) confidentiality d) authentication Question#19 _____ attacks do not affect system resources but aim to learn information in transit. a) Passive ✅ - Answer b) Active c) Boot sector d) Internal Question#20 To verify if a website is authentic, one should rely on _____. a) digital certificates from CAs ✅ - Answer b) unsigned applications c) network sniffing d) boot sector codes