5/6/2020 Chapter 1 Quiz

Home / Courses / Online / School of Business, Economics and Technology / 2019 / May 04, 2020
/ BA63571G619 / Topic 1 / Chapter 1 Quiz

Started on Wednesday, May 6, 2020, 6:39 AM

State Finished
Completed on Wednesday, May 6, 2020, 6:56 AM
Time taken 17 mins 38 secs
Points 20.00/20.00
Grade 100.00 out of 100.00

Question 1

Correct

1.00 points out of 1.00

A(n) ____ is any clearly identified attack on the organization's information assets that would threaten
the assets' confidentiality, integrity, or availability.

Select one:
a. trespass

b. Trojan horse

c. risk

d. incident  Correct

https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 1/10
5/6/2020 Chapter 1 Quiz

Question 2

Correct

1.00 points out of 1.00

____ ensures that only those with the rights and privileges to access information are able to do so.

Select one:
a. Confidentiality  Correct

b. Availability

c. Integrity

d. Risk assessment

Question 3

Correct

1.00 points out of 1.00

____ hack systems to conduct terrorist activities through network or Internet pathways.

Select one:
a. Cyberterrorists  Correct

b. Script kiddies

c. Programmers

d. Social engineers

https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 2/10
5/6/2020 Chapter 1 Quiz

Question 4

Correct

1.00 points out of 1.00

Information assets have ____ when authorized users - persons or computer systems - are able to
access them in the specified format without interference or obstruction.

Select one:
a. integrity

b. availability  Correct

c. confidentiality

d. risk assessment

Question 5

Correct

1.00 points out of 1.00

Information assets have ____ when they are not exposed (while being stored, processed, or
transmitted) to corruption, damage, destruction, or other disruption of their authentic states.

Select one:
a. risk assessment

b. availability

c. integrity  Correct

d. confidentiality

https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 3/10
5/6/2020 Chapter 1 Quiz

Question 6

Correct

1.00 points out of 1.00

____ is a risk control approach that attempts to shift the risk to other assets, other processes, or other
organizations.

Select one:
a. Transference  Correct

b. Mitigation

c. Acceptance

d. Avoidance

Question 7

Correct

1.00 points out of 1.00

____ is the process of examining, documenting, and assessing the security posture of an
organization's information technology and the risks it faces.

Select one:
a. Risk identification  Correct

b. Data classification

c. Security clearance

d. DR

https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 4/10
5/6/2020 Chapter 1 Quiz

Question 8

Correct

1.00 points out of 1.00

____ is the process of moving an organization toward its vision.

Select one:
a. Security planning

b. Contingency planning

c. Strategic planning  Correct

d. Enterprise information planning

Question 9

Correct

1.00 points out of 1.00

____ is the risk control approach that attempts to reduce the impact caused by the exploitation of
vulnerability through planning and preparation.

Select one:
a. Avoidance

b. Transference

c. Acceptance

d. Mitigation  Correct

https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 5/10
5/6/2020 Chapter 1 Quiz

Question 10

Correct

1.00 points out of 1.00

____ of risk is the choice to do nothing to protect an information asset and to accept the outcome of
its potential exploitation.

Select one:
a. Inheritance

b. Acceptance  Correct

c. Avoidance

d. Mitigation

Question 11

Correct

1.00 points out of 1.00

The term ____ refers to a broad category of electronic and human activities in which an unauthorized
individual gains access to the information an organization is trying to protect.

Select one:
a. theft

b. trespass  Correct

c. polymorphism

d. denial-of-service

https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 6/10
5/6/2020 Chapter 1 Quiz

Question 12

Correct

1.00 points out of 1.00

A(n) vulnerability  is defined as a "flaw or weakness in system security

procedures, design, implementation, or internal controls that could be exercised (accidentally
triggered or intentionally exploited) and result in a security breach or violation of the system's security
policy."

Question 13

Correct

1.00 points out of 1.00

For the purpose of making relative risk assessments, we can say that
risk  equals the likelihood of a vulnerability occurring times the value
(or impact) of that asset to the organization minus the percentage of risk that is already being
controlled plus an element of uncertainty.

Question 14

Correct

1.00 points out of 1.00

Information security  is defined by the Committee on National Security Systems

(CNSS) as the protection of information and its critical elements, including the systems and hardware
that use, store, and transmit that information.

https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 7/10
5/6/2020 Chapter 1 Quiz

Question 15

Correct

1.00 points out of 1.00

Risk control  is the process of applying controls to reduce the risks to an

organization's data and information systems.

Question 16

Correct

1.00 points out of 1.00

Risk management  is the process of identifying vulnerabilities in an organization's

information systems and taking carefully reasoned steps to ensure the confidentiality, integrity, and
availability of all the components of the organization's information system.

Question 17

Correct

1.00 points out of 1.00

A Disaster Recovery Plan (DR plan) deals with identifying, classifying, responding to, and recovering
from an incident.

Select one:
True

False 

https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 8/10
5/6/2020 Chapter 1 Quiz

Question 18

Correct

1.00 points out of 1.00

An asset can be logical, such as a Web site, information, or data; or an asset can be physical, such
as a person, computer system, or other tangible object.

Select one:
True 

False

Question 19

Correct

1.00 points out of 1.00

An enterprise information security policy (EISP) addresses specific areas of technology and contains
a statement on the organization's position on each specific area.

Select one:
True

False 

Question 20

Correct

1.00 points out of 1.00

The vision of an organization is a written statement of an organization's purpose.

Select one:
True

False 

◄ Module 1 Real World Exercise Jump to...

Objectives and Introduction ►

https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 9/10
5/6/2020 Chapter 1 Quiz

Previous activity

https://cu.learninghouse.com/mod/quiz/review.php?attempt=1623873&cmid=1974039 10/10