CHAPTER 1

1.1 Fill-in-the-Blanks

1. ________ ensures that only authorized parties can

access sensitive data.
Answer: Confidentiality
2. The process of verifying user identity is called
________.
Answer: Authentication
3. Encryption is primarily used to maintain
________ of data.
Answer: Confidentiality
4. ________ ensures that data is not altered during
transmission.
Answer: Integrity
5. The security property that ensures data is
accessible to authorized users is called ________.
Answer: Availability
6. Non-repudiation ensures that the sender cannot
deny ________ a message.
Answer: Sending
7. A ________ intruder listens to network
communication without modifying it.
Answer: Passive
8. IP spoofing involves faking the ________ IP
address in a data packet.
Answer: Source
9. The security trinity includes prevention,
________, and response.
Answer: Detection
10. A ________ is a tool that captures all network
traffic for analysis.
Answer: Packet sniffer
1.2 Fill-in-the-Blanks

1. According to the IAB, the Internet needs more and

better _______.
Answer: security
2. End-user-to-end-user traffic can be secured using
_______ and encryption mechanisms.
Answer: authentication
3. CERT reports trends in Internet-related _______.
Answer: vulnerabilities
4. _______ attacks involve creating packets with false
IP addresses.
Answer: IP spoofing
5. Over time, attacks have grown more _______ while
requiring less skill.
Answer: sophisticated
6. Increased Internet use has coincided with an increase
in _______.
Answer: attacks
7. Individual users rely on the security of _______-
based applications.
Answer: Web
8. Cryptographic algorithms ensure _______ and
authentication.
Answer: confidentiality
9. Security weaknesses in _______ systems can lead to
vulnerabilities.
Answer: operating
10. Designers must focus on vulnerabilities in Internet-
based _______ and applications.
Answer: protocols
1.3 Fill-in-the-Blanks (1.4)

1. The OSI security architecture helps assess _______

needs and evaluate security products.
Answer: security
2. Security services are designed to counter security
_______.
Answer: attacks
3. A security _______ is intended to detect, prevent, or
recover from security attacks.
Answer: mechanism
4. The OSI security architecture was developed as an
_______ standard.
Answer: international
5. Security _______ enhance the security of data
processing systems and information transfers.
Answer: services

1.3.1 Combined
Fill-in-the-Blank
Questions (All
Topics)
 1. Authorization

1. Authorization ensures that only _______ users can

access specific resources based on their roles.
Answer: authorized
2. In the context of authorization, a manager may have the
authority to _______ or delete files.
Answer: edit
3. Authorization determines what actions a user can
perform after successful _______.
Answer: authentication
4. _______ protects sensitive data by ensuring access is
limited to authorized users.
Answer: Authorization
 5. Role-based access control (RBAC) grants permissions
based on a user’s _______ in the organization.
Answer: role

 2. Cryptographic Keys

1. A _______ key uses the same key for both encryption

and decryption.
Answer: symmetric
2. In asymmetric encryption, the _______ key is used for
decryption and is kept secret.
Answer: private
3. Keys are strings of characters used in _______ algorithms
to protect information.
Answer: cryptographic
4. _______ management involves securely creating,
sharing, and storing cryptographic keys.
Answer: Key
5. A _______ virus mutates with every infection, making
detection by signature impossible.
Answer: polymorphic

 3. Viruses

1. A virus attaches itself to another program and executes

_______ when the host program runs.
Answer: secretly
2. In the propagation phase, a virus places a _______ copy
of itself into other programs.
Answer: identical
3. The _______ phase of a virus is when it becomes idle
until activated by an event.
Answer: dormant
4. Viruses often exploit _______ environments to spread
between computers.
Answer: network
5. A boot sector virus infects the master boot record or
_______ record of a disk.
Answer: boot
 4. Worms

1. A worm can replicate itself and send copies across

_______ connections.
Answer: network
2. Unlike viruses, worms actively seek out new _______ to
infect.
Answer: machines
3. Worms can use electronic mail facilities to _______
copies of themselves to other systems.
Answer: mail
4. A network worm can behave as a virus or implant
_______ programs.
Answer: Trojan horse
5. Remote login capability allows a worm to log onto a
_______ system and copy itself.
Answer: remote

 5. Trojan Horses

1. A Trojan horse contains hidden code that performs

_______ or harmful functions.
Answer: unwanted
2. Trojan horses often appear to perform a _______
function while executing malicious activities.
Answer: useful
3. A Trojan horse can be used to gain unauthorized access
to another user’s _______.
Answer: files
4. Data _______ is a common motivation for creating
Trojan horse programs.
Answer: destruction
5. A CBS executive was victimized by a Trojan horse
implanted in a _______ routine.
Answer: graphics

 6. Multilevel Model of Security

1. Multilevel security divides information into levels like

public, confidential, secret, and _______.
Answer: top secret
 2. _______ Access Control (MAC) is determined by a central
authority based on clearance levels.
Answer: Mandatory
3. Every piece of information in the multilevel model is
labeled with its security _______.
Answer: level
4. _______ ensures that no single individual has complete
control over critical processes.
Answer: Separation of duties
5. Layered defense includes physical security, network
security, and user _______.
Answer: training

 7. Legal Issues

1. GDPR is a regulation designed to protect _______ data in

the EU.
Answer: personal
2. The Computer Fraud and Abuse Act (CFAA) criminalizes
unauthorized access to _______.
Answer: computers
3. PCI DSS ensures secure _______ processing for
organizations handling cardholder data.
Answer: payment
4. Ethical hacking requires _______ permission to prevent
legal conflicts.
Answer: legal
5. Organizations may face legal penalties for failing to
comply with _______ requirements.
Answer: compliance

1.3.2 5 Fill-in-the-Blanks

1. The authentication service ensures that a

communication is _______.
Answer: authentic
2. Peer entity authentication prevents _______ or
unauthorized replay of connections.
Answer: masquerading
 3. Data confidentiality protects transmitted data
from _______ attacks.
Answer: passive
4. A connection-oriented integrity service addresses
both message stream modification and _______ of
service.
Answer: denial
5. Non-repudiation ensures that the sender or
receiver cannot _______ a transmitted message.
Answer: deny

1.3.3 5 Fill-in-the-Blanks

1. Passive attacks involve _______ without affecting

system resources.
Answer: eavesdropping
2. The release of message contents attack captures
sensitive information such as _______ or
telephone conversations.
Answer: email messages
3. Traffic analysis involves observing message
patterns, including _______ and message
frequency.
Answer: source and destination
4. In a replay attack, a captured message is _______
to produce an unauthorized effect.
Answer: retransmitted
5. A denial-of-service attack aims to disrupt or
degrade _______ of communication facilities.
Answer: normal functioning

1.3.4 Fill in the Blanks

1. A reversible encipherment mechanism is an

encryption algorithm that allows data to be encrypted
and subsequently decrypted.
2. Hash algorithms are used in irreversible
encipherment mechanisms for digital signatures and
message authentication.
 3. Digital signature provides information about the
author, date, and time of the signature.
4. Traffic padding prevents traffic analysis by
inserting extra bits into the data stream.
5. Routing control selects a secure route for data
transfer to prevent eavesdropping.

1.3.5 Fill in the Blanks

1. A trusted third party is responsible for

transmitting secret information and settling
________ regarding message authenticity.
Answer: disputes
2. In the network security model, a ________ is
established to define a route through the network.
Answer: logical information channel
3. Security-related transformations, such as
________, make messages unreadable to
unauthorized parties.
Answer: encryption
4. One of the challenges in network security is
managing ________, which involves enforcing
stronger and more secure passwords.
Answer: password policies
5. The use of ________ in a DDoS attack can
overload servers, disrupting normal operations.
Answer: unwanted traffic

1.3.6 Fill in the Blanks

1. Authorization is the process of granting specific

__________ to users or systems to access resources.
Answer: permissions
2. After successful __________, authorization
determines what actions a user can perform.
Answer: authentication
3. By defining user actions, authorization ensures users
can only perform tasks relevant to their __________.
Answer: role
 4. Authorization helps protect __________ data by
restricting access to authorized users.
Answer: sensitive
5. A __________ may view files, while a manager may
edit or delete them, based on authorization rules.
Answer: regular employee

1.3.7 Fill in the Blanks

1. Keys are used in cryptography to perform functions

such as ________, decryption, authentication, and
data integrity verification.
Answer: encryption
2. In symmetric key cryptography, the ________ key is
used for both encryption and decryption.
Answer: same
3. Asymmetric cryptography uses two keys: a
________ key for encryption and a private key for
decryption.
Answer: public
4. ________ is the process of creating, sharing, using,
storing, and deleting cryptographic keys securely.
Answer: Key management
5. The main disadvantage of symmetric key
cryptography is the need for ________ sharing
between sender and receiver.
Answer: secure key