Quiz 1 - Keamanan SiSTEM Informasi
- 1.
Perusahaan XYZ mewajibkan semua karyawannya untuk mengganti password mereka minimal sebulan sekali. Tindakan ini berguna untuk meningkatkan unsur …. pada sistem.
- A.
Confidentiality
- B.
Integrity
- C.
Availability
- D.
Pilihan (a) dan (c) benar
Correct Answer
A. ConfidentialityExplanation
The correct answer is confidentiality. Requiring employees to change their passwords regularly helps to maintain the confidentiality of the system. By changing passwords frequently, the risk of unauthorized access or data breaches is reduced, as it becomes more difficult for individuals to guess or obtain others' passwords. This measure ensures that sensitive information remains confidential and protected from unauthorized disclosure.Rate this question:
-
- 2.
Metode serangan email-bombing dilakukan dengan cara mengirimkan sejumlah besar email ke alamat email korban sehingga server emailnya menjadi lumpuh. Tujuan dari tindakan ini adalah menurunkan unsur …. dari korban.
- A.
Confidentiality
- B.
Integrity
- C.
Availability
- D.
Pilihan (a) dan (b) benar
Correct Answer
C. AvailabilityExplanation
The correct answer is "Availability". Email-bombing is a method of attack where a large number of emails are sent to the victim's email address, causing their email server to become overwhelmed and unavailable. The objective of this action is to disrupt the availability of the victim's email service.Rate this question:
-
- 3.
Melakukan enkripsi pada email serta melengkapinya dengan digital signature sebelum dikirimkan merupakan tindakan keamanan yang bertujuan untuk meningkatkan unsur:
- A.
Confidentiality
- B.
Integrity
- C.
Availability
- D.
Pilihan (a) dan (b) benar
Correct Answer
D. Pilihan (a) dan (b) benarExplanation
Melakukan enkripsi pada email serta melengkapinya dengan digital signature sebelum dikirimkan bertujuan untuk meningkatkan unsur kerahasiaan (confidentiality) dan integritas (integrity) dari email tersebut. Enkripsi akan mengamankan konten email agar tidak dapat diakses oleh pihak yang tidak berwenang, sementara digital signature akan memastikan bahwa email tersebut tidak diubah atau dimanipulasi selama proses pengiriman.Rate this question:
-
- 4.
Alex menerima sebuah sms tipuan yang nampaknya berasal dari sebuah perusahaan layanan komunikasi selular dan berisi pemberitahuan bahwa ia menjadi pemenang sebuah sayembara. Teknik ini termasuk ancaman keamanan unsur ….
- A.
Confidentiality
- B.
Integrity
- C.
Availability
- D.
Pilihan (a) dan (b) benar
Correct Answer
B. IntegrityExplanation
The correct answer is integrity. In this scenario, Alex received a deceptive SMS claiming that he won a contest from a cellular communication company. This technique involves a threat to the integrity of the information, as the message is designed to deceive and manipulate Alex.Rate this question:
-
- 5.
Agus mencuri account internet-banking milik Alex dan menggunakannya untuk mentransfer sejumlah uang ke rekeningnya sendiri. Tindakan ini adalah kombinasi ancaman keamanan terhadap unsur ….
- A.
Confidentiality dan Integrity
- B.
Integrity dan Availability
- C.
Availability dan Confidentiality
- D.
Semua unsur dalam CIA
Correct Answer
A. Confidentiality dan IntegrityExplanation
The action of Agus stealing Alex's internet banking account and using it to transfer money to his own account is a violation of both confidentiality and integrity. Confidentiality is compromised because Agus gains unauthorized access to Alex's account, which should be kept private and confidential. Integrity is compromised because Agus manipulates the account by transferring money without Alex's consent, thus altering the integrity of the account's transactions.Rate this question:
-
- 6.
Selain memiliki kartu ATM, seorang nasabah harus memasukkan nomor pin yang benar untuk bisa mengambil uang dari mesin ATM. Penggunaan pin seperti ini adalah salah satu contoh metode:
- A.
Identification
- B.
Authentication
- C.
Authorization
- D.
Accountability
Correct Answer
B. AuthenticationExplanation
Authentication is the correct answer because it refers to the process of verifying the identity of a user or entity. In this scenario, the customer needs to enter the correct PIN in order to access their account and withdraw money from the ATM. This verifies that they are the authorized user of the account.Rate this question:
-
- 7.
Setelah user sukses melewati tahapan login, sistem operasi akan menerapkan batasan-batasan keamanan terhadap user sesuai dengan skema keamanan dari user tersebut. Metode ini termasuk kategori:
- A.
Identification
- B.
Authentication
- C.
Authorization
- D.
Accountability
Correct Answer
C. AuthorizationExplanation
Setelah user berhasil melewati tahapan login, sistem operasi akan menerapkan batasan-batasan keamanan terhadap user sesuai dengan skema keamanan dari user tersebut. Metode ini disebut authorization, yang berarti memberikan izin atau hak akses kepada user untuk mengakses sumber daya atau melakukan tindakan tertentu dalam sistem. Dengan menggunakan metode authorization, sistem dapat memastikan bahwa user hanya dapat melakukan tindakan yang diizinkan dan tidak dapat mengakses atau melakukan tindakan yang tidak diizinkan.Rate this question:
-
- 8.
Jack ditangkap polisi dengan tuduhan melakukan pembobolan server di perusahaan tempatnya bekerja. Tuduhan tersebut dibuktikan oleh sistem log yang mencatat secara detil kegiatan peretasannya itu. Kasus ini membuktikan bahwa aspek ….. dari proteksi keamanan sistem perusahaan tersebut sudah cukup baik.
- A.
Identification
- B.
Authentication
- C.
Authorization
- D.
Accountability
Correct Answer
D. AccountabilityExplanation
The case of Jack being caught and proven guilty of hacking the company's server through detailed log records demonstrates that the aspect of accountability in the security system of the company is sufficient. Accountability refers to the ability to trace and attribute actions to individuals, ensuring that they can be held responsible for their actions. In this case, the system's ability to record and provide evidence of Jack's hacking activities highlights the effectiveness of the accountability aspect of the security system.Rate this question:
-
- 9.
Donny mengamati lalu lintas data jaringan dari dan ke komputer Lisa dengan tujuan mendapatkan password email milik Lisa. Tindakan ini adalah threat keamanan yang termasuk kategori:
- A.
Disclosure
- B.
Deception
- C.
Disruption
- D.
Usurpation
Correct Answer
A. DisclosureExplanation
Donny's action of observing network traffic to obtain Lisa's email password is considered a threat to security because it involves the unauthorized disclosure of sensitive information. By monitoring the data traffic, Donny is accessing confidential information without permission, which can lead to potential breaches and compromise Lisa's privacy and security.Rate this question:
-
- 10.
Sebuah program trojan-horse yang sangat berbahaya disamarkan dalam sebuah game yang menarik dan dapat didownload secara gratis dari internet. Teknik ini adalah threat keamanan yang termasuk kategori:
- A.
Disclosure
- B.
Deception
- C.
Disruption
- D.
Usurpation
Correct Answer
B. DeceptionExplanation
The correct answer is Deception. In this scenario, the trojan-horse program is disguised as an attractive and free game, tricking users into downloading it without being aware of its malicious intent. Deception involves misleading or tricking individuals into believing something false or misleading, which is exactly what is happening in this situation.Rate this question:
-
- 11.
Jenis program berbahaya (malicious software) yang memiliki kemampuan menyembunyikan keberadaannya dalam sistem operasi sehingga pengguna tidak menyadari bahwa komputernya berada dalam bahaya, disebut:
- A.
Virus
- B.
Shareware
- C.
Spyware
- D.
Rootkit
Correct Answer
D. RootkitExplanation
A rootkit is a type of malicious software that is designed to hide its presence within the operating system, making it difficult for users to detect that their computer is at risk. Unlike viruses, shareware, and spyware, which may be more easily detected and removed, a rootkit can remain hidden and continue to perform unauthorized actions on the computer without the user's knowledge. This makes rootkits particularly dangerous as they can be used to gain unauthorized access to sensitive information or control over the compromised system.Rate this question:
-
- 12.
Pernyataan-pernyataan di bawah ini adalah contoh dari security mechanism, kecuali:
- A.
Semua proses login harus dicatat dalam log file
- B.
Sebuah firewall menghalangi akses dari luar jaringan
- C.
Biometrik authentication memberi layanan login yang lebih aman
- D.
Sistem PKI menjamin email terkirim dalam format terenkripsi.
Correct Answer
A. Semua proses login harus dicatat dalam log fileExplanation
The statement "Semua proses login harus dicatat dalam log file" is not an example of a security mechanism. While logging login processes can be a security measure, it is not a security mechanism in itself. Security mechanisms refer to specific tools or techniques that are implemented to protect against threats or unauthorized access. Examples of security mechanisms in the given options include firewall, biometric authentication, and PKI encryption.Rate this question:
-
- 13.
Security mechanism yang digunakan untuk menghindari ancaman network sniffing adalah:
- A.
Password
- B.
Antivirus
- C.
Encryption
- D.
Digital signature
Correct Answer
C. EncryptionExplanation
Encryption adalah mekanisme keamanan yang digunakan untuk menghindari ancaman network sniffing. Dengan menggunakan enkripsi, data yang dikirimkan melalui jaringan akan diubah menjadi bentuk yang tidak dapat dibaca oleh pihak yang tidak berwenang. Hal ini membuat sulit bagi penyerang untuk mendapatkan informasi sensitif yang dikirimkan melalui jaringan. Sehingga, penggunaan enkripsi dapat memberikan perlindungan tambahan terhadap ancaman network sniffing.Rate this question:
-
- 14.
Security mechanism yang digunakan untuk menghindari penerimaan email palsu adalah:
- A.
Password
- B.
Antivirus
- C.
Encryption
- D.
Digital signature
Correct Answer
D. Digital signatureExplanation
Digital signature is a security mechanism used to avoid the acceptance of fake emails. It ensures the authenticity and integrity of the email by using cryptographic algorithms. A digital signature is created using the sender's private key, and it can be verified using the sender's public key. This ensures that the email has not been tampered with during transmission and that it has indeed been sent by the claimed sender. Digital signatures provide a higher level of security compared to passwords, antivirus, or encryption alone.Rate this question:
-
- 15.
Sebuah security policy menyatakan bahwa folder penyimpanan file harus dalam status read-only. Security mechanism yang memastikan policy ini dilaksanakan adalah:
- A.
File permission system
- B.
Folder backup system
- C.
File encryption application
- D.
Automatic antivirus update
Correct Answer
A. File permission systemExplanation
The correct answer is "File permission system." A file permission system allows the administrator to set specific permissions for each user or group, determining who can read, write, or execute files within a folder. By setting the folder containing the storage files to read-only status, the security policy is enforced, preventing unauthorized modifications to the files. Folder backup system, file encryption application, and automatic antivirus update are not directly related to enforcing read-only status on a folder.Rate this question:
-
- 16.
Membuat backup isi harddisk secara berkala merupakan tindakan keamanan yang masuk dalam kategori:
- A.
Prevention
- B.
Detection
- C.
Recovery
- D.
Immunization
Correct Answer
A. PreventionExplanation
Membuat backup isi harddisk secara berkala merupakan tindakan pencegahan untuk mengamankan data. Dengan melakukan backup secara teratur, kita dapat mencegah kehilangan data yang tidak tergantikan akibat kegagalan sistem atau serangan malware. Dengan memiliki salinan data yang aman, kita dapat mengembalikan data yang hilang dengan mudah dan mengurangi dampak dari kejadian yang tidak diinginkan. Oleh karena itu, membuat backup isi harddisk secara berkala termasuk dalam kategori pencegahan.Rate this question:
-
- 17.
Mengupdate program Antivirus secara berkala merupakan tindakan keamanan yang masuk dalam kategori:
- A.
Prevention
- B.
Detection
- C.
Recovery
- D.
Immunization
Correct Answer
A. PreventionExplanation
Updating antivirus programs regularly is considered a preventive measure for security. By regularly updating the antivirus program, it ensures that it has the latest virus definitions and security patches, enabling it to detect and prevent new threats effectively. This helps in safeguarding the system from potential malware and viruses, reducing the risk of infections and potential damage to the system.Rate this question:
-
- 18.
Mengaktifkan sistem log dalam sistem operasi merupakan tindakan keamanan yang masuk dalam kategori:
- A.
Prevention
- B.
Detection
- C.
Recovery
- D.
Immunization
Correct Answer
B. DetectionExplanation
Activating system logs in an operating system is an action taken to monitor and record activities within the system. By enabling system logs, any suspicious or unauthorized activities can be detected and investigated. This helps in identifying potential security breaches or threats in real-time, allowing for timely response and mitigation. Therefore, activating system logs falls under the category of detection, as it helps in identifying and detecting security incidents or breaches.Rate this question:
-
- 19.
Berikut ini merupakan asumsi-asumsi yang harus dibuat dalam menyusun sebuah sistem keamanan, kecuali:
- A.
Policy-nya benar
- B.
Tidak ada policy yang ambiguous
- C.
Mechanism mampu menegakkan policy
- D.
Policy mampu menegakkan mechanism
Correct Answer
D. Policy mampu menegakkan mechanismExplanation
The correct answer is "Policy mampu menegakkan mechanism." This statement suggests that the policy is capable of enforcing the mechanism. However, in order for a system to be secure, it is important that the mechanism is able to enforce the policy, not the other way around. The mechanism should have the necessary tools and controls to ensure that the policy is implemented and followed effectively.Rate this question:
-
- 20.
Elemen keamanan sistem informasi yang diukur dengan menggunakan assurance mechanism adalah:
- A.
Trust
- B.
Policy
- C.
Mechanisme
- D.
Ambiguity
Correct Answer
A. TrustExplanation
The correct answer is "Trust". Assurance mechanisms are used to measure the security of information systems, and trust is an important element in ensuring the security of these systems. Trust refers to the confidence or belief that users have in the system's ability to protect their information and perform as expected. By measuring trust through assurance mechanisms, organizations can assess the effectiveness of security measures and identify any weaknesses or vulnerabilities in the system.Rate this question:
-
- 21.
Peralatan server jaringan merupakan jenis resource yang perlu dilindungi dan termasuk dalam kategori:
- A.
Physical resource
- B.
Logical resource
- C.
Digital resource
- D.
Intellectual resource
Correct Answer
A. pHysical resourceExplanation
Peralatan server jaringan merupakan jenis resource yang perlu dilindungi karena merupakan perangkat keras fisik yang digunakan untuk menjalankan dan mengelola jaringan. Peralatan server jaringan seperti server, switch, router, dan firewall memiliki nilai yang tinggi dan penting dalam menjaga keamanan dan ketersediaan jaringan. Oleh karena itu, peralatan server jaringan termasuk dalam kategori physical resource yang membutuhkan perlindungan fisik agar tidak rusak atau diakses oleh pihak yang tidak berwenang.Rate this question:
-
- 22.
Informasi nomor pin sebuah kartu ATM merupakan jenis resource yang perlu dilindungi dan termasuk dalam kategori:
- A.
Physical resource
- B.
Logical resource
- C.
Digital resource
- D.
Intellectual resource
Correct Answer
B. Logical resourceExplanation
The correct answer is logical resource because the information of an ATM card's PIN is not a physical object that can be physically protected, but rather a piece of data that needs to be safeguarded through logical means such as encryption, access controls, and secure storage.Rate this question:
-
- 23.
Sistem operasi merupakan jenis resource yang perlu dilindungi dan termasuk dalam kategori:
- A.
Physical resource
- B.
Logical resource
- C.
Digital resource
- D.
Intellectual resource
Correct Answer
C. Digital resourceExplanation
The correct answer is digital resource because operating systems are software programs that manage computer hardware and software resources. They provide a digital environment for users to interact with and control the computer system. Operating systems are stored and accessed digitally, making them a type of digital resource that needs to be protected.Rate this question:
-
- 24.
Salah satu tindakan yang dilakukan oleh Kendali Akses Sistem untuk mendorong user dalam menjaga keamanan sistemnya sendiri adalah:
- A.
Menganjurkan updating antivirus setiap kali user terkoneksi dengan internet
- B.
Menampilkan isian userid dan password setiap kali komputer diaktifkan
- C.
Mencatat setiap event yang dilakukan oleh user
- D.
Menganalisa semua trafik jaringan yang keluar-masuk ke dalam sistem
Correct Answer
A. Menganjurkan updating antivirus setiap kali user terkoneksi dengan internetExplanation
One of the actions taken by System Access Control to encourage users to maintain the security of their system is by recommending updating antivirus every time the user is connected to the internet. This is because antivirus software helps to detect and remove any potential threats or malware that may enter the system through internet connections. Regularly updating the antivirus ensures that it has the latest virus definitions and security patches, providing better protection against new and emerging threats.Rate this question:
-
- 25.
Elemen dalam ACM (Access Control Matrix) yang mengkaitkan antara objek dan subjek adalah:
- A.
User
- B.
Group
- C.
Hak
- D.
Link
Correct Answer
C. HakExplanation
The correct answer is "Hak" because in an Access Control Matrix (ACM), "Hak" refers to the permissions or rights that are associated with both objects and subjects. These permissions determine what actions or operations a subject can perform on an object. Therefore, "Hak" is the element in the ACM that links objects and subjects by specifying the access rights or permissions.Rate this question:
-
- 26.
Jenis permission yang tidak termasuk dalam File System Object Permission dari POSIX adalah:
- A.
Read
- B.
Write
- C.
Copy
- D.
Execute
Correct Answer
C. CopyExplanation
The correct answer is "Copy" because file system object permissions in POSIX do not include a specific permission for copying files. The Read permission allows a user to view the contents of a file, the Write permission allows a user to modify the contents of a file, and the Execute permission allows a user to run executable files. However, there is no specific permission for copying files in POSIX.Rate this question:
-
- 27.
Pengelompokan user yang tidak termasuk dalam File System Object Permission dari POSIX adalah:
- A.
Owner
- B.
Group
- C.
Admin
- D.
Other
Correct Answer
C. AdminExplanation
The correct answer is "Admin". In POSIX file systems, the user groups are typically divided into three categories: Owner, Group, and Other. The owner refers to the user who created the file or directory and has the highest level of access and control over it. The group consists of other users who have been granted access to the file or directory by the owner. The "Other" category includes all remaining users who do not fall into the owner or group category. However, there is no specific category or designation for "Admin" in POSIX file systems.Rate this question:
-
- 28.
Untuk objek bertipe file dalam POSIX, “read permission” berarti:
- A.
Permission untuk menampilkan isi file
- B.
Permission untuk memodifikasi isi file
- C.
Permission untuk menghapus file
- D.
Permission untuk mengeksekusi file
Correct Answer
A. Permission untuk menampilkan isi fileExplanation
"Read permission" pada objek bertipe file dalam POSIX berarti bahwa pengguna diberikan izin untuk melihat atau membaca isi dari file tersebut.Rate this question:
-
- 29.
Untuk objek bertipe file dalam POSIX, “write permission” berarti:
- A.
Permission untuk menampilkan isi file
- B.
Permission untuk memodifikasi isi file
- C.
Permission untuk menghapus file
- D.
Permission untuk mengeksekusi file
Correct Answer
B. Permission untuk memodifikasi isi fileExplanation
"Write permission" for a file in POSIX means the ability or permission to modify the content of the file. This means that the user or process with write permission can make changes to the file's content, such as adding, editing, or deleting data within the file. It does not refer to the ability to view or execute the file.Rate this question:
-
- 30.
Untuk objek bertipe directory dalam POSIX, “read permission” berarti:
- A.
Permission untuk menciptakan file baru dalam direktori
- B.
Permission untuk menghapus file dalam direktori
- C.
Permission untuk menampilkan daftar file dalam direktori
- D.
Permission untuk mengakses isi direktori
Correct Answer
C. Permission untuk menampilkan daftar file dalam direktoriExplanation
"Read permission" for a directory in POSIX means having the ability to view the list of files within that directory. This permission allows the user to see the names of the files present in the directory but does not grant permission to create, delete, or access the content of the files.Rate this question:
-
- 31.
Untuk objek bertipe directory dalam POSIX, “execute permission” berarti:
- A.
Permission untuk menciptakan file baru dalam direktori
- B.
Permission untuk menhapus file dalam direktori
- C.
Permission untuk menampilkan daftar file dalam direktori
- D.
Permission untuk mengakses isi direktori
Correct Answer
D. Permission untuk mengakses isi direktoriExplanation
"Execute permission" untuk objek bertipe direktori dalam POSIX berarti bahwa pengguna memiliki izin untuk mengakses dan melihat isi direktori tersebut. Ini berarti pengguna dapat membuka direktori dan melihat file dan sub-direktori yang ada di dalamnya.Rate this question:
-
- 32.
Tanda “d” pada field pertama keluaran perintah “ls” pada sistem operasi POSIX berarti:
- A.
Objek adalah sebuah file
- B.
Objek adalah sebuah directory
- C.
Objek berada dalam status deny
- D.
Objek adalah sebuah link
Correct Answer
B. Objek adalah sebuah directoryExplanation
The letter "d" in the first field of the output of the "ls" command in the POSIX operating system signifies that the object is a directory.Rate this question:
-
- 33.
Kelas permission “other” dalam POSIX berarti:
- A.
User lain selain owner
- B.
User lain dalam group owner
- C.
User lain di luar group owner
- D.
User lain selain root
Correct Answer
C. User lain di luar group ownerExplanation
The "other" permission in POSIX refers to users who are not part of the group owner. This means that it allows access to users who are not part of the specific group that owns the file or directory.Rate this question:
-
- 34.
Perintah yang digunakan untuk merubah hak kepemilikan user sebuah file adalah:
- A.
Chmod
- B.
Ls
- C.
Chown
- D.
Chgrp
Correct Answer
C. ChownExplanation
The command "chown" is used to change the ownership of a file. It allows the user to transfer the ownership of a file to a different user. This command is commonly used in Linux and Unix operating systems to change the ownership of files or directories. By using "chown", the user can modify the permissions and access rights of a file, giving ownership to a specific user.Rate this question:
-
- 35.
Perintah yang digunakan untuk menampilkan detail permission sebuah file adalah:
- A.
Chmod
- B.
Ls
- C.
Chown
- D.
Chgrp
Correct Answer
B. LsExplanation
The correct answer is "ls". The "ls" command is used to list the files and directories in a directory. By default, it displays the file names, but with appropriate options, it can also display detailed information about the files, including their permissions. Therefore, using the "ls" command, one can view the detailed permissions of a file.Rate this question:
-
- 36.
Perintah yang benar untuk memberi permission penuh kepada setiap user untuk mengakses sebuah file bernama “myfile” adalah:
- A.
Chmod ugo-rwx myfile
- B.
Chmod ugo+rwx myfile
- C.
Chmod ug+rw myfile
- D.
Chmod ug-rw myfile
Correct Answer
B. Chmod ugo+rwx myfileExplanation
The correct answer is "chmod ugo+rwx myfile". This command grants full permission (read, write, and execute) to the owner, group, and others for the file named "myfile". The "u" represents the owner, "g" represents the group, and "o" represents others. The "+rwx" adds the read, write, and execute permissions.Rate this question:
-
- 37.
Perintah: “chmod 770 myfile” berarti:
- A.
Memberi hak akses penuh kepada owner saja
- B.
Memberi hak akses penuh kepada owner atau user lain dalam group yang sama saja
- C.
Memberi hak akses penuh kepada semua user
- D.
Menutup hak akses dari semua user kecuali owner
Correct Answer
B. Memberi hak akses penuh kepada owner atau user lain dalam group yang sama sajaExplanation
The command "chmod 770 myfile" means giving full access rights to the owner and the users in the same group only. This command sets the permissions as follows: the owner has read, write, and execute permissions, the group has read, write, and execute permissions, and others have no permissions at all.Rate this question:
-
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Mar 22, 2023Quiz Edited by
ProProfs Editorial Team -
Mar 16, 2009Quiz Created by
Asambul