Authentication Basics

What is the primary goal of the Computer Security Division (CSD) at NIST?

To improve information systems security (correct)
To publish Special Publication 800 series
To develop ITL bulletins
To oversee eight divisions within NIST's ITL

Which of the following is a publication series produced by NIST?

CSD bulletins
NIST Security Division newsletters
ITL reports
Special Publication 800 series (correct)

How many divisions are within NIST's Information Technology Laboratory?

Six
Five
Seven
Eight (correct)

What is the name of the laboratory that the Computer Security Division (CSD) is a part of?

Information Technology Laboratory (C) Signup and view all the answers

What type of documents are ITL bulletins?

Informational briefs on security topics (A) Signup and view all the answers

What is a characteristic of human nature?

Being trusting (B) Signup and view all the answers

What is the primary focus of the Asset Management domain?

Developing classification schema (B) Signup and view all the answers

What is NOT a primary goal of the Asset Management domain?

Conducting penetration testing (B) Signup and view all the answers

What is the section number associated with the Asset Management domain?

Section 8 (A) Signup and view all the answers

What is the purpose of assigning classification levels in the Asset Management domain?

To determine access levels (C) Signup and view all the answers

What is the primary focus of the Cryptography domain?

Protecting confidentiality, integrity, and availability of information (C) Signup and view all the answers

When was the Cryptography domain added?

2013 (B) Signup and view all the answers

What is the primary concern of the Cryptography domain in terms of information?

Confidentiality, integrity, and availability (D) Signup and view all the answers

What is the primary objective of using cryptography according to the Cryptography domain?

To protect the confidentiality, integrity, and availability of information (D) Signup and view all the answers

Which of the following is related to the Cryptography domain?

Protecting information's CIA (A) Signup and view all the answers

Who is considered the information owner?

An official with legal or operational authority for specified information (B) Signup and view all the answers

Which role is responsible for the information ownership?

An official with legal or operational authority for specified information (C) Signup and view all the answers

What is the primary criterion for being an information owner?

Holding legal or operational authority for specified information (C) Signup and view all the answers

Can any employee in an organization be considered an information owner?

No, it must be an official with legal or operational authority for specified information (D) Signup and view all the answers

Which of the following individuals is least likely to be an information owner?

Front Desk Receptionist (A) Signup and view all the answers

What is the primary focus of identification in the context of secured information and systems?

Positively identifying the person or system seeking access (B) Signup and view all the answers

What is the primary goal of identification in secured systems?

To authenticate the identity of the person or system (A) Signup and view all the answers

In the context of secured information, what does identification primarily involve?

Verifying the identity of the person or system (A) Signup and view all the answers

What is the primary benefit of identification in secured systems?

To ensure that only authorized entities can access the secured information (D) Signup and view all the answers

What is the relationship between identification and access control in secured systems?

Identification is the first step in the access control process (D) Signup and view all the answers