Computer Security Challenges Quiz

Questions and Answers

What is the main takeaway about availability requirements based on the text?

Highly critical components demand high availability levels.

What does the term 'Data confidentiality' refer to in computer security?

Assures that private or confidential information is not made available or disclosed to unauthorized individuals

Which of the following best describes the viewpoint on security investment from the text?

A security failure usually leads to a perception of security benefit.

What is the main objective of 'System integrity' in computer security?

Assures that a system performs its intended function in an unimpaired manner, free from unauthorized manipulation

What is a security mechanism according to the text?

A tool intended to enhance the security of information.

Which aspect of the CIA Triad assures that information and programs are changed only in a specified and authorized manner?

Data integrity

Why are procedures used to provide particular services often counter-intuitive in terms of security?

To confuse potential attackers.

What does 'Privacy' refer to in the context of computer security?

Assures that individuals control or influence the collection and storage of their information

What is emphasized about security in terms of its perception by users?

Strong security is often seen as an obstacle to smooth operation.

Which part of the CIA Triad guarantees that a system performs its intended function without manipulation?

System integrity

'Security is essentially a battle of wits between a perpetrator and the designer.' What does this statement imply?

Security involves outsmarting potential threats.

In computer security, what does 'Availability' assure?

Assures that systems work promptly and service is not denied to authorized users

What is the main focus of the security goal related to authenticity?

Verifying users' identities and ensuring inputs come from trusted sources

What level of impact is associated with a loss that could severely affect organizational operations, assets, or individuals?

High

Which type of information is considered an asset with highly important confidentiality according to the text?

Student grade information

What could be the consequences of inaccurate patient information stored in a database?

Massive liability for a hospital

What constitutes a moderate level of integrity requirement according to the text?

Discussing specific topics on a website forum

Which security requirement is associated with an anonymous online poll?

Integrity

What does the broadest form of data confidentiality service protect?

All user data transmitted between two users over a period of time

Which type of integrity service deals with individual messages without regard to any larger context?

Connectionless integrity service

What aspect does nonrepudiation prevent?

Sender or receiver from denying a transmitted message

In data integrity, what does a connection-oriented integrity service assure?

Messages are received without duplication, insertion, modification, reordering, or replays

Which characteristic does data confidentiality aim to protect against?

Observation of source and destination traffic flow

What is the narrowest form of data confidentiality service?

Protection of specific fields within a message

What kind of threats can programs present?

Information access threats and service threats

What does NIST stand for?

National Institute of Standards and Technology

What is the main focus of ISOC, the Internet Society?

Addressing issues concerning the future of the Internet

Which organization is home to groups responsible for Internet infrastructure standards?

ISOC - Internet Society

What type of specifications are published as Requests for Comments (RFCs)?

Internet standards and related specifications

Which federal agency is responsible for measurement science, standards, and technology related to U.S. government use?

NIST - National Institute of Standards and Technology