Computer Security Overview and Basic Concepts

Questions and Answers

What is the C-I-A Triad in computer security?

• Control, Identification, Authorization
• Confidentiality, Integrity, Availability (correct)
• Consistency, Identification, Authorization
• Confidentiality, Integrity, Authentication

Which of the following is considered an example of a hardware asset in computer security?

• Word processing software
• Disk drives (correct)
• Photos
• Emails

What does the term 'vulnerabilities' refer to in the context of computer security?

• Unauthorized access to data
• Weaknesses in a system that can be exploited (correct)
• Unauthorized modification of data
• Ensuring data availability

In the context of computer security, what does the term 'authentication' mean?

The process of ensuring that users are who they claim to be (B)

What is the main goal of access control in computer security?

To restrict access to authorized users only (C)

How are the values of computer system assets described in the text?

Personal, time-dependent, and often imprecise (C)

What is the main purpose of a control in the context of computer security?

To remove or reduce vulnerabilities (D)

In the context of computer security, what is the main role of a threat?

To cause loss or harm (A)

What does the term 'interception' refer to in the context of computer security?

Unauthorized party gaining access to an asset (B)

What is the key aspect addressed by confidentiality in computer security?

Unauthorized party accessing computer-related assets (D)

Which term refers to a weakness in the security system that might be exploited to cause loss or harm?

Vulnerability (B)

What does computer security aim to protect?

Confidentiality, integrity, and availability (D)

Which of the following is considered a data asset in computer security?

Photos and videos (D)

What does the term 'vulnerabilities' refer to in the context of computer security?

Weaknesses in the security system that might be exploited to cause harm or loss (C)

What values are associated with computer system assets according to the text?

Personal, time-dependent, and often imprecise (C)

What is the role of access control in computer security?

Restricting unauthorized access to resources (C)

Which of the following is considered an example of a hardware asset in computer security?

Memory and printer (D)

What is the term for a weakness in the security system that might be exploited to cause loss or harm?

Vulnerability (D)

In the context of computer security, what is the main goal of confidentiality?

Ensuring assets are accessed only by authorized parties (A)

What does the term 'fabrication' refer to in the context of computer security?

Unauthorized party creating counterfeit objects on a computing system (A)

What is the main role of a control in the context of computer security?

Removing or reducing a vulnerability (D)

What is the term for a special type of threat that is organized, directed, well financed, patient, and silent?

Advanced Persistent Threat (APT) (D)

In computer security, what does the term 'interception' refer to?

Some unauthorized party gaining access to an asset (A)

What is the term for the set of circumstances that has the potential to cause loss or harm in a computing system?

Threat (C)

What does the term 'integrity' mean in the context of computer security?

'Assets can be modified only by authorized parties or only in authorized ways' (B)

What is meant by 'availability' in the context of computer security?

Assets are accessible to authorized parties at appropriate times (A)

What is the main aspect addressed by countermeasures in computer security?

An action, device, procedure, or technique that removes or reduces a vulnerability (A)