Computer Security Principles Quiz
50 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the main goal of confidentiality in computer security?

  • To ensure data is accessible to everyone
  • To allow unrestricted access to data
  • To guarantee that data is deleted after use
  • To protect private information from unauthorized access (correct)
  • Which component is primarily associated with data integrity?

  • Only authorized changes are allowed to information (correct)
  • Making information available to all users
  • General accessibility of information
  • Ensuring data is stored in multiple locations
  • What does availability in computer security ensure?

  • Resources are hidden from unauthorized users
  • Systems are accessible to anyone at any time
  • Data is permanently stored without interruption
  • Authorized users can access resources when needed (correct)
  • What is the primary focus of data confidentiality?

    <p>Protection from unauthorized disclosure of data (C)</p> Signup and view all the answers

    Which of the following best describes privacy in the context of confidentiality?

    <p>Individuals control who stores and accesses their personal information (C)</p> Signup and view all the answers

    Which security service ensures that a system operates without unauthorized manipulation?

    <p>Data integrity (A)</p> Signup and view all the answers

    Which of the following is NOT a goal of computer security?

    <p>Unrestricted access (B)</p> Signup and view all the answers

    What is the role of accountability in security services?

    <p>To trace actions back to their originating entity (D)</p> Signup and view all the answers

    What does non-repudiation prevent?

    <p>Denial of a transaction or message by a party (D)</p> Signup and view all the answers

    Which of the following is a key component of access control?

    <p>Preventing unauthorized access (B)</p> Signup and view all the answers

    What does data integrity assure?

    <p>Data received is exactly as sent. (D)</p> Signup and view all the answers

    What does peer entity authentication confirm?

    <p>The communicating entities are who they claim to be. (B)</p> Signup and view all the answers

    What is the primary purpose of non-repudiation?

    <p>To protect against denial of a communication. (D)</p> Signup and view all the answers

    Which mechanism is designed to prevent unauthorized use of resources?

    <p>Access Control (A)</p> Signup and view all the answers

    What aspect of data communication does data origin authentication ensure?

    <p>The source of the data is genuine. (A)</p> Signup and view all the answers

    What is the primary purpose of endcipherment in security mechanisms?

    <p>To ensure data confidentiality and integrity. (D)</p> Signup and view all the answers

    How does the data integrity mechanism ensure the integrity of received data?

    <p>By appending a check value and comparing it upon receipt. (A)</p> Signup and view all the answers

    Which of the following best describes the authentication exchange mechanism?

    <p>It enables two entities to verify each other's identities. (D)</p> Signup and view all the answers

    What is the main function of traffic filtering in security mechanisms?

    <p>To prevent unwanted access and misuse of data. (B)</p> Signup and view all the answers

    Notarization in security mechanisms is primarily used for what purpose?

    <p>To verify the authenticity of a document or information. (D)</p> Signup and view all the answers

    What does data confidentiality ensure?

    <p>Only authorized parties can access data. (C)</p> Signup and view all the answers

    Which mechanism is used to verify the identity of a party?

    <p>Authentication (B)</p> Signup and view all the answers

    What is the main purpose of digital signatures?

    <p>To authenticate the origin and integrity of data. (C)</p> Signup and view all the answers

    Which security mechanism involves inserting unrelated data into traffic?

    <p>Traffic Padding (C)</p> Signup and view all the answers

    What does non-repudiation ensure in a communication context?

    <p>A party cannot deny having performed an action. (D)</p> Signup and view all the answers

    What characterizes passive attacks in computer systems?

    <p>They involve unauthorized access or interception of data. (B)</p> Signup and view all the answers

    Which category of passive attack involves unauthorized access to the actual content of messages?

    <p>Snooping (A)</p> Signup and view all the answers

    What is the primary aim of traffic analysis in passive attacks?

    <p>To gather information about communicating parties. (A)</p> Signup and view all the answers

    Which of the following describes active attacks?

    <p>They threaten the integrity of the data. (C)</p> Signup and view all the answers

    How many categories of active attacks are mentioned?

    <p>Five (D)</p> Signup and view all the answers

    What is a masquerade attack?

    <p>An unauthorized entity pretends to be another entity. (C)</p> Signup and view all the answers

    Which of the following best describes an alteration of messages attack?

    <p>Modifying a message after it has been sent for personal gain. (D)</p> Signup and view all the answers

    What occurs in a replaying attack?

    <p>An attacker retransmits a previously captured message. (C)</p> Signup and view all the answers

    What does repudiation in network security refer to?

    <p>An entity claiming they did not send or receive a message. (A)</p> Signup and view all the answers

    Which type of attack is characterized by overwhelming a server's resources?

    <p>Denial of Service (A)</p> Signup and view all the answers

    What type of attack is aimed at maximizing financial gain?

    <p>Criminal attack (C)</p> Signup and view all the answers

    Which of the following describes a passive attack?

    <p>Observing network traffic patterns (A)</p> Signup and view all the answers

    What is the primary motivation behind a publicity attack?

    <p>Achieving notoriety in the media (D)</p> Signup and view all the answers

    What is a characteristic of an active attack?

    <p>It involves altering or disrupting data. (A)</p> Signup and view all the answers

    Which of the following is NOT a type of computer attack classified from a technical point of view?

    <p>Publicity attack (B)</p> Signup and view all the answers

    What is an example of a repudiation attack?

    <p>User A denies sending money to User B. (A)</p> Signup and view all the answers

    What is the primary aim of a Denial of Service (DoS) attack?

    <p>To make a service unavailable. (D)</p> Signup and view all the answers

    What type of threat involves unauthorized access to sensitive information?

    <p>Threat to confidentiality (D)</p> Signup and view all the answers

    Which category of threats ensures the accuracy and trustworthiness of data?

    <p>Threat to integrity (C)</p> Signup and view all the answers

    What type of threat involves disclosing protected data?

    <p>Confidentiality (A)</p> Signup and view all the answers

    What action do attackers execute in a Denial of Service attack to impact server availability?

    <p>Sending excessive bogus data (A)</p> Signup and view all the answers

    Which of the following represents a threat to data integrity?

    <p>Masquerading (B)</p> Signup and view all the answers

    What is a common method to mitigate threats to confidentiality?

    <p>Encryption (B)</p> Signup and view all the answers

    Which of the following threats typically involves denying services to authorized users?

    <p>Denial-of-Service (DoS) attacks (A)</p> Signup and view all the answers

    What process transforms plain text into cypher text?

    <p>Encryption (C)</p> Signup and view all the answers

    Flashcards

    Computer Security

    Protecting computer systems and data to preserve confidentiality, integrity, and availability.

    Confidentiality

    Ensuring private information is only accessible to authorized individuals.

    Data Confidentiality

    Protecting sensitive data from unauthorized access.

    Integrity

    Ensuring data is only changed by authorized individuals.

    Signup and view all the flashcards

    Availability

    Ensuring authorized users can access the system when needed.

    Signup and view all the flashcards

    Data Integrity

    Ensuring a system functions correctly without unauthorized modifications.

    Signup and view all the flashcards

    System Availability

    Ensuring authorized users can access system services promptly.

    Signup and view all the flashcards

    Authenticity (Security)

    Verifying user identity and message validity.

    Signup and view all the flashcards

    Non-repudiation (Security)

    Preventing denial of a party's actions in a transaction.

    Signup and view all the flashcards

    Peer Entity Authentication

    Verifying the identity of the parties involved in communication.

    Signup and view all the flashcards

    Data Origin Authentication

    Guaranteeing the source of data is legitimate.

    Signup and view all the flashcards

    Non-repudiation

    Prevents denial of communication by any participant.

    Signup and view all the flashcards

    Access Control

    Restricting access to resources based on user permissions.

    Signup and view all the flashcards

    Endcipherment

    Hiding or covering data to keep it secret and ensure its original state hasn't changed. Steganography is a method used for this.

    Signup and view all the flashcards

    Digital Signature

    Electronically signing data to prove its origin and prevent tampering. It acts as a guarantee of authenticity and non-repudiation.

    Signup and view all the flashcards

    Authentication Exchange

    Two parties verifying each other's identities through a series of messages. This ensures they are who they claim to be.

    Signup and view all the flashcards

    Traffic Filtering

    Blocking unwanted access attempts and malicious activity by selectively allowing or denying network traffic.

    Signup and view all the flashcards

    Authentication

    Verifying the identity of a party. It's like a passport that proves who you are in the digital world.

    Signup and view all the flashcards

    Criminal Attack (Computer Security)

    An attack motivated by financial gain, aiming to exploit vulnerabilities for personal or financial benefits.

    Signup and view all the flashcards

    Publicity Attack

    An attack designed to gain notoriety or attention by disrupting services or causing damage, often for personal fame or agenda.

    Signup and view all the flashcards

    Legal Attack

    An attack focused on identifying and exploiting security weaknesses of a system, often for legal purposes like penetration testing or vulnerability analysis.

    Signup and view all the flashcards

    Passive Attack (Computer Security)

    An attack that involves monitoring and observing system behavior without altering or interfering with it.

    Signup and view all the flashcards

    Active Attack (Computer Security)

    An attack that directly modifies or manipulates system data, functionalities, or network traffic, causing harm or disruption.

    Signup and view all the flashcards

    Passive Attack

    An attack where the attacker observes data transmission without altering the original message. This focuses on gaining information without directly modifying the system.

    Signup and view all the flashcards

    Release of Message Contents

    An attacker intercepts and reads data without authorization. This is also known as snooping.

    Signup and view all the flashcards

    Traffic Analysis

    Monitoring internet traffic to learn about communicating parties, such as who is communicating and their addresses. This is possible even if the data is unencrypted.

    Signup and view all the flashcards

    Active Attack

    An attack that alters the original message or creates a fake message, threatening the integrity of the data.

    Signup and view all the flashcards

    What does an active attack threaten?

    Active attacks threaten the integrity of the data, meaning the data may be altered or corrupted.

    Signup and view all the flashcards

    Masquerade Attack

    An attack where an unauthorized entity pretends to be someone else to gain access or deceive others.

    Signup and view all the flashcards

    Message Alteration

    Changing the contents of a message after it's been sent, often for malicious purposes.

    Signup and view all the flashcards

    Replay Attack

    An attacker steals a message and resends it later to gain unauthorized access or perform actions.

    Signup and view all the flashcards

    Repudiation Attack

    An attack where the sender or receiver of a message denies ever having sent or received it.

    Signup and view all the flashcards

    Denial of Service (DoS)

    An attacker prevents legitimate users from accessing a service by overloading the server.

    Signup and view all the flashcards

    Threat to Confidentiality

    An attempt to access or steal sensitive information without authorization.

    Signup and view all the flashcards

    Threat to Integrity

    An attempt to modify or corrupt data, compromising its accuracy or trustworthiness.

    Signup and view all the flashcards

    Threat to Availability

    An action that aims to prevent users from accessing a system or service, making it unavailable.

    Signup and view all the flashcards

    Data Confidentiality Threat

    Unauthorized disclosure of protected information, like revealing your shopping history or tracking your online movements.

    Signup and view all the flashcards

    Data Integrity Threat

    Modifying, deleting, or inserting data without authorization, like altering your bank account balance or replaying a message to trick someone.

    Signup and view all the flashcards

    Data Availability Threat

    Denying authorized users access to data or services, for example, making a website unavailable for legitimate users.

    Signup and view all the flashcards

    Encryption

    Transforming plain text into a scrambled code, like a secret language, to protect it from unauthorized access.

    Signup and view all the flashcards

    Decryption

    Unlocking the scrambled code back into plain text, like decoding a secret message to understand its contents.

    Signup and view all the flashcards

    More Like This

    Comptia GCGA Chapter 6 Flashcards
    57 questions
    Basics of Computer Security
    42 questions

    Basics of Computer Security

    FertileApostrophe7291 avatar
    FertileApostrophe7291
    Computer Security Definitions Quiz
    17 questions
    Use Quizgecko on...
    Browser
    Browser