Podcast
Questions and Answers
According to the context, what is avoidance of harm from use related to in human-centred design?
According to the context, what is avoidance of harm from use related to in human-centred design?
- Positive outcomes from interaction
- Ergonomic aspects of product design
- Negative outcomes that could arise from inappropriate forms of interaction or outputs (correct)
- User satisfaction with the system
Why is security considered part of avoidance of harm from use?
Why is security considered part of avoidance of harm from use?
- Because it is an aspect of usability
- Because it is an ergonomic consideration
- Because it tries to avoid security-related harm (correct)
- Because it enhances user satisfaction
What does flexibility in a computer system refer to?
What does flexibility in a computer system refer to?
- Ability to adapt to the environment and users' needs (correct)
- Ability to withstand attacks
- Ability to recover from system failures
- Ability to sustain for a longer term
Why is security often not what users want?
Why is security often not what users want?
What is the primary goal of a security system in the context of human-centred design?
What is the primary goal of a security system in the context of human-centred design?
What is the relationship between security and usability in the context of human-centred design?
What is the relationship between security and usability in the context of human-centred design?
What is the main focus of 'satisfaction' in the context of usability?
What is the main focus of 'satisfaction' in the context of usability?
What is the term for 'meeting the widest range of user needs' in diverse contexts of use?
What is the term for 'meeting the widest range of user needs' in diverse contexts of use?
Which of the following OECD guidelines emphasizes the importance of 'human rights and fundamental values' in digital security risk management?
Which of the following OECD guidelines emphasizes the importance of 'human rights and fundamental values' in digital security risk management?
What is the term for 'the extent to which a system, product or service can be used by specified users to achieve specified goals'?
What is the term for 'the extent to which a system, product or service can be used by specified users to achieve specified goals'?
What is the primary goal of a transdisciplinary approach to protection?
What is the primary goal of a transdisciplinary approach to protection?
What is the term for 'the person's perceptions and responses that result from the use and/or anticipated use of a system, product or service'?
What is the term for 'the person's perceptions and responses that result from the use and/or anticipated use of a system, product or service'?
What is the primary focus of the 4 principles in NIST Special Publication 800-27 related to security foundations?
What is the primary focus of the 4 principles in NIST Special Publication 800-27 related to security foundations?
What is the importance of basing security on open standards, as stated in NIST SP 800-27?
What is the importance of basing security on open standards, as stated in NIST SP 800-27?
What is the primary focus of NIST SP 800-160 Vol. 1 in relation to security?
What is the primary focus of NIST SP 800-160 Vol. 1 in relation to security?
What is the importance of designing security to allow for regular adoption of new technology, as stated in NIST SP 800-27?
What is the importance of designing security to allow for regular adoption of new technology, as stated in NIST SP 800-27?
What is the primary focus of the 8 principles in NIST SP 800-27 related to resilience?
What is the primary focus of the 8 principles in NIST SP 800-27 related to resilience?
What is the importance of striving for operational ease of use, as stated in NIST SP 800-27?
What is the importance of striving for operational ease of use, as stated in NIST SP 800-27?
A security system tries to avoid some ______-related harm(s).
A security system tries to avoid some ______-related harm(s).
A computer system should be ______ enough to adapt to the environment and the users’ needs.
A computer system should be ______ enough to adapt to the environment and the users’ needs.
Security is often NOT what users want , users want their work done and they don’t know what ______ really means!
Security is often NOT what users want , users want their work done and they don’t know what ______ really means!
According to the OECD Guidelines for the Security of Information Systems and Networks, one of the principles is ______ which includes human rights and fundamental values.
According to the OECD Guidelines for the Security of Information Systems and Networks, one of the principles is ______ which includes human rights and fundamental values.
The ______ approach to protection requires consideration across all assets where loss could occur.
The ______ approach to protection requires consideration across all assets where loss could occur.
Part of effectiveness: A ______ system is not effective if it does not provide a sufficient level of security.
Part of effectiveness: A ______ system is not effective if it does not provide a sufficient level of security.
Part of satisfaction: You will not be satisfied if a ______ system does not provide a sufficient level of security.
Part of satisfaction: You will not be satisfied if a ______ system does not provide a sufficient level of security.
In the context of security, human factors are critical as humans can be the weakest ______ in the system.
In the context of security, human factors are critical as humans can be the weakest ______ in the system.
A computer system should be ______ and robust enough to attacks, system failures and errors, and can recover easily to support continuity of use.
A computer system should be ______ and robust enough to attacks, system failures and errors, and can recover easily to support continuity of use.
The OECD Recommendation on Digital Security Risk Management for Economic and Social Prosperity (2015) outlines ______ principles for security risk management.
The OECD Recommendation on Digital Security Risk Management for Economic and Social Prosperity (2015) outlines ______ principles for security risk management.
According to the ISO 9241-11:2018, ______ is the extent to which a system can be used by specified users to achieve specified goals with effectiveness, efficiency, and satisfaction.
According to the ISO 9241-11:2018, ______ is the extent to which a system can be used by specified users to achieve specified goals with effectiveness, efficiency, and satisfaction.
In security design, it is essential to consider the ______ in the system, including how adversaries attack and compromise systems.
In security design, it is essential to consider the ______ in the system, including how adversaries attack and compromise systems.
The Parkerian Hexad includes _______ and Integrity.
The Parkerian Hexad includes _______ and Integrity.
NIST SP 800-160 Vol. 1 provides considerations for a _______ Approach in the Engineering of Trustworthy Secure Systems.
NIST SP 800-160 Vol. 1 provides considerations for a _______ Approach in the Engineering of Trustworthy Secure Systems.
According to NIST SP 800-27, security should be designed to allow for regular adoption of new _______ technology.
According to NIST SP 800-27, security should be designed to allow for regular adoption of new _______ technology.
NIST SP 800-160 Vol. 1 includes principles related to _______ Factor Security, among others.
NIST SP 800-160 Vol. 1 includes principles related to _______ Factor Security, among others.
NIST SP 800-27 emphasizes the importance of _______ security foundations, including principles related to ease of use.
NIST SP 800-27 emphasizes the importance of _______ security foundations, including principles related to ease of use.
NIST SP 800-160 Vol. 1 discusses the importance of a _______ Approach to protection in system security engineering.
NIST SP 800-160 Vol. 1 discusses the importance of a _______ Approach to protection in system security engineering.
