Questions and Answers
What is information assurance?
Information assurance is the practice of managing information-related risks and ensuring the integrity, confidentiality, and availability of information.
Which of the following are goals of information security? (Select all that apply)
Cryptography refers to a method of verifying identities over a network.
False
What is non-repudiation?
Signup and view all the answers
Malicious software is known as ______.
Signup and view all the answers
What are the three categories of non-repudiation?
Signup and view all the answers
Which data breach involved the highest number of affected customers in 2024?
Signup and view all the answers
What is a hash function?
Signup and view all the answers
What is the use of a digital signature?
Signup and view all the answers
Study Notes
Information Assurance Basics
- Information assurance focuses on protecting information from damage, alteration, and leakage throughout its lifecycle: collection, processing, storage, and transmission.
- Importance of information assurance includes preventing privacy breaches and cybercrimes in an increasingly connected world.
Key Statistics
- As of July 2024, 5.45 billion people use the internet globally, accounting for 67.1% of the world’s population, with 86.98 million users in the Philippines.
- Major data breaches in 2024 included:
- AT&T: 7.6 million current and 65.4 million former customers
- MOVEit: 77 million
- Ticketmaster: 560 million records
- Tile: 450 million
- Dell: 49 million
- Bank of America: 57,000
- Jollibee Foods Corporation: 11 million
Principles of Information Security
- The three main goals are confidentiality, integrity, and availability, which must be supported through administrative, physical, and technical measures.
- The necessity for information security is driven by increasing privacy guarantees and the need to protect sensitive technologies from global threats.
Key Terms in Information Security
- Authentication: A process that ensures information exchanged between parties is not altered or deleted, and verifies the legitimacy of the sender and receiver.
-
Non-repudiation: Security measures that prevent claims from senders or receivers that messages were not sent, received, or delivered. Categories include:
- Non-repudiation of origin: Prevents the sender from claiming they did not send a message.
- Non-repudiation of delivery: Prevents the receiver from disputing the delivery of a message.
- Non-repudiation of receipt: Prevents the receiver from claiming they did not receive a message.
Cryptography
- Cryptographic techniques are divided into symmetric key systems (same key for encryption and decryption) and public key systems (different keys).
- Cryptography protocols utilize these techniques to ensure secure communication and message integrity, including methods for authentication, confidentiality, and non-repudiation.
Digital Signatures and Hash Functions
- Digital Signature: Provides data integrity and authentication by hashing a document with the signature's private key.
- Hash Function: Transforms input data of arbitrary length into a fixed-length hash value, efficiently summarizing the data.
Malware Overview
- Malware: Malicious software designed to harm computers, file systems, or networks.
- Types of malware include:
- Worms: Self-replicating malware that spreads independently.
- Viruses: Malicious code embedded within another program, requiring that program to run for the virus to activate.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge on information assurance and security goals with this quiz. Explore concepts such as cryptography, non-repudiation, and malicious software. Challenge yourself and see how well you understand these important topics in information security.
