Information Security Components Quiz

Questions and Answers

What is emphasized when it comes to information security?

Achieving perfect information security in one step

Implementing a top-down security approach

Ignoring threats to focus on access

Balancing between protection and availability (correct)

What is a key advantage of the Bottom-Up approach to information security implementation discussed in the text?

It focuses on participant support

It lacks critical features

It prioritizes organizational staying power

It involves grassroots systems administrators (correct)

Why is it mentioned in the text that perfect information security is impossible to obtain?

To emphasize the importance of ignoring availability issues

Due to the lack of technical expertise in organizations

Because threats are not real concerns

To highlight that security is an ongoing process (correct)

What are the three key aspects of security mentioned in the text?

Confidentiality, Availability, Integrity

Which term refers to the likelihood of a threat exploiting a vulnerability within an organization's systems?

Risk

What is the purpose of a risk assessment in information security?

To identify and prioritize risks to information assets

Who is responsible for the security and use of a particular set of information?

Data owners

Which group is responsible for information and systems that process, transmit, and store data?

Data custodian

What group in the organization has access to information and plays an information security role?

Data users

Who is appointed by data owners to oversee the management of a particular set of information?

Data trustee