Information Security Fundamentals

Questions and Answers

What is the primary measure to mitigate the vulnerability of unauthorized access to code?

Developing awareness of information assets

Evaluating potential threats

Referring to Haas' Laws of operations security

Instituting stronger access control measures (correct)

What is the outcome of breaking the threat/vulnerability pair?

Reduced risk of unauthorized access (correct)

Complete elimination of vulnerability

Increased awareness of information assets

Implementation of Haas' Laws of operations security

What is the focus of the first law of operations security?

Protecting against competitors

Instituting stronger access control measures

Developing awareness of information assets (correct)

Evaluating potential threats

What is the relationship between the second law of operations security and the operations security process?

The second law maps directly to the second step in the process

What is the main idea behind the third law of operations security?

The necessity of protecting information from adversaries

What is the benefit of applying operations security principles in personal life?

It is of great use in personal lives

What is the primary goal of instituting policy for handling code?

To lay out a set of rules for handling code

What is the consequence of not taking steps to protect information from adversaries?

Our adversaries will win by default

What is the purpose of Haas' Laws of operations security?

To provide a framework for operations security

What is the relationship between the first and second laws of operations security?

They are complementary