Information Security Fundamentals

Questions and Answers

What is the primary measure to mitigate the vulnerability of unauthorized access to code?

• Developing awareness of information assets
• Evaluating potential threats
• Referring to Haas' Laws of operations security
• Instituting stronger access control measures (correct)

What is the outcome of breaking the threat/vulnerability pair?

• Reduced risk of unauthorized access (correct)
• Complete elimination of vulnerability
• Increased awareness of information assets
• Implementation of Haas' Laws of operations security

What is the focus of the first law of operations security?

• Protecting against competitors
• Instituting stronger access control measures
• Developing awareness of information assets (correct)
• Evaluating potential threats

What is the relationship between the second law of operations security and the operations security process?

The second law maps directly to the second step in the process (C)

What is the main idea behind the third law of operations security?

The necessity of protecting information from adversaries (A)

What is the benefit of applying operations security principles in personal life?

It is of great use in personal lives (B)

What is the primary goal of instituting policy for handling code?

To lay out a set of rules for handling code (D)

What is the consequence of not taking steps to protect information from adversaries?

Our adversaries will win by default (C)

What is the purpose of Haas' Laws of operations security?

To provide a framework for operations security (B)

What is the relationship between the first and second laws of operations security?

They are complementary (A)

Flashcards are hidden until you start studying