IT 323 IAS 11 Chapter 1: What is Security?

Questions and Answers

PDF Questions PDF Answers

What is the main idea behind the 'Security artisan' concept?

Security begins and ends with people interacting with systems.

There are hard and fast rules for implementing security.

Dealing with technology designed to operate at high levels of performance.

Individuals perceive systems technologists differently. (correct)

Which chapter discusses 'Security as Science'?

IT 323 IAS 43 (correct)

IT 323 IAS 44

IT 323 IAS 42

IT 323 IAS 45

According to 'Security as Art,' what is a characteristic of security implementation?

Security administrators can eliminate all faults.

No manual exists for implementing security. (correct)

Developers are usually rushed when implementing security.

Every fault in a system is due to specific hardware issues.

In the context of 'Security as Science,' what causes most actions in computer systems?

Specific conditions

Which aspect does 'Security as a Social Science' emphasize?

Behaviour of individuals interacting with systems

What is the key role mentioned for security administrators?

Creating more acceptable security profiles

What are the three components of the C.I.A. triangle in information security?

Confidentiality, Integrity, Availability

Which of the following is NOT one of the critical characteristics of information?

Authentication

In information security, what is considered as an active tool that can conduct an attack?

Threat Agent

Which of the following is a key concept in information security that refers to a condition of being unprotected against a potential threat?

Vulnerability

What is the main goal when balancing information security and access?

Striking a balance between protection and availability

Which approach to information security implementation involves grassroots efforts with systems administrators driving the process?

Bottom-Up Approach

Which methodology provides a formal approach to problem-solving and is used for the design and implementation of information systems?

Waterfall Methodology

What does the Systems Development Life Cycle (SDLC) refer to in information security?

Methodology for design and implementation of information system

In the context of information security, what does SDLC stand for?

Systems Development Life Cycle

What are the three critical characteristics of information that are often referred to as the C.I.A. triangle?

Confidentiality, Integrity, Availability

What is the main factor considered during the Logical Design phase of information security projects?

Business need

During the Physical Design phase, what is evaluated to support the alternatives identified in the Logical Design?

Security technology

In which phase of the project life cycle is the entire solution presented to end-user representatives for approval?

Implementation

Which role is primarily responsible for advising senior executives on strategic planning regarding information security?

Chief Information Officer (CIO)

Who is responsible for the storage, maintenance, and protection of information in an organization?

Data custodian

What is a group of individuals united by similar interests/values within an organization referred to as?

Communities of Interest

During which phase of the project life cycle are incident response actions like continuity planning and disaster recovery planned?

Logical Design