IT 323 IAS 11 Chapter 1: What is Security?

Questions and Answers

What is the main idea behind the 'Security artisan' concept?

• Security begins and ends with people interacting with systems.
• There are hard and fast rules for implementing security.
• Dealing with technology designed to operate at high levels of performance.
• Individuals perceive systems technologists differently. (correct)

Which chapter discusses 'Security as Science'?

• IT 323 IAS 43 (correct)
• IT 323 IAS 44
• IT 323 IAS 42
• IT 323 IAS 45

According to 'Security as Art,' what is a characteristic of security implementation?

• Security administrators can eliminate all faults.
• No manual exists for implementing security. (correct)
• Developers are usually rushed when implementing security.
• Every fault in a system is due to specific hardware issues.

In the context of 'Security as Science,' what causes most actions in computer systems?

Specific conditions (D)

Which aspect does 'Security as a Social Science' emphasize?

Behaviour of individuals interacting with systems (C)

What is the key role mentioned for security administrators?

Creating more acceptable security profiles (A)

What are the three components of the C.I.A. triangle in information security?

Confidentiality, Integrity, Availability (A)

Which of the following is NOT one of the critical characteristics of information?

Authentication (B)

In information security, what is considered as an active tool that can conduct an attack?

Threat Agent (A)

Which of the following is a key concept in information security that refers to a condition of being unprotected against a potential threat?

Vulnerability (D)

What is the main goal when balancing information security and access?

Striking a balance between protection and availability (C)

Which approach to information security implementation involves grassroots efforts with systems administrators driving the process?

Bottom-Up Approach (A)

Which methodology provides a formal approach to problem-solving and is used for the design and implementation of information systems?

Waterfall Methodology (C)

What does the Systems Development Life Cycle (SDLC) refer to in information security?

Methodology for design and implementation of information system (A)

In the context of information security, what does SDLC stand for?

Systems Development Life Cycle (D)

What are the three critical characteristics of information that are often referred to as the C.I.A. triangle?

Confidentiality, Integrity, Availability (C)

What is the main factor considered during the Logical Design phase of information security projects?

Business need (D)

During the Physical Design phase, what is evaluated to support the alternatives identified in the Logical Design?

Security technology (B)

In which phase of the project life cycle is the entire solution presented to end-user representatives for approval?

Implementation (A)

Which role is primarily responsible for advising senior executives on strategic planning regarding information security?

Chief Information Officer (CIO) (A)

Who is responsible for the storage, maintenance, and protection of information in an organization?

Data custodian (B)

What is a group of individuals united by similar interests/values within an organization referred to as?

Communities of Interest (C)

During which phase of the project life cycle are incident response actions like continuity planning and disaster recovery planned?

Logical Design (B)

Flashcards are hidden until you start studying