Week 2
30 Questions
2 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What are the three components of the C.I.A. triad in information security?

  • Confidentiality, Integrity, Availability (correct)
  • Confidentiality, Internet Security, Authorization
  • Confidentiality, Integrity, Accessibility
  • Confidentiality, Intrusion, Authentication

Which term refers to a protection profile or security posture in information security?

  • Exposure
  • Vulnerability
  • Asset
  • Control (correct)

What do we refer to as the subjects and objects of an attack in information security?

  • Threat event
  • Threat source
  • Risk
  • Threat (correct)

Which term represents the possibility of a threat exploiting a vulnerability?

<p>Exploit (A)</p> Signup and view all the answers

In information security, what do we call a potential source of danger or harm?

<p>Risk (A)</p> Signup and view all the answers

What is the main focus of protecting Confidentiality, Integrity, and Availability in information security?

<p>Protecting data from unauthorized access (C)</p> Signup and view all the answers

What is the critical characteristic of information that ensures information is only accessible by those authorized to view it?

<p>Confidentiality (A)</p> Signup and view all the answers

In the context of an attack on a computer system, what does it mean when the computer is the subject of the attack?

<p>The computer is used as a tool to conduct an attack. (B)</p> Signup and view all the answers

Which characteristic of information refers to its correctness and reliability?

<p>Accuracy (B)</p> Signup and view all the answers

What valuable quality does the authenticity of information aim to ensure?

<p>Genuineness (D)</p> Signup and view all the answers

What key concept determines the entity being attacked in a cybersecurity scenario?

<p>Confidentiality (B)</p> Signup and view all the answers

Which characteristic of information security ensures that data is protected against unauthorized changes or alterations?

<p>Integrity (B)</p> Signup and view all the answers

What did Grampp and Morris identify as 'important handles to computer security'?

<p>Physical control of primes and computer facilities (A)</p> Signup and view all the answers

In what year did Dennis Ritchie publish documents discussing secure user IDs and secure group IDs?

<p>1979 (A)</p> Signup and view all the answers

Who developed the Simple Internet Protocol Plus (SIPP) Security protocols in 1992?

<p>Internet Engineering Task Force researchers (D)</p> Signup and view all the answers

What was the premise stated by Reeds and Weinberger in their publication 'File Security and the UNIX System Crypt Command'?

<p>No technique can be secure against wiretapping (C)</p> Signup and view all the answers

Which document is also known as the Rainbow Series?

<p>'Trusted Computer Security (TCSEC)' documents (B)</p> Signup and view all the answers

According to Grampp and Morris, what is essential for increased security in computer systems?

<p>Management commitment and education (C)</p> Signup and view all the answers

What is the purpose of the Feasibility analysis phase in the system development life cycle?

<p>To assess the feasibility of the project (D)</p> Signup and view all the answers

Which phase involves creating supporting documentation for the system?

<p>Implementation (A)</p> Signup and view all the answers

When does the maintenance and change phase of the system life cycle occur?

<p>After the system has been accepted by sponsors (A)</p> Signup and view all the answers

What triggers the start of a new project according to the text?

<p>When the system can no longer support the organization's mission (C)</p> Signup and view all the answers

In which phase are security objectives planned according to the text?

<p>Software Assurance (D)</p> Signup and view all the answers

What makes the Maintenance and Change phase unique in the system life cycle?

<p>It continues until a new project begins (D)</p> Signup and view all the answers

What key security activities are highlighted in the NIST Approach for Development/Acquisition?

<p>Risk assessment and supplementing baseline security controls (A)</p> Signup and view all the answers

In which phase of the System Development Life Cycle are security considerations specifically addressed as shown in Figure 1-14?

<p>Initiation phase (C)</p> Signup and view all the answers

What is one restriction placed on the duplication of the content mentioned in the text?

<p>It is forbidden to copy without permission (B)</p> Signup and view all the answers

Which document is referenced as a source for security considerations in the System Development Life Cycle?

<p>NIST SP 800-64 Rev. 2 (A)</p> Signup and view all the answers

What is a key aspect of the NIST Approach regarding security testing?

<p>Performing both functional and security testing (C)</p> Signup and view all the answers

What is a permitted use of the content according to the text?

<p>Usage as permitted in a license or on a password-protected website (A)</p> Signup and view all the answers
Use Quizgecko on...
Browser
Browser