30 Questions
What are the three components of the C.I.A. triad in information security?
Confidentiality, Integrity, Availability
Which term refers to a protection profile or security posture in information security?
Control
What do we refer to as the subjects and objects of an attack in information security?
Threat
Which term represents the possibility of a threat exploiting a vulnerability?
Exploit
In information security, what do we call a potential source of danger or harm?
Risk
What is the main focus of protecting Confidentiality, Integrity, and Availability in information security?
Protecting data from unauthorized access
What is the critical characteristic of information that ensures information is only accessible by those authorized to view it?
Confidentiality
In the context of an attack on a computer system, what does it mean when the computer is the subject of the attack?
The computer is used as a tool to conduct an attack.
Which characteristic of information refers to its correctness and reliability?
Accuracy
What valuable quality does the authenticity of information aim to ensure?
Genuineness
What key concept determines the entity being attacked in a cybersecurity scenario?
Confidentiality
Which characteristic of information security ensures that data is protected against unauthorized changes or alterations?
Integrity
What did Grampp and Morris identify as 'important handles to computer security'?
Physical control of primes and computer facilities
In what year did Dennis Ritchie publish documents discussing secure user IDs and secure group IDs?
1979
Who developed the Simple Internet Protocol Plus (SIPP) Security protocols in 1992?
Internet Engineering Task Force researchers
What was the premise stated by Reeds and Weinberger in their publication 'File Security and the UNIX System Crypt Command'?
No technique can be secure against wiretapping
Which document is also known as the Rainbow Series?
'Trusted Computer Security (TCSEC)' documents
According to Grampp and Morris, what is essential for increased security in computer systems?
Management commitment and education
What is the purpose of the Feasibility analysis phase in the system development life cycle?
To assess the feasibility of the project
Which phase involves creating supporting documentation for the system?
Implementation
When does the maintenance and change phase of the system life cycle occur?
After the system has been accepted by sponsors
What triggers the start of a new project according to the text?
When the system can no longer support the organization's mission
In which phase are security objectives planned according to the text?
Software Assurance
What makes the Maintenance and Change phase unique in the system life cycle?
It continues until a new project begins
What key security activities are highlighted in the NIST Approach for Development/Acquisition?
Risk assessment and supplementing baseline security controls
In which phase of the System Development Life Cycle are security considerations specifically addressed as shown in Figure 1-14?
Initiation phase
What is one restriction placed on the duplication of the content mentioned in the text?
It is forbidden to copy without permission
Which document is referenced as a source for security considerations in the System Development Life Cycle?
NIST SP 800-64 Rev. 2
What is a key aspect of the NIST Approach regarding security testing?
Performing both functional and security testing
What is a permitted use of the content according to the text?
Usage as permitted in a license or on a password-protected website
Test your knowledge of key dates in the history of information security with this quiz focusing on important events in the late 20th century. From Dennis Ritchie's publications on UNIX security to the inception of the Trusted Computer Security documents, this quiz covers significant milestones.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free