Week 2
30 Questions
2 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What are the three components of the C.I.A. triad in information security?

  • Confidentiality, Integrity, Availability (correct)
  • Confidentiality, Internet Security, Authorization
  • Confidentiality, Integrity, Accessibility
  • Confidentiality, Intrusion, Authentication
  • Which term refers to a protection profile or security posture in information security?

  • Exposure
  • Vulnerability
  • Asset
  • Control (correct)
  • What do we refer to as the subjects and objects of an attack in information security?

  • Threat event
  • Threat source
  • Risk
  • Threat (correct)
  • Which term represents the possibility of a threat exploiting a vulnerability?

    <p>Exploit</p> Signup and view all the answers

    In information security, what do we call a potential source of danger or harm?

    <p>Risk</p> Signup and view all the answers

    What is the main focus of protecting Confidentiality, Integrity, and Availability in information security?

    <p>Protecting data from unauthorized access</p> Signup and view all the answers

    What is the critical characteristic of information that ensures information is only accessible by those authorized to view it?

    <p>Confidentiality</p> Signup and view all the answers

    In the context of an attack on a computer system, what does it mean when the computer is the subject of the attack?

    <p>The computer is used as a tool to conduct an attack.</p> Signup and view all the answers

    Which characteristic of information refers to its correctness and reliability?

    <p>Accuracy</p> Signup and view all the answers

    What valuable quality does the authenticity of information aim to ensure?

    <p>Genuineness</p> Signup and view all the answers

    What key concept determines the entity being attacked in a cybersecurity scenario?

    <p>Confidentiality</p> Signup and view all the answers

    Which characteristic of information security ensures that data is protected against unauthorized changes or alterations?

    <p>Integrity</p> Signup and view all the answers

    What did Grampp and Morris identify as 'important handles to computer security'?

    <p>Physical control of primes and computer facilities</p> Signup and view all the answers

    In what year did Dennis Ritchie publish documents discussing secure user IDs and secure group IDs?

    <p>1979</p> Signup and view all the answers

    Who developed the Simple Internet Protocol Plus (SIPP) Security protocols in 1992?

    <p>Internet Engineering Task Force researchers</p> Signup and view all the answers

    What was the premise stated by Reeds and Weinberger in their publication 'File Security and the UNIX System Crypt Command'?

    <p>No technique can be secure against wiretapping</p> Signup and view all the answers

    Which document is also known as the Rainbow Series?

    <p>'Trusted Computer Security (TCSEC)' documents</p> Signup and view all the answers

    According to Grampp and Morris, what is essential for increased security in computer systems?

    <p>Management commitment and education</p> Signup and view all the answers

    What is the purpose of the Feasibility analysis phase in the system development life cycle?

    <p>To assess the feasibility of the project</p> Signup and view all the answers

    Which phase involves creating supporting documentation for the system?

    <p>Implementation</p> Signup and view all the answers

    When does the maintenance and change phase of the system life cycle occur?

    <p>After the system has been accepted by sponsors</p> Signup and view all the answers

    What triggers the start of a new project according to the text?

    <p>When the system can no longer support the organization's mission</p> Signup and view all the answers

    In which phase are security objectives planned according to the text?

    <p>Software Assurance</p> Signup and view all the answers

    What makes the Maintenance and Change phase unique in the system life cycle?

    <p>It continues until a new project begins</p> Signup and view all the answers

    What key security activities are highlighted in the NIST Approach for Development/Acquisition?

    <p>Risk assessment and supplementing baseline security controls</p> Signup and view all the answers

    In which phase of the System Development Life Cycle are security considerations specifically addressed as shown in Figure 1-14?

    <p>Initiation phase</p> Signup and view all the answers

    What is one restriction placed on the duplication of the content mentioned in the text?

    <p>It is forbidden to copy without permission</p> Signup and view all the answers

    Which document is referenced as a source for security considerations in the System Development Life Cycle?

    <p>NIST SP 800-64 Rev. 2</p> Signup and view all the answers

    What is a key aspect of the NIST Approach regarding security testing?

    <p>Performing both functional and security testing</p> Signup and view all the answers

    What is a permitted use of the content according to the text?

    <p>Usage as permitted in a license or on a password-protected website</p> Signup and view all the answers

    More Like This

    Use Quizgecko on...
    Browser
    Browser