ITSMA - L1 Introduction to ITSMA

Questions and Answers

What is the ultimate objective of security?

To protect the sovereignty of a state

To protect assets, resources, and people

To protect from adversaries (correct)

To implement a multi-layered system

What are the six layers of security that a successful organization should have in place?

Physical, personal, operations, communications, network, and information security (correct)

Physical, financial, operations, communications, network, and information security

Physical, personal, operations, communications, human resources, and information security

Physical, personal, operations, communications, network, and reputation security

What is the purpose of auditing in information security?

To ensure confidentiality

To ensure integrity

To evaluate the effectiveness of the defense systems (correct)

To ensure availability

What is a cyber threat?

An event or circumstance that has the potential to cause a negative/undesired outcome

What are the three types of vulnerabilities?

Known, business logic-related, and zero-day

What are the two types of cyber risks?

External and internal

What is the goal of confidentiality in information security?

To ensure that computer-related assets are accessed only by authorized parties

What is a cyber risk in information security?

The impact of a threat exploiting a vulnerability

What is the goal of integrity in information security?

To ensure that assets can be modified only by authorized parties or only in authorized ways

What is the goal of availability in information security?

To ensure that assets are accessible to authorized parties at appropriate times