12 Questions
Which of the following best describes confidentiality in the context of the CIA triad?
A set of rules that limits access to information
What does the Parkerian Hexad principle of authenticity refer to?
The truth of the claim of origin or authorship of information
What is the purpose of information security?
To protect sensitive business information from modification, disruption, destruction, and inspection
Which of the following is an example of a fabrication threat?
Log / Audit Trail Falsification
What is the difference between a modification attack and a fabrication attack?
A modification attack attacks the authenticity of the system, while a fabrication attack attacks the integrity of the system.
What is the Risk Management Framework used for?
To identify, eliminate, and minimize risks in a company's environment.
Which of the following best describes the principle of possession or control in the Parkerian Hexad?
Loss of control or possession of information involving the breach of confidentiality
What is the purpose of the CIA triad?
To provide confidentiality, integrity, and availability of information
What does information security refer to?
The processes and tools designed and deployed to protect sensitive business information
Which of the following is an example of a fabrication attack?
Log / Audit Trail Falsification
What is the difference between a modification attack and a fabrication attack?
A modification attack modifies the assets of the system, while a fabrication attack inserts counterfeit objects into the system.
What is the purpose of the Risk Management Framework?
To identify, eliminate and minimize risks in a company's environment.
Study Notes
CIA Triad
- Confidentiality refers to the protection of sensitive information from unauthorized access, use, disclosure, disruption, modification, or destruction.
Parkerian Hexad
- The principle of authenticity refers to the assurance that data is genuine and tamper-free.
- The principle of possession or control refers to the ability to control and manage access to data and resources.
Information Security
- The purpose of information security is to protect information and systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Threats
- A fabrication threat is an example of an unauthorized creation of data or logs, such as inserting fake transactions into a database.
- A modification attack involves altering data in an unauthorized manner, whereas a fabrication attack involves creating new data or logs.
Risk Management Framework
- The Risk Management Framework is used to manage and mitigate risks to an organization's information systems.
- The purpose of the Risk Management Framework is to identify, assess, and prioritize risks, and to implement controls and countermeasures to mitigate those risks.
Test your knowledge of the CIA triad with this quiz! Learn about the concepts of confidentiality, integrity, and availability and how they relate to information security. Challenge yourself with questions that explore the importance of limiting access to information, preserving data integrity, and ensuring data is always accessible when needed.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
