The Fundamentals of Information Security

Questions and Answers

Which term is often used to refer to protecting information by mitigating information risks?

CIA triad

Data confidentiality

Information security (correct)

Data integrity

What is the primary focus of information security?

Data integrity

Data availability (correct)

Data confidentiality

Efficient policy implementation

What does information security involve?

Preventing unauthorized access to data

Reducing the probability of inappropriate access to data

Actions to reduce the adverse impacts of incidents

All of the above (correct)

Which area of specialization in information security focuses on securing networks and allied infrastructure?

Securing networks and allied infrastructure (D)

What is the projected annual growth rate for information security professionals from 2014 to 2019?

Around 11 percent (C)

Which of the following is an example of a software attack?

Phishing attack (D)

What is one possible response to a security threat or risk?

Reduce/mitigate (B)

Which of the following is a suggested definition of information security according to ISO/IEC 27000:2009?

The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. (D)

What is the core principle of information security?

Preservation of confidentiality, integrity, and availability of information. (A)

What is the role of IT security specialists in a company?

To keep all technology within the company secure from malicious cyber attacks. (B)

What is the field of information security primarily concerned with?

Preserving the confidentiality, integrity, and availability of information. (D)

Study Notes

Information Security Overview

• Information security is often referred to as protecting information by mitigating information risks.
• The primary focus of information security is on protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction.
• Information security involves protecting information and its systems from various threats, including unauthorized access, use, disclosure, disruption, modification, or destruction.

Specializations in Information Security

• Network security is an area of specialization in information security that focuses on securing networks and allied infrastructure.

Job Market and Growth

• The projected annual growth rate for information security professionals from 2014 to 2019 is significant, indicating a high demand for professionals in this field.

Types of Attacks

• Malware is an example of a software attack, which can compromise information security.

Response to Security Threats

• One possible response to a security threat or risk is to implement a risk mitigation strategy, such as encrypting sensitive data or implementing access controls.

Definition of Information Security

• According to ISO/IEC 27000:2009, a suggested definition of information security is the preservation of confidentiality, integrity, and availability of information.

Core Principles

• The core principle of information security is the CIA triad, which stands for confidentiality, integrity, and availability.

Role of IT Security Specialists

• IT security specialists play a critical role in a company by protecting its information and systems from various threats, including unauthorized access, use, disclosure, disruption, modification, or destruction.

Primary Concern

• The field of information security is primarily concerned with protecting information and its systems from various threats, including unauthorized access, use, disclosure, disruption, modification, or destruction.

Description

Test your knowledge of information security and its importance in today's digital world. This quiz will cover topics such as information risks, unauthorized access, data protection, and more. Challenge yourself and see how well you understand the fundamentals of information security.