24 Questions
Confidentiality, Integrity, and Availability are the main objectives in any security plan.
True
Computer Security is primarily concerned with protecting data during their transmission from one computer to another.
False
Information Security involves protecting systems, hardware, and other elements that use, store, and transmit information.
True
Network Security focuses on preventing unauthorized access, modification, destruction, or disclosure of information.
False
Integrity ensures that computer system assets can be modified by unauthorized parties.
False
Confidentiality in information security means information can only be accessed by unauthorized parties for reading purposes.
False
Integrity ensures that point A and point B are not who they claim to be.
False
Availability requires that computer assets are only available to unauthorized parities.
False
A vulnerability is a strength within a system that cannot be exploited by attackers.
False
A threat is something that is a source of safety and does not pose any danger to a system.
False
A countermeasure aims to increase the impact of an attack.
False
An external attack comes from within the trusted network.
False
To achieve security, we need Policy, Mechanism, and Assurance.
True
An internal attack comes from within the trusted network.
True
Structured attacks are carried out by individuals with discernible characteristics.
True
Unstructured attacks are carried out by individuals with sufficient experience to carry out an attack.
False
The job of an information security specialist is to make the attacker's job as easy as possible.
False
A simple Google search does not provide pre-built tools for carrying out attacks.
False
A defense-in-depth security model only uses one layer of defense.
False
If one layer in a defense-in-depth model is compromised, it is guaranteed that the attacker will access all network resources.
False
The base layers of a defense-in-depth model include physical security measures like security guards and locks.
False
The core layers of a defense-in-depth model consist of tools, technologies, and best practices to protect network resources.
True
Examples of tools in the perimeter layer include network segmentation and network intrusion-detection systems.
False
The defense-in-depth model aims to increase an attacker's chance of success by reducing the risk of detection.
False
Learn about different types of cyber attacks, including external and internal attacks, and how they can threaten a system's security. Explore the characteristics of structured and unstructured attacks in the context of cybersecurity.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
