Week 2 Quiz ISA PDF

Summary

This is a quiz for information systems analysis, focusing on concepts like information security, computer networks, and the different aspects of a systems development life cycle (SDLC).

Full Transcript

Week02-Quiz Score:
2nd Semester – A.Y. 2024-2025
Course Code: Course Title: Duration: Date:
1.5 HOURS
Student No: Student Name: SURNAME, NAME, MI. Course, Year & Section:

Student Signature: Instructor:
RIMA G. LAGOC
IDENTIFICATION:
_____________________________1. A network build that could resist any attacks from USSR. ARPANET
_____________________________2. A device used extensively by Nazi Germany during World War II, in all branches of the German military.
Enigma Machine
_____________________________3. The protection of information and its critical elements, including systems and hardware that use, store, and
transmit that information. Information Security

_____________________________4. The type of measurement that assures the information is correct and true and also necessary that the
information should not be generated from the malicious data. Accuracy
_____________________________5. The approaches of SDLC: Consists of assessments of the organization, status of current systems, and
capability to support proposed systems Analysts determine what new system is expected to do and how it
will interact with existing systems. Analysis
_____________________________6. The first public packet-switched computer network used in United States. ARPANET

_____________________________7. Validates the source or origin of data and other file transfers through proof of identity. Authenticity
_____________________________8. Protecting the functionality of support systems and ensuring data is fully ready at the point in time (or
period requirements) when it is needed by its users. Availability
_____________________________9. The approach that starts at Grassroots effort where systems administrators attempt to improve security of
the system. Bottom-up Approach

_____________________________10. The security personnel members of the development team who act as an extension of the security team,
keeping their eyes and ears open for potential issues that require security's expertise. Champion
_____________________________11. Senior technology officer Primarily responsible for advising senior executives on strategic planning. Chief
Information Officer (CIO)
_____________________________12. Primarily responsible for assessment, management, and implementation of IS in the organization Usually
reports directly to the CIO. Chief information Security Office (CISO)

_____________________________13. A three-dimensional security model which has now become a standard security model for many of the
currently operating information systems. Committee on National Security Systems (CNSS)
_____________________________14. Roughly equivalent to privacy, these measures are designed to prevent sensitive information from
unauthorized access attempts. Confidenciality
_____________________________15. Responsible for storage, maintenance, and protection of information. Data Custodian

_____________________________16. Responsible for the security and use of a particular set of information. Data Owner
_____________________________17. The process of protecting corporate data and preventing data loss through unauthorized access, this
includes protecting your data from attacks that can encrypt or destroy data, such as ransomware, as well
as attacks that can modify or corrupt your data. Data Security
_____________________________18. The end users who work with information to perform their daily jobs supporting the mission of the
organization. Data Users

_____________________________19. The security personnel, an employee who uses the hardware and software assets of your organization in
order to perform their job duties”. End Users
_____________________________20. A cipher device developed and used in the early- to mid-20th century to protect commercial, diplomatic,
and military communication. Enigma Machine
_____________________________21. A technique used to compromise a system by using it illegally for their personal gain. Or can be a
documented process to take advantage of a vulnerability or exposure, usually in software, that is either
inherent in the software or is created by the attacker. Exploit

_____________________________22. A condition or state of being exposed. In information security, exposure exists when a vulnerability known
to an attacker is present. Exposure
_____________________________23. The physical technology that houses and executes the software, stores and transports the data, and
provides interfaces for the entry. Hardware
_____________________________24. The approaches of SDLC: Needed software created; components ordered, received, assembled, and tested
Users trained and documentation created. Implementation

_____________________________25. Protection of information systems against unauthorized access to or modification of information, whether
in storage, processing or transit, and against the denial of service to authorized users or the provision of
service to unauthorized users, including those measures necessary to detect, document, and counter such
threats.” Information Security or U.S Government’s National Information Assurance Glossary
_____________________________26. Data or information in your system is maintained so that it is not modified or deleted by unauthorized
parties. Integrity
_____________________________27. The approaches of SDLC: What problem is the system being developed to solve? Objectives, constraints
and scope of project are specified. Investigation

Week02-MEDIA-BSIT-IT308-QUIZ - Copy Page1 | 2
PREPARED BY: RIMA G. LAGOC
_____________________________28. The approaches of SDLC: Main factor is business need; applications capable of providing needed services
are selected Data support and structures capable of providing the needed inputs are identified. Logical
Design
_____________________________29. A single instance of an information asset suffering damage or unintended or unauthorized modification
or disclosure. When an organization’s information is stolen, it has suffered a loss. Loss
_____________________________30. The approaches of SDLC: Consists of tasks necessary to support and modify system for remainder of its
useful life cycle continues until the process begins again from the investigation phase. Maintenance &
Change
met
_____________________________31. A formal approach to problem-solving based on structured sequence of procedures. Methodology or SDLC
_____________________________32. The I.S component that created much of the need for increased computer and information security is
networking. Networks
_____________________________33. Often the most overlooked element of the system, probably the component that most influence the success
or failure of information systems. People

_____________________________34. The approaches of SDLC: Technologies to support the alternatives identified and evaluated design are
selected Components evaluated on make-or-buy decision. Physical Design
_____________________________35. A category of user authentication credentials based on items that the user has with them, typically a
hardware device such as a security token or a mobile phone used in conjunction with a software token.
Possession
_____________________________36. Written instructions for accomplishing a specific task, where an unauthorized user must not obtain because,
this poses a threat to the integrity of the information. Procedure

_____________________________37. The entire set of controls and safeguards, including policy, education, training and awareness, and
technology, that the organization implements to protect the asset. Protection Profile or Security Posture
(magkasama to hindi siya OR)
_____________________________38. A paper that started the study of computer security. Rand Report R-609
_____________________________39. The probability that something unwanted will happen, where organizations must minimize and is willing
to accept. Risk

_____________________________40. The security personnel that analyze and manage risk management issues by identifying, measuring, and
making decisions on operational or enterprise risks for an organization. Risk Assessment/Management
Specialists
_____________________________41. A structured process that enables the production of high-quality, low-cost software, in the shortest possible
production time. Systems Development Life Cycle (SDLC)
_____________________________42. “The quality or state of being secure—to be free from danger” Security

_____________________________43. The security personnel, a professional that spells out the rules, expectations, and overall approach that an
organization uses to maintain the confidentiality, integrity, and availability of its data. Security Policy
Developers
_____________________________44. Wide range of professionals required to support a diverse information security program. Security
Professionals
_____________________________45. Comprises applications, operating systems, and assorted command utilities. Software is perhaps the most
difficult IS component to secure. Software

_____________________________46. A computer can be either the subject of an attack—an agent entity used to conduct the attack—or the
object of an attack—the target entity. Securing Components
_____________________________47. The security personnel, a person who is responsible for the upkeep, configuration, and reliable operation
of computer systems, especially multi-user computers, such as servers. Systems Administrators
_____________________________48. Leading a team of security personnel responsible for Use of IT systems for access control, site patrolling,
emergency response, cash collection, report generating, incident investigation and all other standard
security duties. Team Leader

_____________________________49. A category of objects, persons, or other entities that presents a danger to an asset and are always present
and can be purposeful or undirected. Threat
_____________________________50. The specific instance or a component of a threat like hackers or natural calamity. Threat Agent
_____________________________51. The approach initiated by upper management Issue policy, procedures and processes Dictate goals and
expected outcomes of project. Top-down Approach

_____________________________52. A software program that helps configure, monitor or maintain a computer and its operating system.
Utility
_____________________________53. A weaknesses or fault in a system or protection mechanism that opens it to attack or damage, some
examples are a flaw in a software package, an unprotected system port, and an unlocked door.
Vulnerability
_____________________________54. A linear, sequential approach to the SDLC that is popular in software engineering and product
development. Waterfall Model

Week02-MEDIA-BSIT-IT308-QUIZ - Copy Page2 | 2
PREPARED BY: RIMA G. LAGOC