Chapter 1
An example of _______ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user.
Masquerade
_________ assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed
Privacy
Availability assures that systems works promptly and service is not denied to authorized users.
True
Computer security is protection of the integrity, availability, and confidentiality of information system resources
True
Data integrity assures that information and programs are changed only in a specified and authorized users
True
In the context of security our concern is with the vulnerabilities of systems resources
True
Many security administrators view strong security as an impediment to efficient and user-friendly operation of an information system.
True
The first step in devising security services and mechanisms is to develop a security policy.
True
The more critical a component or services, the higher the level of availability required
True
computer security is essentially a battle of wits between a perpetrator who tries to find holes and the administrator who tries to close them
True
A loss of _________ is the unauthorized disclosure of information.
confidentiality
The assurance that data received are exactly as sent by an authorized entity is __________.
data integrity
A threat action in which sensitive data are directly released to an unauthorized entity is _______
exposure
A(n) _______ is an attempt to learn or make use of information from the system that does not affect system resources
passive attack
A ____________ is any action that compromises the security of information owned by an organization
security attack
A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy is a(n) __________.
valnerability
An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________.
Attack
A(n) ________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken.
Countermeasures
Security mechanisms typically do not involve more than one particular algorithm or protocol.
False
Threats are attacks carried out.
False