Computer Security Midterm CH 1
usurpation
Misappropriation and misuse are attacks that result in ____________ threat consequences.
F
Security mechanisms typically do not involve more than one particular algorithm or protocol. True or False
F
The "A" in the CIA triad stands for "authenticity". True or False
data
The assets of a computer system can be categorized as hardware, software, communication lines and networks, and _______________.
T
The more critical a component or service, the higher the level of availability required. True or False
F
Threats are attacks carried out. True or False
Privacy
__________ assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.
Computer Security
. ___________________ is the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources.
vulnerability
A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy is a(n) __________.
attack
A(n) _________ is a threat that is carried out and, if successful, leads to an undesirable violation of security, or threat consequence.
countermeasure
A(n) __________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken.
countermeasure
A(n) _____________ is any means taken to deal with a security attack.
attack
An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________.
T
Computer security is essentially a battle of wits between a perpetrator who tries to find holes and the administrator who tries to close them. True or False
T
Data integrity assures that information and programs are changed only in a specified and authorized manner. True or False
inside attack
A(n) _________ is an attempt to learn or make use of information from the system that does not affect system resources.
T
Availability assures that systems works promptly and service is not denied to authorized users. True or False
high
A ________ level breach of security could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.
availability
A loss of _________ is the disruption of access to or use of information or an information system.
confidentiality
A loss of _________ is the unauthorized disclosure of information.
T
Computer security is protection of the integrity, availability, and confidentiality of information system resources. True or False
CIA triad
Confidentiality, Integrity, and Availability form what is often referred to as the _____.
FERPA (Family Educational Rights and Privacy Act)
In the United States, student grade information is an asset whose confidentiality is regulated by the __________.
System Integrity
________ assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.