Chapter 1

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Fundamental problem with ARPANET security:

A. No safety procedures for dial-up connections to ARPANET. B. Nonexistent user identification and authorization to system. C. Individual remote sites did not have sufficient controls and safeguards to protect data from unauthorized remote users. D. Vulnerability of password structure and formats E. Lack of safety procedures for dial-up connections

__________ enables authorized users - people or computer systems - to access information without interference or obstruction and to receive it in the required format

Availability

The CNSS model of information security evolved from a concept developed by the computer security industry known as the _____ triad

CIA

A(n) _______ is a group of individuals who are united by similar interests or values within an organization and who share a common goal of helping the organization to meet its objectives.

Communnity of interest

Which of the following is a valid type of role when it comes to data ownership?

Data owners Data users Data Custodians All of the above

Data ownership and their respective responsibilities:

Data owners - senior management responsible for the security and use of particular set of information Data users - Have access information and thus an information security role Data Custodians - Responsible for information on and systems that process, transmit, and store it. Data trustees: appointed by data owners to see the over management and coordinate with data custodians for its storage, protection, and use.

A technique used to compromise a system is known as a(n) ___________.

Exploit

Information has redudancy when it is free from mistakes or errors and it has the value that the end user expects.

False

The possession of information is the quality or state of having value for some purpose or end.

False

The role of the project manager- typically an executive such as a chief information officer (CIO) or the vice president of information technology (VP-IT) -- in this effort cannot be overstated.

False

Using a methodology will usually have no effect on the probability of success.

False

The community of interest made up of IT managers and skilled professionals in systems design, programming, networks, and other related disciplines is called ______.

Information Technology Management and Professionals, yes

Information has ____ integrity when it is whole, complete, and uncorrupted.

Integrity

During the early years, information security was a straightforward process composed predominantly of _____security and simple document classification schemes.

Physical

The _______ of information is the quality or state of ownership or control of some object or item.

Possession

An information system is the entire set of __________, people, procedures, and networks that enable the use of information resources in the organization.

Software, data, hardware, people, procedures, and network that enable the use of information resources in the organization

People with the primary responsibility for administering the systems that house the information used by the organization perform the role of ________

System administrators

Describe the multiple types of security systems present in many organizations.

There are many types of security: physical security - items and physical asset such as server, and etc... personal security - policy regarding user privilege operations security - protect details of security communications security - social media, media, and content, etc... and network security - networking components

A breach of possession may not always result in a breach of confidentiality

True

A(n) project team should consist of a number of individuals who are experienced in one or multiple facets of the technical and nontechnical areas. _______

True

Confidentiality ensures that only those with the rights and privileges to access information are able to do so.

True

During the early years of computing, the primary threats to security were physical theft of equipment, espionage against the products of the systems, and sabotage.

True

Hardware is often the most valuable asset possessed by an organization and it is the main target of intentional attacks.

True

Hardware is the physical technology that houses and executes the software, stores and transports the data, and provides interfaces for the entry and removal of information from the system. _______

True

Of the two approaches to information security implementation, the top-down approach has a higher probability of success. _______

True

To achieve balance - that is, to operate an information system that satisfies the user and the security professional - the security level must allow reasonable access, yet protect against threats.

True

When unauthorized individuals or systems can view information, confidentiality is breached. _______

True

The famous study entitled " Protection Analysis: Final Report" focused on project undertaken by ARPA to understand and detect ______ in operating systems security.

Vulnerabilities

The senior technology officer is typically the chief ____________________ officer.

information

The protection of the confidentiality, integrity, and availability of information assets, whether in storage, processing, or transmission, via the application of policy, education, training and awareness, and technology is known as ___________.

information security

Which of the following was not an identified fundamental problem with ARPANET security?

phone numbers for access were closely held and distributed on a need-to-know basis

The ______________ of information is the quality or state of ownership or control of some object or item.

possession

The probability of an unwanted occurrence, such as an adverse event or loss, is known as a(n)

risk

The _____ component of an information system comprises applications, operating systems ,, and assorted command utilities

software

A potential weakness in an asset or its defensive control system(s) is known as a(n) ​_________.

vulnerability


Ensembles d'études connexes

Lab 11 Connect- the spinal cord and spinal nerves

View Set

Neurodevelopmental Disorders in Children

View Set

heart- cardiac conduction system/ purkinje system

View Set

supply chain exam 2 chapter 3 test

View Set

Algebra and Equation Solving module (videos 15-26)

View Set

Cognitive Psychology: The Acquisition of Memories and the Working-Memory System

View Set

Ch 9 Domestic U.S. and Global Logistics

View Set

Endocrine NCLEX Practice Questions

View Set