Chapter 1

An example of _______ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user.

Masquerade

_________ assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed

Privacy

Availability assures that systems works promptly and service is not denied to authorized users.

True

Computer security is protection of the integrity, availability, and confidentiality of information system resources

True

Data integrity assures that information and programs are changed only in a specified and authorized users

True

In the context of security our concern is with the vulnerabilities of systems resources

True

Many security administrators view strong security as an impediment to efficient and user-friendly operation of an information system.

True

The first step in devising security services and mechanisms is to develop a security policy.

True

The more critical a component or services, the higher the level of availability required

True

computer security is essentially a battle of wits between a perpetrator who tries to find holes and the administrator who tries to close them

True

A loss of _________ is the unauthorized disclosure of information.

confidentiality

The assurance that data received are exactly as sent by an authorized entity is __________.

data integrity

A threat action in which sensitive data are directly released to an unauthorized entity is _______

exposure

A(n) _______ is an attempt to learn or make use of information from the system that does not affect system resources

passive attack

A ____________ is any action that compromises the security of information owned by an organization

security attack

A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy is a(n) __________.

valnerability

An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________.

Attack

A(n) ________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken.

Countermeasures

Security mechanisms typically do not involve more than one particular algorithm or protocol.

False

Threats are attacks carried out.

False