cyber quiz 1

Ace your homework & exams now with Quizwiz!

3 fundamental problems with ARPANET security

- vulnerability of password structure and formats - lack of safety procedures for dial up connections - nonexistent user identification and authorizations

an information system is the entire set of _______, people, procedures, and networks that enable the use of information resources in the organization

-software -hardware -data

______ is a network project that proceeded the internet

ARPANET

the ____ is the individual primarily responsible for the assessment, management, and implementation of information security in the organization

CISO

in 1993, the first _____ conference was held in Las Vegas. Originally, it was established as a gathering for people interested in information security, including authors, lawyers, government employee, and law enforcement officials

DEFCON

Using a methodology will usually have no effect on the probability of success.

False

Hardware is often the most valuable asset possessed by an organization and it is the main target of intentional attacks.

False, its the people

The community of interest made up of IT managers and skilled professionals in systems design, programming, networks, and other related disciplines is called _____

Information technology management and professionals

_____ was the first operating system to integrate security as one of its core functions

MULTICS

_____ has become a widely accepted evaluation standard for training and education related to the security of information systems and is hosted by CNSS

NSTISSI No. 4011

A breach of possession may not always result in a breach of confidentiality.

True

A subject or object's ability to use, manipulate, modify, or affect another subject or object is known as ___________.

access

_____ of information is the quality or state of being genuine or original

authenticity

_____ enables authorized users-people or computer systems to access information without interference or obstruction and to receive it in the required format

availability

During the ____________________ War, many mainframes were brought online to accomplish more complex and sophisticated tasks so it became necessary to enable the mainframes to communicate via a less cumbersome process than mailing magnetic tapes between computer centers.

cold

a _____ is a group of individuals who are united by similar interests or values within an organization and who share a common goal of helping the organization to meet its objectives

community of interest

in an organization, the value of ____ of information is especially high when it involves personal information about employees, customers, or patients

confidentiality

The Internet brought ____________________ to virtually all computers that could reach a phone line or an Internet-connected local area network.

connectivity

a _____ works directly with data owners and is responsible for the storage, maintenance, and protection of the infromation

data custodian

A server would experience a(n) __________ attack when a hacker compromises it to acquire information via a remote location using a network connection.

direct

a technique to compromise a system is known as a

exploit

the role of the project manager--typically an executive such as a chief information officer or the vice president of information technology--in this effort cannot be overstated

false

information security can be an absolute

false (idk what this means)

The possession of information is the quality or state of having value for some purpose or end.

false - its utility

Information has redundancy when it is free from mistakes or errors and it has the value that the user expects

false, its accuracy

the history of information security begins with the concept of communications security

false, its computer security

A(n) hardware system is the entire set of people, procedures, and technology that enable business to use information.

false, its information system

E-mail spoofing involves sending an e-mail message with a harmful attachment.

false, spoofing is impersonating

A champion is a project manager, who may be a departmental line manager or staff unit manager, and has expertise in project management and information security technical requirements.

false, team leader is

when a computer is the subject of an attack, it is the entity being attacked

false, thats the object

The bottom-up approach to information security has a higher probability of success than the top-down approach

false, top down is better

In file hashing, a file is read by a special algorithm that uses the value of the bits in the file to compute a single number called the __________ value.

hash

the senior technology officer is typically the chief ____ officer

information

The protection of the confidentiality, integrity, and availability of information assets, whether in storage, processing, or transmission, via the application of policy, education, training and awareness, and technology is known as ___________.

information security

Information has ____________________ when it is whole, complete, and uncorrupted.

integrity

individuals who control, and therefore ultimately responsible for, the security and use of a particular set of information are known as data ____

owners

____ security addresses the issues necessary to protect the tangible items, objects, or areas of an organization from unauthorized access and misuse

physical

during the early years, information security was a straightforward process composed predominantly of _____ security and simple document classification schemes

physical

The protection of tangible items, objects, or areas from unauthorized access and misuse is known as ___________.

physical security

the ______ of information is the quality or state of ownership or control of some object or item

possession

Software is often created under the constraints of ________ management, placing limits on time, cost, and manpower.

project

a(n) ____ should consist of a number of individuals who are experienced in one or multiple facets of the technical and nontechnical areas

project team

the probability of an unwanted occurrence, such as an advent event or loss, is known as a

risk

a computer is the ______ of an attack when it is used to conduct an attack against another computer

subject

People with the primary responsibility for administering the systems that house the information used by the organization perform the ____ role.

system administrators

Any event or circumstance that has the potential to adversely affect operations and assets is known as a(n) __________.

threat

Hardware is the physical technology that houses and executes the software, stores and transports the data, and provides interfaces for the entry and removal of information from the system.

true

RAND Report R-609 was the first widely recognized published document to identify the role of management and policy issues in computer security. ______

true

a project team should consist of a number of individuals who are experienced in one or multiple facets of the technical and non-technical areas

true

during the early years of computing, the primary threats to security were physical theft of equipment, espionage against the products of the systems, and sabotage

true

every organization, whether public or private and regardless of size, has the information it wants to protect

true

the roles of information security professionals focus on protecting the organizations information systems and stored information from attacks

true

the value of information comes from the characteristic it possesses

true

to achieve balance-that is, to operate an information system that satisfies the user and the security professional-the security level must allow reasonable access, yet protect against threats

true

when unauthorized individuals or systems can view information, confidentiality is breached

true

individuals who are assigned the task of managing a particular set of information and coordinating its protection, storage, and use are known as data ____

trustees - its sounds like custodians but its the key word was a particular set of info

the famous study entitled "protection analysis: final report" focused on a project undertaken by ARPA to understand and detect _____ in operating systems security

vulnerabilites

a potential weakness in an asset or its defensive control system is known as a

vulnerability


Related study sets

Ninth Grade Literature EOCT Review

View Set

Insurance-Based Products - Unit 15

View Set

Personal Finance Final: Major Purchases (Ch. 8, 9)

View Set

Evaluation of Transportation Modes - Chapter 7

View Set

Chapter 10 - Sales and Operations Planning (Aggregate Planning)

View Set