Quiz 1 CYB 155

Ace your homework & exams now with Quizwiz!

_________ is a network project that preceded the Internet.

ARPANET

An information system is the entire set of __________, people, procedures, and networks that enable the use of information resources in the organization.

All of the above

Which of the following is a valid type of role when it comes to data ownership?

All of the above

An organizational resource that is being protected is sometimes logical, such as a Web site, software information, or data. Sometimes the resource is physical, such as a person, computer system, hardware, or other tangible object. Either way, the resource is known as a(n) ___________.

Asset

__________ of information is the quality or state of being genuine or original.

Authenticity

The ____ is the individual primarily responsible for the assessment, management, and implementation of information security in the organization.

CISO

The protection of all communications media, technology, and content is known as ___________.

Communication Security

An emerging methodology to integrate the effort of the development team and the operations team to improve the functionality and security of applications is known as __________.

DevOps

A server would experience a(n) __________ attack when a hacker compromises it to acquire information via a remote location using a network connection.

Direct

A technique used to compromise a system is known as a(n)

Exploit

A champion is a project manager, who may be a departmental line manager or staff unit manager, and has expertise in project management and information security technical requirements.

False

A(n) hardware system is the entire set of people, procedures, and technology that enable business to use information.

False

Information security can be an absolute.

False

The bottom-up approach to information security has a higher probability of success than the top-down approach.

False

The implementation phase is the longest and most expensive phase of the systems development life cycle (SDLC).

False

The possession of information is the quality or state of having value for some purpose or end.

False

The water-ski model is a type of SDLC in which each phase of the process flows from the information gained in the previous phase, with multiple opportunities to return to previous phases and make adjustments.

False

In file hashing, a file is read by a special algorithm that uses the value of the bits in the file to compute a single number called the __________ value.

Hash value

The protection of the confidentiality, integrity, and availability of information assets, whether in storage, processing, or transmission, via the application of policy, education, training and awareness, and technology is known as ___________.

Information Security

was the first operating system to integrate security as one of its core functions.

MULTICS

__________ security addresses the issues necessary to protect the tangible items, objects, or areas of an organization from unauthorized access and misuse.

Physical

During the __________ phase, specific technologies are selected to support the alternatives identified and evaluated in the prior phases.

Physical Design

The protection of tangible items, objects, or areas from unauthorized access and misuse is known as ___________.

Physical Security

People with the primary responsibility for administering the systems that house the information used by the organization perform the role of ____.

System Administrators

A breach of possession may not always result in a breach of confidentiality.

True

During the early years of computing, the primary threats to security were physical theft of equipment, espionage against the products of the systems, and sabotage.

True

Of the two approaches to information security implementation, the top-down approach has a higher probability of success.

True

To achieve balance—that is, to operate an information system that satisfies the user and the security professional—the security level must allow reasonable access, yet protect against threats.

True

When unauthorized individuals or systems can view information, confidentiality is breached. _________________________

True

A subject or object's ability to use, manipulate, modify, or affect another subject or object is known as ___________.

access

Hardware is often the most valuable asset possessed by an organization, and it is the main target of intentional attacks.

false

SecOps focuses on integrating the need for the development team to provide iterative andrapid improvements to system functionality and the need for the operations team to improvesecurity and minimize the disruption from software release cycles.

false

The Analysis phase of the SDLC examines the event or plan that initiates the process and specifies the objectives, constraints, and scope of the project. _________________________

false

A data custodian works directly with data owners and is responsible for the storage, maintenance, and protection of the information.

true

Confidentiality ensures that only those with the rights and privileges to access information are able to do so. _________________________

true

In the physical design phase, specific technologies are selected.

true

Information security can begin as a grassroots effort in which systems administrators attempt to improve the security of their systems, often referred to as the bottom-up approach.

true

The value of information comes from the characteristics it possesses.

true

A type of SDLC in which each phase has results that flow into the next phase is called the __________ model.

waterfall


Related study sets

Chapter 1 Network Defense Fundamentals

View Set

Marketing Chapter 3 - Environment

View Set

Ch. 6 - Food and Drug Administration (FDA)

View Set

Understanding Business Chapter 9

View Set

WH- chapter 7- Crisis and Absolutism in Europe

View Set

Main Idea, supporting details, and objective summary

View Set

Autonomic Nervous System Chapter 3

View Set