Ch1 Quiz Flashcards
When a company chooses to ignore a risk and proceed with a risky activity, which treatment is being applied by default?
A. Mitigation
B. Avoidance
C. Acceptance
D. Transference
C. Acceptance
This can protect information in a file cabinet from being viewed by unauthorized persons (confidentiality) as well as keeping any documents from being modified (integrity).
Door Lock
This one is abstract but could be linked to availability, because the sooner it works, the more data remains available.
Fire Extinguisher
This can provide confidentiality by protecting data from unauthorized access and integrity from unauthorized changes. It could even be stretched to provide availability if shared emergency access to information is needed by more than one person.
Password Policy
This is usually associated with integrity, to protect files from tampering or to provide non-repudiation. It is also commonly used to protect data in transit from prying eyes, so it could be aiding confidentiality as well.
Encryption
This protects availability by ensuring continued access to systems during a power outage.
Generator
This would most generally be associated with confidentiality and identity management, but could be argued for all three, the same as a password policy.
Biometrics