Chapter 1: What is Information Security?

Question 1

protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction

Answer 1

Information Security

Question 2

our ability to protect our data from those who are not authorized to view it.

Answer 2

Confidentiality

Question 3

can be compromised by the loss of a laptop containing data, a person looking over our shoulder while we type a password, and email attachment being sent to the wrong person and the like

Answer 3

Confidentiality

Question 4

the ability to prevent our data from being changed in an unauthorized or undesirable manner.

Answer 4

Integrity

Question 5

can be compromised by the unauthorized change or deletion of our data or portions of our data etc.

Answer 5

Integrity

Question 6

refers to the ability to access our data when we need it.

Answer 6

Availability

Question 7

A more complex system for the CIA triad

Answer 7

Parkerian Hexad

Question 8

refers to the physical disposition of the media on which the data is stored.

Answer 8

Possession or Control

Question 9

enables without involving other factors such as availability to discuss our loss of the data in its physical medium

Answer 9

Possession or Control

Question 10

allow us to talk about the proper attribution as to the owner or creator of the data in question.

Answer 10

Authenticity

Question 11

reverse concept to authenticity

Answer 11

Nonrepudiation

Question 12

refers to how useful the data is to us

Answer 12

Utility

Question 13

attacks that allow unauthorized users to access our data, applications, or environments.

Answer 13

Interception

Question 14

attack against confidentiality

Answer 14

Interception

Question 15

attacks cause our assets to become unusable or unavailable for our use, on a temporary or permanent basis.

Answer 15

Interruption

Question 16

can often affect availability but can be attack on integrity as well

Answer 16

Interruption

Question 17

involves tampering with our asset

Answer 17

Modification

Question 18

often seen as an attack on integrity but also could be an attack on availability

Answer 18

Modification

Question 19

involves generating data, processes, communications, or other similar activities with a system

Answer 19

Fabrication

Question 20

often attacks integrity but could be considered an attack on availability

Answer 20

Fabrication

Question 21

when the value of the asset being threatened is considered to be a factor

Answer 21

Impact

Question 22

controls that protect the physical environment

Answer 22

Physical Controls

Question 23

protects the system, networks and environment

Answer 23

Logical and Technical controls

Question 24

based on rules, laws, policies, procedures etc.

Answer 24

Administrative Controls

Question 25

Confidentiality is affected by __

Answer 25

interception

Question 26

Integrity is affected by __

Answer 26

Interruption, Modification and fabrication

Question 27

availability is affected by __

Answer 27

Interruption, modification and fabrication

Question 28

One of the first and maybe the most important part of the risk management process

Answer 28

Identify Assets

Question 29

step after our assets are pointed out

Answer 29

Identify threats

Question 30

used in conjunction with the knowledge of potential threats

Answer 30

assess vulnerability

Question 31

found by using the knowledge of the threats and vulnerability

Answer 31

assess risk

Question 32

the use of controls to account for threats

Answer 32

mitigating risk

Question 33

the reaction to when risk management fails

Answer 33

Incident Response

Question 34

done in advance of an incident

Answer 34

Preparation

Question 35

where the action takes place in the incident response

Answer 35

Detection and analysis

Question 36

where most of the work to solve the incident takes place

Answer 36

containment, eradication, and recovery

Question 37

determine what happened, and what we can do to fix

Answer 37

Post Incident Activity