Chapter 1: What is Information Security? Flashcards

1
Q

protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction

A

Information Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

our ability to protect our data from those who are not authorized to view it.

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

can be compromised by the loss of a laptop containing data, a person looking over our shoulder while we type a password, and email attachment being sent to the wrong person and the like

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

the ability to prevent our data from being changed in an unauthorized or undesirable manner.

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

can be compromised by the unauthorized change or deletion of our data or portions of our data etc.

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

refers to the ability to access our data when we need it.

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A more complex system for the CIA triad

A

Parkerian Hexad

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

refers to the physical disposition of the media on which the data is stored.

A

Possession or Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

enables without involving other factors such as availability to discuss our loss of the data in its physical medium

A

Possession or Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

allow us to talk about the proper attribution as to the owner or creator of the data in question.

A

Authenticity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

reverse concept to authenticity

A

Nonrepudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

refers to how useful the data is to us

A

Utility

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

attacks that allow unauthorized users to access our data, applications, or environments.

A

Interception

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

attack against confidentiality

A

Interception

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

attacks cause our assets to become unusable or unavailable for our use, on a temporary or permanent basis.

A

Interruption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

can often affect availability but can be attack on integrity as well

A

Interruption

17
Q

involves tampering with our asset

A

Modification

18
Q

often seen as an attack on integrity but also could be an attack on availability

A

Modification

19
Q

involves generating data, processes, communications, or other similar activities with a system

A

Fabrication

20
Q

often attacks integrity but could be considered an attack on availability

A

Fabrication

21
Q

when the value of the asset being threatened is considered to be a factor

A

Impact

22
Q

controls that protect the physical environment

A

Physical Controls

23
Q

protects the system, networks and environment

A

Logical and Technical controls

24
Q

based on rules, laws, policies, procedures etc.

A

Administrative Controls

25
Q

Confidentiality is affected by __

A

interception

26
Q

Integrity is affected by __

A

Interruption, Modification and fabrication

27
Q

availability is affected by __

A

Interruption, modification and fabrication

28
Q

One of the first and maybe the most important part of the risk management process

A

Identify Assets

29
Q

step after our assets are pointed out

A

Identify threats

30
Q

used in conjunction with the knowledge of potential threats

A

assess vulnerability

31
Q

found by using the knowledge of the threats and vulnerability

A

assess risk

32
Q

the use of controls to account for threats

A

mitigating risk

33
Q

the reaction to when risk management fails

A

Incident Response

34
Q

done in advance of an incident

A

Preparation

35
Q

where the action takes place in the incident response

A

Detection and analysis

36
Q

where most of the work to solve the incident takes place

A

containment, eradication, and recovery

37
Q

determine what happened, and what we can do to fix

A

Post Incident Activity