Comptia

Question 1

-refers to the protection of availale information or information resources from authorized access, attack, theft, or data damage.

Answer 1

Information Security

Question 2

(three primary goals or functions involved in the practice of info. security)
-personal information, company information, and information about intellectual propery must be protected. If there is a breach in security in any of these area, then the organization may have put a lot of effort into recovering losses.

Answer 2

prevention

Question 3

(three primary goals or functions involved in the practice of info. security)
-occurs when a user is discovered trying to access unauthorized data or after infomration has been lost. It can be accomplished by investigating individuals or by scanning the data and networks for any traces left by the intruder in any attck against the system.

Answer 3

detection

Question 4

(three primary goals or functions involved in the practice of info. security)
-when there is a disaster or an intrusion by unauthorized users, system data can become compromised or damaged. It is in these cases that you need to employ a process to recover vital data from a crashed system or data storage devices,
-can also pertian to physical resources.

Answer 4

recovery

Question 5

(assets)
-these are physical items, such as buildings, furniture, computer equipment, software licenses, machinery, inventory(stock), and so on.

Answer 5

tangible assets

Question 6

(assets)
-these are mostly information resources, including Intellectual property (IP), accounting information, plans and designs, and so on. these assets also include things like a company’s reputation.

Answer 6

intangible assets

Question 7

(assets)
-it is a commonplace to describe an organization’s staff (sometimes described as “human capital”) as its most important asset.

Answer 7

employees

Question 8

(assets)
-is the price that could be obtained if the asset were to be offered for sale (or cost if the asset must be replaced).

Answer 8

market value

Question 9

must also be valued according to the liabilities that the loss or damage of this would create

Answer 9

asset

Question 10

(assets)
-this refers to an organization’s ability to recover from incidents (any malicious or accidental breach of security polic is an incident).

Answer 10

business continuity

Question 11

(assets)
-these are responsibilities in civil and criminal law. Security incident could make an organization liable to prosecution (criminal law) or for damages (civil law). An organization may also be liable to professional standards, codes, and regulations.

Answer 11

legal

Question 12

-product development, production, fulfilment, and maintenance.
-customer contact information
-financial operations and controls (coolection and payment of debts, payroll, tax, financial reporting)
-legal obligations to maintain accurate records for a given period.
-contractual obligations to third parties (service level agreements).

Answer 12

data assets

Question 13

-may be transferred in the mail, by fax, by telephone, or over a computer network (by file transfer, email, text messaging, or website).
-also can be transferred in conversation.

Answer 13

data

Question 14

is processed by being loaded into computer computer memory and manipulated by software programs

Answer 14

computer data

Question 15

(CIA triad)
-means that certain infromation should only be known to certain people.

Answer 15

Confidentiality

Question 16

(CIA triad)
-means that the data is stored and transferred as intended and that any modification is authorized.

Answer 16

integrity

Question 17

(CIA triad)
-means that information is accessible to those authorized to view or modify it

Answer 17

Availability