Introduction and Identity

Question 1

What is the order of steps in the secure system development cycle?

Answer 1

Scope, Threat Analysis, Requirements Analysis, Specification, Implementation, Installation, Management and Audit

Question 2

What is an asset?

Answer 2

Assets are the elements of a system that one might wish to protect

Question 3

What is a safeguard?

Answer 3

A safeguard is a mechanism or procedure used to protect against threats

Question 4

What are the requirements to prove identity?

Answer 4

Validity, sufficient supporting evidence to confirm that a person of that name exists, and verification, can you establish whether that evidence belongs to this person

Question 5

How do you test validity?

Answer 5

Access data and examine the history and quality of the data

Question 6

How do you test verification?

Answer 6

Verify that only the genuine subject would know the data

Question 7

What are the three aspects to privacy?

Answer 7

Anonymity, Pseudonymity, and Unlinkability

Question 8

What is Anonymity?

Answer 8

No party will learn any of the identities of the user

Question 9

What is Pseudonymity?

Answer 9

A lesser form of anonymity where the user reveals a special identity to act as a pseudonym. Pseudonyms are usually short lived

Question 10

What is Unlinkability?

Answer 10

Two pseudonyms are unlinkable if a third party cannot tell whether they belong to the same user or not

Question 11

How do you identify yourself?

Answer 11

A user identifies themselves to a trusted body and are given an identifier to use to authenticate themselves

Question 12

What is Access Control?

Answer 12

A generic term used for the processes by which a computer system controls the interactions between users and system resources