Module 1

Question 1

Confidentiality

Answer 1

Relates to permitting authorized access to information, while at the same time protecting information from improper disclosure.

Question 2

Integrity

Answer 2

Integrity is the property of information whereby it is recorded, used and maintained in a way that ensures its completeness, accuracy, internal consistency and usefulness for a stated purpose.

Question 3

Availability

Answer 3

Availability means that systems and data are accessible at the time users need them.

Question 4

Personally Identifiable information ( PII)

Answer 4

1) any information that can be used to distinguish or trace an idividual’s identity, such as a name, Social Security Number, date and place of birth , mother’s maiden name, or biometric records;
2) any other information that is linked or linkable to an individual, such as medical, educational, financial and employment information.

Question 5

Protected Health Information

Answer 5

Information regarding health status, the provision of healthcare or payment for healthcare as defined in HIPPA ( Health Insurance Portability and Accountability Act).

Question 6

Classified or sensitive information

Answer 6

Information that has been determined to require protection against unauthorized disclosure and is marked to indicate its classified status and classification level when in documentary form.

Question 7

Sensitivity

Answer 7

A measure of the importance assigned to information by its owner, for the purpose of denoting its need for protection.

Question 8

Data Integrity

Answer 8

The property that data has not been altered in an unauthorized manner. Data integrity covers data in storage, during processing and while in transit.

Question 9

System Integrity

Answer 9

The quality that a system has when it performs its intended function in an unimpaired manner, free from unauthorized manipulation of the system , whether intentional or accidental.

Question 10

State

Answer 10

The condition an entity is in at a point in time.

Question 11

A baseline

Answer 11

A documented, lowest level of security configuration allowed by a standard or organization.

Question 12

Criticality

Answer 12

A measure of the degree to which an organization depends on the information or information system for the success of a mission or of business function.

Question 13

Authentication

Answer 13

Access control process validating that the identity being claimed by a user or entity is known to the system, by comparing one( single-factor or SFA) or more ( multi-factor authentication or MFA) factors of identification.

Question 14

Token

Answer 14

A physical object a user possesses and controls that is used to authenticate the user’s identity.

Question 15

Biometrics

Answer 15

Biological characteristics of an individual, such as a fingerprint, hand geometry, voice, or iris patterns.

Question 16

Single-factor authentication (SFA)

Answer 16

Use of just one of the three available factors( something you know, something you have, something you are) to carry out the authentication process being required.

Question 17

Multi-factor authentication (MFA)

Answer 17

Using two or more distinct instances of the three factors of authentication ( something you know, something you have, something you are) for identity verification.

Question 18

Knowledge-based authentication

Answer 18

Uses a pass phrase or secret code to differentiate between an authorized and unauthorized user.

Question 19

Non-repudiation

Answer 19

The inability to deny taking an action such as creating information, approving information and sending or receiving a message.

Question 20

Privacy

Answer 20

The right of an individual to control the distribution of information about themselves.

Question 21

General Data Protection Regulation (GDPR)

Answer 21

In 2016, the European Union passed comprehensive legislation that addresses personal privacy, deeming it and individual human right.