Principles 1

Question 1

-a well-informed sense of assurance that the information risks and controls are in balance.
-protection of both data and physical assets.

Answer 1

information security

Question 2

-must review the origins of this field to understanding of information security today.

Answer 2

security professionals

Question 3

-the quality or state of being secure- to be free from danger.
-a successful organization should have multiple layrs of security in place

Answer 3

security

Question 4

-the protection of physical items objects or areas from unauthorized access and misuse.

Answer 4

physical security

Question 5

-a risk management process that encourage managers to view operations from the perspective of an adversary in order to protect sensitive information from falling into the wrong hands

Answer 5

operations security

Question 6

the protection of voice and data networking components connections and content.

Answer 6

communication security

Question 7

-was standard based on confidentiality, integrity, and availability.
-now expanded into list of critical characteristics of information.

Answer 7

C.I.A triangle

Question 8

(key information security concepts)
-a subject or object’s ability to use manipulate, modify or affect another subject or object

Answer 8

access

Question 9

(key information security concepts)
-the organizational resource that is being protected

Answer 9

asset

Question 10

(key information security concepts)
-an intentional and unintentional act that can damage or otherwise compromise information in the systems that support it.

Answer 10

attack

Question 11

(key information security concepts)
-these are security mechanisms policies or procedures that can successfully counter attack reduce risk resolve vulnerabilities and otherwise imrpove securiity within an organization

Answer 11

control, safeguard or countermeasure

Question 12

(key information security concepts)
-a technique used to compromise the system

Answer 12

exploit

Question 13

(key information security concepts)
-a condition or state of being exposed,

Answer 13

exposure

Question 14

(key information security concepts)
-a single instance of information asset suffering damage or destruction unintended or unauthorized modification or disclosure or denial of use.

Answer 14

loss

Question 15

(key information security concepts)
the entire set of controls and safeguards including policy education training and awareness and technology that the organization implements to protect the asset.

Answer 15

protection profile or security posture

Question 16

(key information security concepts)
-the probability of an unwanted occurence such as an adverse event or loss

Answer 16

risk

Question 17

(key information security concepts)
-a category of objects people or other entities that represent a danger to an asset

Answer 17

threat

Question 18

(key information security concepts)
-the specific instance or a component of a threat

Answer 18

threat agent

Question 19

(key information security concepts)
-a weakness of fault in a sstem or protection mechanisms that opens it to attack or damage.

Answer 19

vulnerability

Question 20

(critical characterisitics of information)
-an attribute of information that describes how data is accessible and correctly formatted for use without interference or obstruction.

Answer 20

availability

Question 21

(critical characteristics of information)
-an attribute of information that describes how data is free of errors and has the value that the user expects.

Answer 21

accuracy

Question 22

(critical characteristics of information)
-an attribute of information that describes how data is genuine or original rather than reproduced or fabricated.

Answer 22

authenticity

Question 23

(critical characteristics of information)
-an attribute of information that describes how data is protected from disclosure or exposure to unauthorized individuas or systems

Answer 23

confidentiality

Question 24

(critical characteristics of information)
-an attribute of information that describes how data is whole complete and uncorrupted

Answer 24

integrity

Question 25

(critical characteristics of information)
-an attribute of information the describes how data has value or usefulness for an end purpose

Answer 25

utility

Question 26

(critical characteristics of information)
-an attribute of information that describes how the data’s ownership or control is legitimate or authorized

Answer 26

possession

Question 27

-a graphical representation of the architectural approach widely used in computer and information security

Answer 27

mccumber cube

Question 28

-is entire set of components necessary to use information as a resource in the organization

Answer 28

information security

Question 29

(components of an information system)
-includes applications including operating systems and assorted command

Answer 29

software

Question 30

(components of an information system)
-is a physical technology that houses and executres the softare stores and transports the data and provides interfaces for the entry and removal of information from the system

Answer 30

hardware

Question 31

(components of an information system)
-that are stored processed and transmitted by a computer system must be protected.

Answer 31

data

Question 32

(components of an information system)
-can be weakest link in an organization’s information security program unless policy education and training awareness and technology are properly employed to prevent people from a accidentally or intentionally damaging or losing information

Answer 32

people

Question 33

(components of an information system)
-are written in instructions for accomplishing a specific task

Answer 33

procedures

Question 34

(components of an information system)
-is a component created much of the need for increased computer information security even with the best planning and implementation it is impossible to obtain perfect information security.

Answer 34

networks