Security Operations and Administration

Question 1

Limits are placed on who is allowed to view information, including copying it to another form.

Answer 1

Confidentiality

Question 2

The information stays complete and correct when retrieved, displayed, or acted upon.

Answer 2

Integrity

Question 3

The information is presented to the user in a timely manner when required and in a form and format that meets the user’s needs.

Answer 3

Availability

Question 4

Only previously approved, known, and trusted users or processes have been able to create, modify, move or copy the information.

Answer 4

Authenticity

Question 5

The content of the information, its form and content, and its presentation or delivery to the user meets the user’s needs.

Answer 5

Utility

Question 6

The information is legally owned or held by a known, authorized user, such that the user has authority to exert control over its use, access, modification, or movement.

Answer 6

Possession or Control

Question 7

The System and its information, by design, do not cause unauthorized harm or damage to others, their property, or their lives

Answer 7

Safety

Question 8

Information that attests to or relates to the identity of a person, or links specific activities to that identity, must be protected from being accessed, viewed, copied, modified, or otherwise used by unauthorized persons or systems.

Answer 8

Privacy

Question 9

User who created, used, viewed, or accessed the information, or shared it with others, cannot later deny that they did so.

Answer 9

Nonrepudiation

Question 10

The information can be reviewed, audited, and made visible or shared with competent authorities for regulatory, legal, or other processes that server the public good.

Answer 10

Transparency

Question 11

Confidentiality, Integrity, and availability

Answer 11

CIA Triad

Question 12

Confidentiality, integrity, availability, nonrepudiation, and authentication

Answer 12

CIANA

Question 13

Confidentiality, integrity, availability, nonrepudiation, authentication, privacy, and security

Answer 13

CIANA+PS

Question 14

Confidentiality, integrity, availability, authenticity, utility, and possession or control

Answer 14

Parkerian Hexad

Question 15

Information that you have, own, or create, and that you share with someone else with the agreement that they cannot share that knowledge with anyone else without your consent or without due process of law.

Answer 15

Privileged Information

Question 16

Any person or any group of people who could learn something from our confidential information and then use that new knowledge in ways that would thwart our plans to attain our objectives or cause us other harm

Answer 16

Unauthorized People

Question 17

Information and Processes must be complete, correct, function together correctly, and do so in reliable, repeatable, and deterministic ways for the overall system.

Answer 17

Integrity

Question 18

Consists of the individual facts, observations, or elements of a measurement, such as a person’s name or their residential address.

Answer 18

Data

Question 19

Process data in various ways; Is the conclusion or inferences from data

Answer 19

Information

Question 20

General conclusions or principles that you’ve derived from lots of information

Answer 20

Knowledge

Question 21

Insightful application of knowledge

Answer 21

Wisdom

Question 22

Information that is used to identify, locate, or contact a specific person

Answer 22

PII or Personal Identifiable Information

Question 23

Information regarding that person that has not been made public and is not required to be made public

Answer 23

Nonpublished Personal Information

Question 24

Design and operational principle requires that any given system element has the minimum level of authority and decision-making capability that the specifically assigned task requires, and no more

Answer 24

Least Privilege