Topic 1 Flashcards

1
Q

Any transaction online, including online banking, software services, remote service providers, or online course platforms.

A

E-commerce

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Aspects of Information Needing protection

A

Availability
Confidentiality
Authentication
Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

is the resource being protected

A

Assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

devices, computers, people

A

Physical assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

information, data (in transmission, storage, or processing), and intellectual property

A

Logical assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

any software, hardware, data, administrative, physical, communications, or personnel resource within an information system

A

System assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

an attack in which the attacker observes interaction with the system

A

Passive attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

an attack in which the attacker directly interacts with the system

A

Active attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

an attack where there is not a deliberate goal of misuse

A

Unintentional attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

is an instance when the system is vulnerable to attack

A

Exposure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

is a situation in which the attacker has succeeded

A

Compromise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

is a recognized, action specific, generalized or theoretical that an adversary (threat actor) might be expected to take in preparation for an attack

A

Indicator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

is the outcome of the attack, may cause the information system to lose effectiveness and may have other costs

A

Consequence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

targets availability

A

Disruption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

targets integrity

A

Corruption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

targets confidentiality

A

Exploitation

17
Q

is a type of consequence, involving accidental exposure of information to an agent not authorized access.

A

Inadvertent disclosure

18
Q

Taxonomy of attacks with relation to security goals

A

Threat to Confidentiality
Threat to integrity
Threat to availability

19
Q

Snooping
Traffic analysis

A

Threat to Confidentiality

20
Q

Modification
Masquerading
Replaying
Repudiation

A

Threat to integrity

21
Q

Denial of service

A

Threat to availability

22
Q

information needs to be hidden from unauthorized access

A

Confidentiality

23
Q

protected from unauthorized change

24
Q

Available to an authorized entity when it is needed

A

Availability

25
Characteristics of information to be useful
Accurate Timely Complete Verifiable Consistent Available
26
timely, reliable access to data and information services for authorized users
Aspects of Information Needing protection - Availability
27
you can only see the data but you cannot change it, protection against unauthorized modification or destruction of information
Aspects of Information Needing protection - Integrity
28
assurance that information is not disclosed to unauthorized parties
Aspects of Information Needing protection - Confidentiality
29
to identify and verify user’s identity , security measures to establish the validity of a transmission, message or originator
Aspects of Information Needing protection - Authentication
30
you cannot deny the authenticity/validity of an act you committed, sender given proof of data delivery and recipient given proof of sender’s identity so that neither can deny processed data
Aspects of Information Needing protection - Non-repudiation