Topic 1 Flashcards

Question 1

Q

Any transaction online, including online banking, software services, remote service providers, or online course platforms.

Answer

A

E-commerce

Question 2

Q

Aspects of Information Needing protection

Answer

A

Availability
Confidentiality
Authentication
Non-repudiation

Question 3

Q

is the resource being protected

Question 4

Q

devices, computers, people

Answer

A

Physical assets

Question 5

Q

information, data (in transmission, storage, or processing), and intellectual property

Answer

A

Logical assets

Question 6

Q

any software, hardware, data, administrative, physical, communications, or personnel resource within an information system

Answer

A

System assets

Question 7

Q

an attack in which the attacker observes interaction with the system

Answer

A

Passive attack

Question 8

Q

an attack in which the attacker directly interacts with the system

Answer

A

Active attack

Question 9

Q

an attack where there is not a deliberate goal of misuse

Answer

A

Unintentional attack

Question 10

Q

is an instance when the system is vulnerable to attack

Question 11

Q

is a situation in which the attacker has succeeded

Answer

A

Compromise

Question 12

Q

is a recognized, action specific, generalized or theoretical that an adversary (threat actor) might be expected to take in preparation for an attack

Answer

A

Indicator

Question 13

Q

is the outcome of the attack, may cause the information system to lose effectiveness and may have other costs

Answer

A

Consequence

Question 14

Q

targets availability

Answer

A

Disruption

Question 15

Q

targets integrity

Answer

A

Corruption

Question 16

Q

targets confidentiality

Answer

A

Exploitation

Question 17

Q

is a type of consequence, involving accidental exposure of information to an agent not authorized access.

Answer

A

Inadvertent disclosure

Question 18

Q

Taxonomy of attacks with relation to security goals

Answer

A

Threat to Confidentiality
Threat to integrity
Threat to availability

Question 19

Q

Snooping
Traffic analysis

Answer

A

Threat to Confidentiality

Question 20

Q

Modification
Masquerading
Replaying
Repudiation

Answer

A

Threat to integrity

Question 21

Q

Denial of service

Answer

A

Threat to availability

Question 22

Q

information needs to be hidden from unauthorized access

Answer

A

Confidentiality

Question 23

Q

protected from unauthorized change

Answer

A

Integrity

Question 24

Q

Available to an authorized entity when it is needed

Answer

A

Availability

Question 25

Q

Characteristics of information to be useful

Answer

A

Accurate
Timely
Complete
Verifiable
Consistent
Available

Question 26

Q

timely, reliable access to data and information services for authorized users

Answer

A

Aspects of Information Needing protection
- Availability

Question 27

Q

you can only see the data but you cannot change it, protection against unauthorized modification or destruction of information

Answer

A

Aspects of Information Needing protection
- Integrity

Question 28

Q

assurance that information is not disclosed to unauthorized parties

Answer

A

Aspects of Information Needing protection
- Confidentiality

Question 29

Q

to identify and verify user’s identity , security measures to establish the validity of a transmission, message or originator

Answer

A

Aspects of Information Needing protection
- Authentication

Question 30

Q

you cannot deny the authenticity/validity of an act you committed, sender given proof of data delivery and recipient given proof of sender’s identity so that neither can deny processed data

Answer

A

Aspects of Information Needing protection
- Non-repudiation