Topic 1 Flashcards

1
Q

Any transaction online, including online banking, software services, remote service providers, or online course platforms.

A

E-commerce

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Aspects of Information Needing protection

A

Availability
Confidentiality
Authentication
Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

is the resource being protected

A

Assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

devices, computers, people

A

Physical assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

information, data (in transmission, storage, or processing), and intellectual property

A

Logical assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

any software, hardware, data, administrative, physical, communications, or personnel resource within an information system

A

System assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

an attack in which the attacker observes interaction with the system

A

Passive attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

an attack in which the attacker directly interacts with the system

A

Active attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

an attack where there is not a deliberate goal of misuse

A

Unintentional attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

is an instance when the system is vulnerable to attack

A

Exposure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

is a situation in which the attacker has succeeded

A

Compromise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

is a recognized, action specific, generalized or theoretical that an adversary (threat actor) might be expected to take in preparation for an attack

A

Indicator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

is the outcome of the attack, may cause the information system to lose effectiveness and may have other costs

A

Consequence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

targets availability

A

Disruption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

targets integrity

A

Corruption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

targets confidentiality

A

Exploitation

17
Q

is a type of consequence, involving accidental exposure of information to an agent not authorized access.

A

Inadvertent disclosure

18
Q

Taxonomy of attacks with relation to security goals

A

Threat to Confidentiality
Threat to integrity
Threat to availability

19
Q

Snooping
Traffic analysis

A

Threat to Confidentiality

20
Q

Modification
Masquerading
Replaying
Repudiation

A

Threat to integrity

21
Q

Denial of service

A

Threat to availability

22
Q

information needs to be hidden from unauthorized access

A

Confidentiality

23
Q

protected from unauthorized change

24
Q

Available to an authorized entity when it is needed

A

Availability

25
Q

Characteristics of information to be useful

A

Accurate
Timely
Complete
Verifiable
Consistent
Available

26
Q

timely, reliable access to data and information services for authorized users

A

Aspects of Information Needing protection
- Availability

27
Q

you can only see the data but you cannot change it, protection against unauthorized modification or destruction of information

A

Aspects of Information Needing protection
- Integrity

28
Q

assurance that information is not disclosed to unauthorized parties

A

Aspects of Information Needing protection
- Confidentiality

29
Q

to identify and verify user’s identity , security measures to establish the validity of a transmission, message or originator

A

Aspects of Information Needing protection
- Authentication

30
Q

you cannot deny the authenticity/validity of an act you committed, sender given proof of data delivery and recipient given proof of sender’s identity so that neither can deny processed data

A

Aspects of Information Needing protection
- Non-repudiation