Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Information Assurance > Topic 1 - Reset > Flashcards

Topic 1 - Reset Flashcards

1
Q

Any transaction online, including online banking, software services, remote service providers, or online course platforms.

A

E-commerce

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is E-commerce?

A

Any transaction online, including online banking, software services, remote service providers, or online course platforms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Characteristics of information to be useful

A
  1. Accurate
  2. Timely
  3. Complete
  4. Verifiable
  5. Consistent
  6. Available
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Characteristics of information to be useful

You might want:

A
  1. Privacy
  2. Protection against phishing, vishing
  3. Integrity
  4. Authentication
  5. Authorization
  6. Confidentiality
  7. Non-repudiation
  8. Availability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Aspects of Information Needing protection

Availability

A

timely, reliable access to data and information services for authorized users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Aspects of Information Needing protection

Integrity

A

you can only see the data but you cannot change it, protection against unauthorized modification or destruction of information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Aspects of Information Needing protection

Confidentiality

A

assurance that information is not disclosed to unauthorized parties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Aspects of Information Needing protection

Authentication

A

to identify and verify user’s identity , security measures to establish the validity of a transmission, message or originator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Aspects of Information Needing protection

Non-repudiation

A

you cannot deny the authenticity/validity of an act you committed, sender given proof of data delivery and recipient given proof of sender’s identity so that neither can deny processed data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Aspects of Information Needing protection

A
  1. Availability
  2. Confidentiality
  3. Authentication
  4. Non-repudiation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

is the resource being protected

A

Assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Assets

Physical assets

A

devices, computers, people

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Assets

Logical assets

A

information, data (in transmission, storage, or processing), and intellectual property

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Assets

System assets

A

any software, hardware, data, administrative, physical, communications, or personnel resource within an information system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Attacks

Passive attack

A

an attack in which the attacker observes interaction with the system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Active attack

A

an attack in which the attacker directly interacts with the system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Unintentional attack

A

an attack where there is not a deliberate goal of misuse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Exposure

A

is an instance when the system is vulnerable to attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Compromise

A

is a situation in which the attacker has succeeded

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

is a recognized, action specific, generalized or theoretical that an adversary (threat actor) might be expected to take in preparation for an attack

A

Indicator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Consequence

A

is the outcome of the attack, may cause the information system to lose effectiveness and may have other costs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Consequence

Disruption

A

targets availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Consequence

Corruption

A

targets integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Consequence

Exploitation

A

targets confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

is a type of consequence, involving accidental exposure of information to an agent not authorized access.

A

Inadvertent disclosure

26
Q

Taxonomy of attacks with relation to security goals

A
  1. Threat to Confidentiality
  2. Threat to integrity
  3. Threat to availability
27
Q

Taxonomy of attacks with relation to security goals

Threat to Confidentiality

A
  1. Snooping
  2. Traffic analysis
28
Q

Taxonomy of attacks with relation to security goals

Threat to integrity

A
  1. Modification
  2. Masquerading
  3. Replaying
  4. Repudiation
29
Q

Taxonomy of attacks with relation to security goals

Threat to availability

A

Denial of service

30
Q

Security Attack

Confidentiality

A

information needs to be hidden from unauthorized access

31
Q

Security Attack

Integrity

A

protected from unauthorized change

32
Q

Availability

A

Available to an authorized entity when it is needed

33
Q
  1. Accurate
  2. Timely
  3. Complete
  4. Verifiable
  5. Consistent
  6. Available
A

Characteristics of information to be useful

34
Q

timely, reliable access to data and information services for authorized users

A

Aspects of Information Needing protection

Availability

35
Q

you can only see the data but you cannot change it, protection against unauthorized modification or destruction of information

A

Aspects of Information Needing protection

Integrity

36
Q

assurance that information is not disclosed to unauthorized parties

A

Aspects of Information Needing protection

Confidentiality

37
Q

to identify and verify user’s identity , security measures to establish the validity of a transmission, message or originator

A

Aspects of Information Needing protection

Authentication

38
Q

you cannot deny the authenticity/validity of an act you committed, sender given proof of data delivery and recipient given proof of sender’s identity so that neither can deny processed data

A

Aspects of Information Needing protection

Non-repudiation

39
Q
  1. Availability
  2. Confidentiality
  3. Authentication
  4. Non-repudiation
A

Aspects of Information Needing protection

40
Q

Assets

A

is the resource being protected

41
Q

devices, computers, people

A

Assets

Physical assets

42
Q

information, data (in transmission, storage, or processing), and intellectual property

A

Assets

Logical assets

43
Q

any software, hardware, data, administrative, physical, communications, or personnel resource within an information system

A

Assets

System assets

44
Q

an attack in which the attacker observes interaction with the system

A

Attacks

Passive attack

45
Q

an attack in which the attacker directly interacts with the system

A

Active attack

46
Q

an attack where there is not a deliberate goal of misuse

A

Unintentional attack

47
Q

is an instance when the system is vulnerable to attack

48
Q

is a situation in which the attacker has succeeded

A

Compromise

49
Q

Indicator

A

is a recognized, action specific, generalized or theoretical that an adversary (threat actor) might be expected to take in preparation for an attack

50
Q

is the outcome of the attack, may cause the information system to lose effectiveness and may have other costs

A

Consequence

51
Q

targets availability

A

Consequence

Disruption

52
Q

targets integrity

A

Consequence

Corruption

53
Q

targets confidentiality

A

Consequence

Exploitation

54
Q

Inadvertent disclosure

A

is a type of consequence, involving accidental exposure of information to an agent not authorized access.

55
Q
  1. Threat to Confidentiality
  2. Threat to integrity
  3. Threat to availability
A

Taxonomy of attacks with relation to security goals

56
Q
  1. Snooping
  2. Traffic analysis
A

Taxonomy of attacks with relation to security goals

Threat to Confidentiality

57
Q
  1. Modification
  2. Masquerading
  3. Replaying
  4. Repudiation
A

Taxonomy of attacks with relation to security goals

Threat to integrity

58
Q

Denial of service

A

Taxonomy of attacks with relation to security goals

Threat to availability

59
Q

information needs to be hidden from unauthorized access

A

Security Attack

Confidentiality

60
Q

protected from unauthorized change

A

Security Attack

Integrity

61
Q

Available to an authorized entity when it is needed

A

Availability

Information Assurance (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions