Deck 1: Computer Systems Overview

Threats are attacks carried out.

The "A" in the CIA triad stands for "authenticity".

Contingency planning is a functional area that primarily requires
computer security technical measures.

Hardware is the most vulnerable to attack and the least susceptible to
automated controls.

Security mechanisms typically do not involve more than one particular
algorithm or protocol.

Data integrity assures that information and programs are changed only
in a specified and authorized manner.

Computer security is protection of the integrity,availability,and
confidentiality of information system resources.

Assurance is the process of examining a computer product or system
with respect to certain criteria.

In the context of security our concern is with the vulnerabilities of
system resources.

T F 4.Availability assures that systems works promptly and service is not
denied to authorized users.

Many security administrators view strong security as an impediment to
efficient and user-friendly operation of an information system.

Computer security is essentially a battle of wits between a perpetrator
who tries to find holes and the administrator who tries to close them.

X.800 architecture was developed as an international standard and
focuses on security in the context of networks and communications.

The more critical a component or service,the higher the level of
availability required.

The first step in devising security services and mechanisms is to
develop a security policy.

In the United States,student grade information is an asset whose confidentiality is regulated by the __________.

__________ is the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity,availability,and confidentiality of information system resources.

The assets of a computer system can be categorized as hardware,software,communication lines and networks,and _________.

Misappropriation and misuse are attacks that result in ________ threat consequences.

Release of message contents and traffic analysis are two types of _________ attacks.

A loss of _________ is the disruption of access to or use of information or an information system.

Confidentiality,Integrity,and Availability form what is often referred to as the _____.

A(n)_________ is any means taken to deal with a security attack.

A(n)_________ is a threat that is carried out and,if successful,leads to an undesirable violation of security,or threat consequence.

Replay,masquerade,modification of messages,and denial of service are example of _________ attacks.

The OSI security architecture focuses on security attacks,__________,and services.

A __________ is data appended to,or a cryptographic transformation of,a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery.

Establishing,maintaining,and implementing plans for emergency response,backup operations,and post disaster recovery for organizational information systems to ensure the availability of critical information resources and continuity of operations in emergency situations is a __________ plan.

Security implementation involves four complementary courses of action: prevention,detection,response,and _________.

A(n)_________ assessment is periodically assessing the risk to organizational operations,organizational assets,and individuals,resulting from the operation of organizational information systems and the associated processing,storage,or transmission or organizational information.