5.1

Question 1

What are the components of The information system

Answer 1

Procedures, people, hardware, networks, software, data.

Question 2

____________ is protecting information and information systems from unauthorized access use, disclosure, disruption modification or destruction

Answer 2

Information security

Question 3

This component of the IS has increased the necessity of information security…

Answer 3

Networks

Question 4

Out off all the component of IS, They are considered the weakest link in an organization’s security program…

Answer 4

People

Question 5

This component of IS is considered the most difficult to secure..

Answer 5

Software

Question 6

This component of IS is considered the most valuable to an organization and the main target for intentional attacks..

Answer 6

Data

Question 7

_______ consists of facts and figures that are stored, processed, or transmitted in or out by the information system….

Answer 7

Data

Question 8

This component of the Is is considered as physical assets which must be protected from harm, theft…..

Answer 8

Hardware

Question 9

What are the main goals of Information security?

Answer 9

Confidentiality , integrity, and availability.

Question 10

What are the types of protections?

Answer 10

Physical protection, awareness-based protection, technical protection

Question 11

The hardware component of Is requires which kind of protection?

Answer 11

Physical protection

Question 12

The people and procedures require which land of protection?

Answer 12

Awarness-based protection

Question 13

Software, data, and networks require which kind of protection?

Answer 13

Technical protection

Question 14

Cryptography, firewalls, access control systems are all examples of….

Answer 14

Security technologies

Question 15

The main goals of information security are also commonly known as _________.

Answer 15

CIA triad

Question 16

A ________ is one of the main concerns in information security.

Answer 16

Security attack

Question 17

What are the main two types of security attacks?

Answer 17

insider attack, external attack

Question 18

Insider and external attacks can be further classified into four categories: modification attack, fabrication attack, _________ attack, and _________ attacks

Answer 18

interception, interruption

Question 19

which security attacks affects confidentiality?

Answer 19

interception

Question 20

which security attacks affect integrity and availability?

Answer 20

interruption attacks, fabrication attacks, and modification attacks.

Question 21

_______ attacks allow an attacker to gain access to sensitive information.

Answer 21

interception

Question 22

_______ attacks allow an attack to make sensitive information unusable or unavailable to authorized users.

Answer 22

interruption

Question 23

________ attacks allow an attacker to tamper with sensitive information.

Answer 23

modification

Question 24

________ attacks is the type of attack in which the attackers inserts forged objects or information into the system, as if it was generated by an authorized user.

Answer 24

fabrication

Question 25

______ consists of the physical technologies installed in the IS that host and execute the software, store and transport the data and provides interfaces for entering and removing the information in the system.

Answer 25

hardware

Question 26

T or F: the physical location of computers and the computers themselves must be secured.

Answer 26

t, because a breach of physical security can result in a loss of information.

Question 27

information systems are often connected together to form ______ such as a LAN.

Answer 27

networks

Question 28

Which component of IS requires extreme focus to secure it?

Answer 28

software

Question 29

T or F: the security of LANs become worse when they are connected to the internet.

Answer 29

t

Question 30

_______ protection involves the use of physical security policies, such as locks and keys that restrict access to the area where the hardware components are located.

Answer 30

physical

Question 31

_____ protection involves education and training to prevent users from accidental or intentional misuse of information or procedures.

Answer 31

awareness-based

Question 32

_______ protection involves the use of security technologies to manage access to and usage of, a system or information by different users.

Answer 32

technical

Question 33

T or F: technical protection can also be additionally applied for the protection of people and procedures.

Answer 33

true

Question 34

________ is the ability to prevent unauthorized disclosure of information so that sensitive information is accessible only to authorized users.

Answer 34

confidentialty

Question 35

______ is the ability to prevent unauthorized modification of information in order to maintain its accuracy, consistency, and trustworthiness over its entire life cycle.

Answer 35

integrity

Question 36

_________ is the ability to prevent unauthorized withholding of information so that it is available when needed by the authorized users.

Answer 36

availability

Question 37

______ attacks are security attacks performed by unauthorized users (outsiders).

Answer 37

external

Question 38

______ attack are security attacks performed by authorized users (insiders).

Answer 38

Internal

Question 39

_______ is any kind of malicious activity that attempts to collect, disrupt, deny, degrade or destroy information system resources or information itself.

Answer 39

attack

Question 40

an ________ is a person who possesses the authority to perform an action or set of activites.

Answer 40

authorized user

Question 41

an _________ is a person who does not possess the authority to perform an action or set of activites.

Answer 41

unauthorized user

Question 42

__________ is the exposure of information to user(s) not authorized to access the information

Answer 42

unauthorized disclosure

Question 43

________ is the modification of info by user(s) not authorized to modify the information.

Answer 43

unauthorized modification