Chapter 1

Question 1

CIA Triad

Answer 1

Confidentiality, Integrity, and Availability

Question 2

Confidentiality

Answer 2

Ensures that unauthorized individuals are not able to gain access to sensitive information.

Question 3

Integrity

Answer 3

Ensures that there are no unauthorized modifications to information or systems, either intentionally unintentionally.

Question 4

Availability

Answer 4

Ensures that information and systems are ready to meet the needs of legitimate users at the time those users request them.

Question 5

Nonrepudiation

Answer 5

Means that someone who performed some action, such as sending a message, cannot later deny having taking that action.

Question 6

DAD Triad

Answer 6

Disclosure, Alteration, and Denial

Question 7

Disclosure

Answer 7

Exposure of sensitive information to unauthorized individuals, otherwise known as data loss.

Question 8

Alteration

Answer 8

Unauthorized modification of information and is a violation of integrity.

Question 9

Denial

Answer 9

The disruption of an authorized users legitimate access to information. Violates Availability

Question 10

Financial Risk

Answer 10

The risk of monetary damage to the organization as the result of a data breach.

Question 11

Reputational Risk

Answer 11

When the negative publicity surrounding a security breach causes the loss of goodwill among customers, employees, suppliers, and other stakeholders.

Question 12

Strategic Risk

Answer 12

The risk that an organization will become less effective in meeting it’s major and objectives as result of the breach.

Question 13

Operational Risk

Answer 13

The risk to the organization’s ability to carry out its day-to-day functions.

Question 14

Compliance Risk

Answer 14

When a security breach causes an organization to run afoul of legal or regulatory requirements.