Topic 1

Question 1

Timely, reliable access

Answer 1

Availability

Question 2

Protection against unauthorized modification or destruction of information

Answer 2

Integrity

Question 3

Disclosed to unauthorized persons

Answer 3

Confidentiality

Question 4

Security measures to establish the validity of a transmission, message, or originator

Answer 4

Authentication

Question 5

Data delivery and recipient

Answer 5

Non-repudiation

Question 6

What are the 5 Information Assurance (A.I.C.A.N)

Answer 6

Availability, Integrity, Confidentiality, Authentication, and Non-repudiation

Question 7

Tools and personnel used to defend an organization’s digital assets

Answer 7

Security

Question 8

To protect the physical items

Answer 8

Physical Security

Question 9

Individual or group of individuals

Answer 9

Personal Security

Question 10

Series of activities

Answer 10

Operation Security

Question 11

Organization’s communications media, technology, and content.

Answer 11

Communication Security

Question 12

Networking components, connections, and contents.

Answer 12

Network Security

Question 13

What are the 5 Securities? (P.P.O.C.N)

Answer 13

Physical Security, Personal Security, Operation Security, Communication Security, Network Security

Question 14

Is the protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information.

Answer 14

Information Security

Question 15

What are the Three characteristics that described the utility of information?

Answer 15

Confidentiality, Integrity, and Availability

Question 16

Enables users who need to access information to do so without interference or obstruction and in the required format.

Answer 16

Availability

Question 17

Free from mistake or error

Answer 17

Accuracy

Question 18

Reproduction or fabrication

Answer 18

Authenticity

Question 19

Preventing disclosure or exposure

Answer 19

Confidentiality

Question 20

Being whole

Answer 20

Integrity

Question 21

End-user, it is not useful

Answer 21

Utility

Question 22

Ownership or control of some object or item

Answer 22

Possession

Question 23

What are the 7 Critical Characteristics of Information? (A.A.A.C.I.U.P)

Answer 23

Availability, Accuracy, Authenticity, Confidentiality, Integrity, Utility, and Possession

Question 24

Entire set of software, hardware, data, people, procedures, and networks

Answer 24

Information System

Question 25

Includes applications (programs), operating systems, and assorted command utilities

Answer 25

Software

Question 26

Physical technology that houses and executes the software

Answer 26

Hardware

Question 27

• Often the most asset
• Main target of intentional attacks

Answer 27

Data

Question 28

• People have always been a threat to information security
• Social engineering
• Must be well trained and informed

Answer 28

People

Question 29

• Procedures are written instructions for accomplishing a specific task.
• Threat to integrity of data

Answer 29

Procedures

Question 30

• Locks and keys won’t work

Answer 30

Networks

Question 31

What are the 6 components of Information System (IS) | (S.H.D.P.P.N)

Answer 31

Software, Hardware, Data, People, Procedures, and Networks

Question 32

Grassroots effort

Answer 32

Bottom-up approach

Question 33

• initiated by upper management
• Higher probability of success
• The project is initiated by upper-level managers

Answer 33

Top-down approach

Question 34

A formal approach to solving a problem based on a structured sequence of procedures

Answer 34

Methodology

Question 35

• A methodology for the design and implementation of an information system

Answer 35

The Systems Development Life Cycle

Question 36

• The problem, objectives, constraints, and scope of the project are identified
• Begins with enterprise information security policy

Answer 36

Investigation

Question 37

• consists primarily of assessments of the organization, its current systems, and its capability to support the proposed systems
• Existing security policies, legal issues,
• Perform risk analysis

Answer 37

Analysis

Question 38

• Creates and develops blueprints for information security
• Incident response actions: Continuity planning, Incident response, Disaster recovery
• Feasibility analysis to determine whether project should continue or be outsourced

Answer 38

Logical Design

Question 39

final design selected

Answer 39

Physical Design

Question 40

• Security solutions are acquired, tested, implemented, and tested again

Answer 40

Implementation

Question 41

• Most important
• Constant changing threats
• Constant monitoring, testing updating and implementing change

Answer 41

Maintenance and Change

Question 42

What are the 6 SDLC Phases? (I.A.LD.PD.I.MC)

Answer 42

Investigation, Analysis, Logical Design, Physical Design, Implementation, Maintenance and Change.

Question 43

• Senior technology officer is usually the chief information officer (CIO)

Answer 43

Senior Management

Question 44

• Responsible for the assessment, management, and implementation of information security in the organization
• also be referred to as the manager for IT security, the security administrator, or by a similar title
• reports directly to the CIO

Answer 44

Chief information security officer (CISO)