Exam 1: Overview

The emphasis in dealing with active attacks is on prevention rather than detection.

"The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity,availability and confidentiality of information system resources" is the definition of _________ .

An __________ attack attempts to alter system resources or affect their operation.

The three concepts that form what is often referred to as the CIA triad are ________ .These three concepts embody the fundamental security objectives for both data and for information and computing services.

In the United States,the release of student grade information is regulated by the __________ .

A ___________ is any process,or a device incorporating such a process,that is designed to detect,prevent,or recover from a security attack.Examples are encryption algorithms,digital signatures and authentication protocols.

A __________ is any action that compromises the security of information owned by an organization.

__________ involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.

The __________ service is concerned with assuring the recipient that the message is from the source that it claims to be from.This service must also assure that the connection is not interfered with in such a way that a third party can masquerade as one of the two legitimate parties for the purposes of unauthorized transmission or reception.

Authentication protocols and encryption algorithms are examples of security mechanisms.

An)__________ service is one that protects a system to ensure its availability and addresses the security concerns raised by denial- of- service attacks.

The field of network and Internet security consists of measures to deter,prevent,detect and correct security violations that involve the transmission of information.

A common technique for masking contents of messages or other information traffic so that opponents can not extract the information from the message is __________ .

The OSI security architecture was not developed as an international standard,therefore causing an obstacle for computer and communication vendors when developing security features.

A _________ level breach of security could cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions,but the effectiveness of the functions is significantly reduced.

A loss of _________ is the unauthorized modification or destruction of information.

An __________ is an assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system.

Data origin authentication does not provide protection against the modification of data units.

A loss of __________ is the unauthorized disclosure of information.

Patient allergy information is an example of an asset with a high requirement for integrity.