Exam 1: Computer Systems Overview

The assurance that data received are exactly as sent by an authorized entity is __________.

Establishing, maintaining, and implementing plans for emergency response, backup operations, and post disaster recovery for organizational information systems to ensure the availability of critical information resources and continuity of operations in emergency situations is a __________ plan.

__________ is the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources.

X.800 architecture was developed as an international standard andfocuses on security in the context of networks and communications.

A(n) _________ is a threat that is carried out and, if successful, leads to an undesirable violation of security, or threat consequence.

A loss of _________ is the disruption of access to or use of information or an information system.

A threat action in which sensitive data are directly released to an unauthorized entity is __________.

Replay, masquerade, modification of messages, and denial of service are example of _________ attacks.

Confidentiality, Integrity, and Availability form what is often referred to as the _____.

An example of __________ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user.

The "A" in the CIA triad stands for "authenticity".

A(n) _________ is any means taken to deal with a security attack.

The first step in devising security services and mechanisms is todevelop a security policy.

The more critical a component or service, the higher the level ofavailability required.

Security mechanisms typically do not involve more than one particularalgorithm or protocol.

A(n) __________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken.

In the United States, student grade information is an asset whose confidentiality is regulated by the __________.

A(n) _________ assessment is periodically assessing the risk to organizational operations, organizational assets, and individuals, resulting from the operation of organizational information systems and the associated processing, storage, or transmission or organizational information.

Many security administrators view strong security as an impediment toefficient and user-friendly operation of an information system.

Threats are attacks carried out.