Information Assurance and Security

To be useful, a _____ must not only state the security need (e.g., for confidentiality—that data shall be disclosed only to authorized individuals), but also address the range of circumstances under which that need must be met and the associated operating standards.

• security policy
• guard policy

_____ security measures to establish the validity of a transmission, message, or originator.

• Integrity
• Authentication

According to ______ taxonomy of information security, a computing environment is made up of five continuously interacting components

• Hostile environment
• Raggad’s

If you have an intuitive feeling something is wrong, trust your instincts.

• True
• False

_____ may prevent people from doing unauthorized things but cannot prevent them from doing things that their job functions entitle them to do.

• Technical measures
• admin measures

A _____ that must be restored within an hour after disruption represents, and requires, a more demanding set of policies and controls than does a similar system that need not be restored for two to three days.

• system
• program

_____ assurance that information is not disclosed to unauthorized persons.

• Information
• Confidentiality

Fifth Reason why investing in information security is significant

• Regulatory compliances
• Regular compliances

One can implement that policy by taking specific actions guided by management control principles and utilizing specific security standards, procedures, and _____

• mechanisms
• mechanisms time

According to______, IA can be thought of as protecting information at three distinct levels.

• enclave
• Blyth and Kovacich

Carrying items makes you more vulnerable targets for criminals.

• True
• False

If your data is stored physically or digitally, you need to be sure you have all the right ____________________ in place to prevent unauthorized individuals from gaining access.

• Perceptual
• Physical access controls

Computers are _____ entities, and programs can be changed in a twinkling, so that past happiness is no predictor of future bliss.

• active
• passive

Method of reducing criminal opportunity.

• Be alert and aware, Display confidence, Keep your hands free, Don't Trust your instincts, Ask for help, Closely Guard your personal Effects
• Not alert and aware, Display confidence, Keep your hands free, Trust your instincts, Ask for help, Closely Guard your personal Effects
• Be alert and aware, Display confidence, Keep your hands free, Trust your instincts, Ask for help, Closely Guard your personal Effects
• Be alert and aware, Display no confidence, Keep your hands free, Trust your instincts, Ask for help, Closely Guard your personal Effects

_____ is a requirement whose purpose is to keep sensitive information from being disclosed to unauthorized recipients.

• Confidentiality
• Confidentialities

Data and data processing activities in physical space.

• Operational security
• Physical

_____ refers to the protection of hardware, software, and data against physical threats to reduce or prevent disruptions to operations and services and loss of assets.”.

• Authentication
• Physical security

A _____ is a concise statement, by those responsible for a system (e.g., senior management), of information values, protection responsibilities, and organizational commitment.

• security policy
• privacy policy

The Importance of Information Security

Criminals are constantly surveying the environment for an opportunity to commit crimes.

• True
• False

_____ :controlling who gets to read information.

• Confidentiality
• Inconfidentiality

_____ assurance that the sender is provided with proof of a data delivery and recipient is provided with proof of the sender’s identity, so that neither can later deny having processed the data.

• Personnel security
• Non-repudiation

The _____ must be managed by auditing, backup, and recovery procedures supported by general alertness and creative responses.

• residual risk
• residual hazzard

_____ is a collection of computing environments connected by one or more internal networks under the control of a single authority and security policy, including personnel and physical security.

• Vulnerability
• enclave

______ for assets are one that has known threats.

• Hostile environment
• Friendly environment

For a _____ , the chief concern may be ensuring the confidentiality of classified information, whereas a funds transfer system may require strong integrity controls.

• national defense system
• international defense system

Feeling confident about their organization's security level: When information security community members participated in the Cybersecurity Trends Report, they were asked how positive they felt about their security stance.

• True
• False

As viruses have escalated from a hypothetical to a commonplace threat, it has become necessary to rethink such policies in regard to methods of distribution and acquisition of _____

• software
• hardware

Both individuals need to know what data is most critical to the organization so they can focus on placing the right ____________________ and monitoring controls on that data.

• Fusion
• Cyber risk management

_____ is the study of how to protect your information assets from destruction, degradation, manipulation and exploitation. But also, how to recover should any of those happen.

• Availability
• Information Assurance

Accepted facts, principles, or rules of thumb that are useful for specific domains.

• Knowledge
• Unknowledge

List the Jobs in Information Security

Early disclosure may jeopardize _____ advantage, but disclosure just before the intended announcement may be insignificant.

• competitive
• recitation

_____ : assuring that authorized users have continued access to information and resources.

• Availability
• Unavailability

If you feel vulnerable do not ask Police or Security to escort you to your car

• True
• False

_____ timely, reliable access to data and information services for authorized users.

• Non-repudiation
• Availability

Information is one of the most significant _____ resources

• non-substantial
• substantial

The weight given to each of the three major requirements describing needs for information security—confidentiality, integrity, and availability—depends strongly on _____

• circumstances
• circle

_____ the inherent technical features and functions that collectively contribute to an IT infrastructure achieving and sustaining confidentiality, integrity, availability, accountability, authenticity, and reliability.”

• IT security
• Blyth and Kovacich

Some _____ are explicitly concerned with protecting information and information systems, but the concept of management controls includes much more than a computer's specific role in enforcing security.

• management controls
• management controls system

What jobs in information security is this? Salary: $104,000 Responsibilities: Create an in-office network for a small business or a cloud infrastructure for a business with corporate locations in cities on opposite coasts.

• Computer Network Architects
• Computer Engineer Architects

20 different risk markers grouped under five main categories

• System , Medical, Political, Environmental and Infrastructural Risks
• Security, Medical, Political, Island and Infrastructural Risks
• Security, Government, Political, Environmental and Infrastructural Risks
• Security, Medical, Political, Environmental and Infrastructural Risks

Theft of personal items such as pursues can result in more criminal opportunities such as:

• Identity Theft, Stolen Auto, Residential Burglary
• Illegal Theft, Stolen Auto, Residential Burglary
• Identity Stolen, Stolen Auto, Residential Burglary
• Identity Auto, Stolen Auto, Residential Auto

Always closely guard their personal effects when it comes to identity theft.

• True
• False

_____ :assuring that information and programs are changed only in a specified and authorized manner.

• Integrity
• Dignity

_____ is a nonhostile environment that may be protected from external hostile elements by physical, personnel, and procedural countermeasures.

• Knowledge
• Benign environment

An effective _____ controls is needed to cover all aspects of information security, including physical security, classification of information, the means of recovering from breaches of security, and above all training to instill awareness and acceptance by people.

• program of management
• display of management

With _____ attacks, for example, even legitimate and honest users of an owner mechanism can be tricked into disclosing secret data.

• Trojan horse
• Heran Questers

The need for skilled workers and allocation of funds for security within their budget: Companies are making the effort to allocate more funds in their budgets for security.

• True
• False

Third Reason why investing in information security is significant

• Proliferation of IoT devices
• Proliferation of IT devices

______ is a weakness or fault in a system that exposes information to attack.

• Physical
• Vulnerability

______ involves the implementation of standard operational security procedures that define the nature and frequency of the interaction between users, systems, and system resources, the purpose.

• Debra Herrmann
• Operational security

Walk without purpose, scan the area around you and make casual eye contact with others to display confidence.

• True
• False

Information and data manipulation abilities in cyberspace.

• Noise
• Information infrastructure

The framework within which an organization strives to meet its needs for information security is codified as _____

• security policy
• terms of policy

Types of private security.

• Technology, Private Alarm Response, Private Patrol Services, Private Security Guards
• Technology, Private Alarm Response, Private Guard Patrol Services, Private Security Guards
• Technology, Private Alarm Response, Private Patrol Services, Private Service Guards
• Technology, Private Guard Alarm Response, Private Patrol Services, Private Security Guards

First Reason why investing in information security is significant

• Rising cost of breaches
• Rising cost of breach

What jobs in information security is this? Salary: $139,000 Responsibilities: Information systems managers work toward ensuring a company's tech is capable of meeting their IT goals.

• Computer and Information Systems Managers
• Computer and Knowledge Systems Managers

Raw facts with a known coding system

• Information
• Data

What jobs in information security is this? Salary: $103,560 Responsibilities: Software developers can be tasked with a wide range of responsibilities that may include designing parts of computer programs and applications and designing how those pieces work together.

• Software Developer
• Software Engineer

According to _____, IA has four major categories: physical security personnel security IT security operational security.

• Information Assurance
• Debra Herrmann

Processed data

• Information infrastructure
• Information

While you are walking, keep your mind on what is going on around you.

• True
• False

Cybersecurity professionals traditionally understand the technology, firewalls, and intrusion protection systems needed, but weren’t necessarily brought up in the ___________________.

• Information security professional
• Data evaluation business

An _____ must have administrative procedures in place to bring peculiar actions to the attention of someone who can legitimately inquire into the appropriateness of such actions, and that person must actually make the inquiry.

• organization
• happy birthday

In some scenarios, an __________________ would help a cybersecurity professional prioritize data protection — and then the cybersecurity professional would determine the best course of action for the data protection.

• Cyber risk management
• Information security professional

In any particular circumstance, some threats are more probable than others, and a _____ must assess the threats, assign a level of concern to each, and state a policy in terms of which threats are to be resisted.

• prudent policy setter
• prudent policy getter

_____ protection against unauthorized modification or destruction of information.

• Confidentiality
• Integrity

Over the last decade, we’ve seen a _________________ between cybersecurity and information security, as these previously siloed positions have come together.

• Physical access controls
• Fusion

Knowledge and understanding in human decision space.

• Raggad’s
• Perceptual

The requirements for applications that are connected to _____ will differ from those for applications without such interconnection.

• external systems
• internal systems

What jobs in information security is this? Salary: $95,510 Responsibilities: Information security analysts monitor their companies' computer networks to combat hackers and compile reports of security breaches.

• Information Security Analyst
• Information Security

A major conclusion of this report is that the lack of a clear _____ of security policy for general computing is a major impediment to improved security in computer systems.

• articulation
• article

_____ a variety of ongoing measures taken to reduce the likelihood and severity of accidental and intentional alteration, destruction, misappropriation, misuse, misconfiguration, unauthorized distribution, and unavailability of an organization’s logical and physical assets, as the result of action or inaction by insiders and known outsiders, such as business partners.”.

• Physical security
• Personnel security

a data endowed with relevance and purpose.

• prudent policy setter
• Information

Raw facts with an unknown coding system

• Benign environment
• Noise

_____ are the mechanisms and techniques—administrative, procedural, and technical—that are instituted to implement a security policy.

• Management controls
• Manger controls

Disruptions in their day-to-day business: Time is money.

• True
• False