Chapter 01 introduction to security

•Download as PPTX, PDF•

0 likes•197 views

This document contains 8 questions about information security concepts from a chapter on security introductions. The questions cover topics like the three main goals of information security being confidentiality, integrity and availability; implementing nonrepudiation to prove who sent emails; the A in CIA standing for availability; removable storage posing the greatest risk to confidentiality of data; and examples of physical controls like ID cards. The questions are multiple choice and have answers ranging from letters A to D.

Technology

Questions & Answers
Chapter 1 - Introduction to Security
Prowse (2012)
8 Questions
Muhammad Jazman, S.Kom.,MInfoSys
jazman@uin-suska.ac.id
http://sif.uin-suska.ac.id/

Question 1
In information security, what are the three main
goals? (Select the three best answers.)
A. Auditing
B. Integrity
C. Nonrepudiation
D. Confidentiality
E. Risk Assessment
F. Availability

Question 2
To protect against malicious attacks, what
should you think like?
A. Hacker
B. Network admin
C. Spoofer
D. Auditor

Question 3
Tom sends out many e-mails containing secure
information to other companies. What concept
should be implemented to prove that Tom did
indeed send the e-mails?
A. Authenticity
B. Nonrepudiation
C. Confidentiality
D. Integrity

Question 4
Which of the following does the A in CIA stand
for when it comes to IT security?
Select the best answer.
A. Accountability
B. Assessment
C. Availability
D. Auditing

Question 5
Which of the following is the greatest risk when it
comes to removable storage?
A. Integrity of data
B. Availability of data
C. Confidentiality of data
D. Accountability of data

Question 6
When it comes to information security, what is
the I in CIA?
A. Insurrection
B. Information
C. Indigestion
D. Integrity

Question 7
You are developing a security plan for your
organization. Which of the following is an
example of a physical control?
A. Password
B. DRP
C. ID card
D. Encryption

Question 8
When is a system completely secure?
A. When it is updated
B. When it is assessed for vulnerabilities
C. When all anomalies have been removed
D. Never

Similar to Chapter 01 introduction to security

4_5769479639445540375.pptx

HHoko1

APA Writing Sample: Extortion on the JobValorie J. King, PhDApril 2, 2014 Running Head: APA WRITING SAMPLE 1 Running Head: APA WRITING SAMPLE 5 Introduction Writing as Anonymous (2003), the Chief Information Security Officer (CISO) of a major United States (US) corporation told a chilling tale of email based extortion attempts against employees who had received extortion threats via email sent to their corporate email addresses. The corporation, its managers, and the individual employees who were targeted faced a number of issues and dilemmas as they responded to security incident caused by the extortion attempts. In the following analysis, one issue–the enforcement of acceptable use policies–is discussed and critiqued.Analysis The Attack Drive by download attacks occur when a legitimate Web server has been infected with malware or malicious scripts which deliver malware, pornography, or other objectionable material along with the Web page content that the visitor was expecting to see (Microsoft, 2014; Niki, 2009). These types of attacks are difficult to detect and often result in the infection of large numbers of visitors before the infection is detected and removed from the Web site. In this attack, computers used by the affected employees (victims) were compromised by a drive by download attack (Microsoft, 2014) which resulted in the download of pornographic materials while they were browsing websites which, in turn, had been compromised (Anonymous, 2003). The attackers also obtained each visitor’s email address from the Web browser. Extortion emails were sent to victims demanding credit card payment of hush fees. The extortionists told the victims exactly where the contraband files were located on the computer hard drive and assured the victims that it was impossible to remove those files. Why the Problem Went Unreported Anonymous (2003) discovered that he was dealing with “paranoid users who don't trust security people” (p. 1). There are many possible reasons why employees turn into paranoid users who are unwilling to self-report for security incidents, even those which are accidental. Two such reasons are enforcement of zero tolerance for violations and perceptions of unfairness or a lack of justice. Zero tolerance. The previous CISO implemented a zero tolerance policy with respect to acceptable use policy (AUP) violations (Anonymous, 2003). Under this zero-tolerance policy, a number of employees were terminated (fired), without due process or hearings to establish guilt or innocence. When employees began receiving extortion emails and threats, they believed that their jobs could be placed at risk, regardless of their innocence or guilt with respect to downloading of pornography to company computers, if they reported the presence of pornographic files (pushed to the computer by the extortionists). Perceptions of fairness and justice. When employees feel that IT policy enforcement is unfair, the situation is usually accompanied.

APA Writing Sample Extortion on the JobValorie J. King, PhDApril .docx

justine1simpson78276

Module1_Intro to Security_Final.ppt

zenotechae

Module1_Intro to Security_Final.ppt

AshaPagidipalli

Module 1 :Introduction to Cyber Security

JunYin38

CyberSecurity - Linda Sharp

SchoolDude Editors

Answer each question in one to two paragraphs . Question 1: Layered Network Defense Network security has become a complicated topic due to the many types of threats to network information and systems. To defend against these threats, a layered network defense strategy must be utilized. What are the major components of a layered network defense model and what role does each of the layers play in the overall defense of the network against security threats? Question 2: Risk Analysis Properly securing a network is like building security around your home. You can invest a lot of money is security systems that defend against threats that do not exist in your neighborhood. The first step in developing good security is to understand what threats exist. What are the major security threats that exist for a typical company and how might they determine which threats present the most risk for them and their situation? Question 3: Security Policy Securing a network consists of much more than just installing the appropriate hardware and software. A company must have a good set of policies in place to help make the decisions necessary to properly implement their network security. Discuss the major components of a good security policy. Question 4: Goals of Network Security One size does not fit all with regards to network security. A company or organization must understand what they are trying to accomplish with their network security. These goals will help drive the decisions necessary to implement a good security system. List some examples of goals a company or organization might set for their security system and discuss what types of security they might use to achieve these goals. Question 5: Intrusion Detection Networks often contain valuable information and are the target of threats to acquire the information or damage the information. Intruders pose a significant threat to networks and the first step in thwarting intrusion is to understand when and how it is occurring. What are some of the ways intruders can be detected in a network and what can be done to reduce this network threat? Question 6: Digital Signatures One of the most difficult aspects of network security is identification. If all people and devices connected to the network could be identified during every network transmission, security would be greatly improved. Unfortunately, this is not an easy task. Digital signatures help in identification of network transmissions. Discuss how digital signatures work and what aspects of network security they enhance. Question 7: Access Control Lists A common method of gaining improved network security is to create a list of authorized users for all network resources. These lists are called Access Control Lists or ACLs. ACLs are like airline reservations. You arrive at the gate and if you have a boarding pass, you can get on the plane. Without a boarding pass, you are left at the gate and the plane is off limits. Discuss how Acces ...

Answer each question in one to two paragraphs.Question 1

brockdebroah

Unit I Q&A.docx

karthikaparthasarath

Question 11 What is defined as the set of protections put in place to safeguard information systems and/or data from security threats such as unauthorized access, use, disclosure, disruption, modification or destruction? Information Screening Information Security Anti-virus Firewall 2.5 points Question 12 What kind of threat renders a system inoperative or limits its capability to operate? Denial of service Unauthorized access Theft and fraud Passive 2.5 points Question 13 What term is used to refer to someone (or something) pretending to be someone else (or another computer)? Phishing Spoofing Smurfing Porting 2.5 points Question 14 You have received an email from your university IT department stressing that the IT department will NEVER ask you for your username and password to your email account. What type of scheme is the university most likely trying to protect you from? Phishing Smurfing Spoofing Security holes 2.5 points Question 15 When considering security threats it is very important to consider __________ and __________ of the threat on the organization. impact, theft prevalence, impact repudiation, availablity theft, prevalenceA. Information ScreeningB. Information SecurityC. Anti-virusD. Firewall Solution Question 11: B. Information Security Question 12: A. Denial of service Question 13: B. Spoofing Question 14: A.Phishing.

Question 11What is defined as the set of protections put in place .pdf

daniamantileonismc36

Lecture 1-2.pdf

FumikageTokoyami4

Answer each question in one to two paragraphs. Question 1: Layered Network Defense Network security has become a complicated topic due to the many types of threats to network information and systems. To defend against these threats, a layered network defense strategy must be utilized. What are the major components of a layered network defense model and what role does each of the layers play in the overall defense of the network against security threats? Question 2: Risk Analysis Properly securing a network is like building security around your home. You can invest a lot of money is security systems that defend against threats that do not exist in your neighborhood. The first step in developing good security is to understand what threats exist. What are the major security threats that exist for a typical company and how might they determine which threats present the most risk for them and their situation? Question 3: Security Policy Securing a network consists of much more than just installing the appropriate hardware and software. A company must have a good set of policies in place to help make the decisions necessary to properly implement their network security. Discuss the major components of a good security policy. Question 4: Goals of Network Security One size does not fit all with regards to network security. A company or organization must understand what they are trying to accomplish with their network security. These goals will help drive the decisions necessary to implement a good security system. List some examples of goals a company or organization might set for their security system and discuss what types of security they might use to achieve these goals. Question 5: Intrusion Detection Networks often contain valuable information and are the target of threats to acquire the information or damage the information. Intruders pose a significant threat to networks and the first step in thwarting intrusion is to understand when and how it is occurring. What are some of the ways intruders can be detected in a network and what can be done to reduce this network threat? Question 6: Digital Signatures One of the most difficult aspects of network security is identification. If all people and devices connected to the network could be identified during every network transmission, security would be greatly improved. Unfortunately, this is not an easy task. Digital signatures help in identification of network transmissions. Discuss how digital signatures work and what aspects of network security they enhance. Question 7: Access Control Lists A common method of gaining improved network security is to create a list of authorized users for all network resources. These lists are called Access Control Lists or ACLs. ACLs are like airline reservations. You arrive at the gate and if you have a boarding pass, you can get on the plane. Without a boarding pass, you are left at the gate and the plane is off limits. Dis.

Answer each question in one to two paragraphs.Question 1 .docx

justine1simpson78276

SECO 406100422-ISF-Sample-Exam-en-v1-0.pdf

JohnRicos

Information Security Awareness Session -2020

Ismail Oduoye CISSP,CISA, CCNP-ROUTE,CCNA, MCITP,MCTS

Lkw Security Part 1_MVPs Azra & Sanjay

Quek Lilian

Security+ Guide to Network Security Fundamentals, 3rd Edition, by Mark Ciampa Knowledge and skills required for Network Administrators and Information Technology professionals to be aware of security vulnerabilities, to implement security measures, to analyze an existing network environment in consideration of known security threats or risks, to defend against attacks or viruses, and to ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security, including access control, authorization, encryption, packet filters, firewalls, and Virtual Private Networks (VPNs). CNIT 120: Network Security http://samsclass.info/120/120_S09.shtml#lecture Policy: http://samsclass.info/policy_use.htm Many thanks to Sam Bowne for allowing to publish these presentations.

Ch01 Introduction to Security

Information Technology

Time based security for cloud computing

Jorge Sebastiao

Security Intelligence Report

MicrosoftTR

Computer security and_privacy_tif_key

thinkict

Cybersecurity.pptx

ssuser2209e8

information security management

Gurpreetkaur838

Similar to Chapter 01 introduction to security (20)

4_5769479639445540375.pptx

APA Writing Sample Extortion on the JobValorie J. King, PhDApril .docx

Module1_Intro to Security_Final.ppt

Module 1 :Introduction to Cyber Security

CyberSecurity - Linda Sharp

Answer each question in one to two paragraphs.Question 1

Unit I Q&A.docx

Question 11What is defined as the set of protections put in place .pdf

Lecture 1-2.pdf

Answer each question in one to two paragraphs.Question 1 .docx

SECO 406100422-ISF-Sample-Exam-en-v1-0.pdf

Information Security Awareness Session -2020

Lkw Security Part 1_MVPs Azra & Sanjay

Ch01 Introduction to Security

Time based security for cloud computing

Security Intelligence Report

Computer security and_privacy_tif_key

Cybersecurity.pptx

information security management

More from Muhammad Jazman

Fundamental concepts of future city

Muhammad Jazman

Pohl & van genderen 2017p5 figure 1.2 electromagnetic spectrum with wavelengt...

Muhammad Jazman

Pohl & van genderen 2017 pp.8-13 table 1.2 popular optical remote sensing pla...

Muhammad Jazman

Textbooks on remote sensing

Muhammad Jazman

Polarization of microwaves

Muhammad Jazman

How to create a bln file from shp

Muhammad Jazman

Graham et.al, 2008, Foundations of Software Testing ISTQB Certification. Chap...

Muhammad Jazman

Graham et.al, 2008, Foundations of Software Testing ISTQB Certification. Chap...

Muhammad Jazman

Graham et.al, 2008, Foundations of Software Testing ISTQB Certification. Chap...

Muhammad Jazman

Graham et.al, Foundations of Software Testing ISTQB Certification. Chapter 01 Fundamentals of Testing. Questions and Answers (animated power point presentation) QA is taken from following textbook: Foundations of Software Testing(Updated) ISTQB Certification by Dorothy Graham, Erik Van Veenendaal, Isabel Evans, Rex Black, Graham Isabel Paperback, 258 Pages, Published 2008 by Cengage Learning Emea ISBN-13: 978-1-84480-989-9, ISBN: 1-84480-989-7

Graham et.al, 2008, Foundations of Software Testing ISTQB Certification. Chap...

Muhammad Jazman

More from Muhammad Jazman (10)

Fundamental concepts of future city

Pohl & van genderen 2017p5 figure 1.2 electromagnetic spectrum with wavelengt...

Pohl & van genderen 2017 pp.8-13 table 1.2 popular optical remote sensing pla...

Textbooks on remote sensing

Polarization of microwaves

How to create a bln file from shp

Graham et.al, 2008, Foundations of Software Testing ISTQB Certification. Chap...

Recently uploaded

A Domino Admins Adventures (Engage 2024)

Gabriella Davis

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

Handwritten Text Recognition for manuscripts and early printed texts

Maria Levchenko

Enterprise Knowledge’s Urmi Majumder, Principal Data Architecture Consultant, and Fernando Aguilar Islas, Senior Data Science Consultant, presented "Driving Behavioral Change for Information Management through Data-Driven Green Strategy" on March 27, 2024 at Enterprise Data World (EDW) in Orlando, Florida. In this presentation, Urmi and Fernando discussed a case study describing how the information management division in a large supply chain organization drove user behavior change through awareness of the carbon footprint of their duplicated and near-duplicated content, identified via advanced data analytics. Check out their presentation to gain valuable perspectives on utilizing data-driven strategies to influence positive behavioral shifts and support sustainability initiatives within your organization. In this session, participants gained answers to the following questions: - What is a Green Information Management (IM) Strategy, and why should you have one? - How can Artificial Intelligence (AI) and Machine Learning (ML) support your Green IM Strategy through content deduplication? - How can an organization use insights into their data to influence employee behavior for IM? - How can you reap additional benefits from content reduction that go beyond Green IM?

Driving Behavioral Change for Information Management through Data-Driven Gree...

Enterprise Knowledge

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

Sara Mae O’Brien Scott and Tatiana Baquero Cakici, Senior Consultants at Enterprise Knowledge (EK), presented “AI Fast Track to Search-Focused AI Solutions” at the Information Architecture Conference (IAC24) that took place on April 11, 2024 in Seattle, WA. In their presentation, O’Brien-Scott and Cakici focused on what Enterprise AI is, why it is important, and what it takes to empower organizations to get started on a search-based AI journey and stay on track. The presentation explored the complexities of enterprise search challenges and how IA principles can be leveraged to provide AI solutions through the use of a semantic layer. O’Brien-Scott and Cakici showcased a case study where a taxonomy, an ontology, and a knowledge graph were used to structure content at a healthcare workforce solutions organization, providing personalized content recommendations and increasing content findability. In this session, participants gained insights about the following: Most common types of AI categories and use cases; Recommended steps to design and implement taxonomies and ontologies, ensuring they evolve effectively and support the organization’s search objectives; Taxonomy and ontology design considerations and best practices; Real-world AI applications that illustrated the value of taxonomies, ontologies, and knowledge graphs; and Tools, roles, and skills to design and implement AI-powered search solutions.

IAC 2024 - IA Fast Track to Search Focused AI Solutions

Enterprise Knowledge

The presentation explores the development and application of artificial intelligence (AI) from its inception to its current status in the modern world. The term "artificial intelligence" was first coined by John McCarthy in 1956 to describe efforts to develop computer programs capable of performing tasks that typically require human intelligence. This concept was first introduced at a conference held at Dartmouth College, where programs demonstrated capabilities such as playing chess, proving theorems, and interpreting texts. In the early stages, Alan Turing contributed to the field by defining intelligence as the ability of a being to respond to certain questions intelligently, proposing what is now known as the Turing Test to evaluate the presence of intelligent behavior in machines. As the decades progressed, AI evolved significantly. The 1980s focused on machine learning, teaching computers to learn from data, leading to the development of models that could improve their performance based on their experiences. The 1990s and 2000s saw further advances in algorithms and computational power, which allowed for more sophisticated data analysis techniques, including data mining. By the 2010s, the proliferation of big data and the refinement of deep learning techniques enabled AI to become mainstream. Notable milestones included the success of Google's AlphaGo and advancements in autonomous vehicles by companies like Tesla and Waymo. A major theme of the presentation is the application of generative AI, which has been used for tasks such as natural language text generation, translation, and question answering. Generative AI uses large datasets to train models that can then produce new, coherent pieces of text or other media. The presentation also discusses the ethical implications and the need for regulation in AI, highlighting issues such as privacy, bias, and the potential for misuse. These concerns have prompted calls for comprehensive regulations to ensure the safe and equitable use of AI technologies. Artificial intelligence has also played a significant role in healthcare, particularly highlighted during the COVID-19 pandemic, where it was used in drug discovery, vaccine development, and analyzing the spread of the virus. The capabilities of AI in healthcare are vast, ranging from medical diagnostics to personalized medicine, demonstrating the technology's potential to revolutionize fields beyond just technical or consumer applications. In conclusion, AI continues to be a rapidly evolving field with significant implications for various aspects of society. The development from theoretical concepts to real-world applications illustrates both the potential benefits and the challenges that come with integrating advanced technologies into everyday life. The ongoing discussion about AI ethics and regulation underscores the importance of managing these technologies responsibly to maximize their their benefits while minimizing potential harms.

Artificial Intelligence: Facts and Myths

Joaquim Jorge

Evaluating the top large language models.pdf

ChristopherTHyatt

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Delhi Call girls

Partners Life - Insurer Innovation Award 2024

The Digital Insurer

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

Scaling API-first – The story of a global engineering organization

Radu Cotescu

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

GenCyber Cyber Security Day Presentation

Michael W. Hawkins

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Recently uploaded (20)

A Domino Admins Adventures (Engage 2024)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Exploring the Future Potential of AI-Enabled Smartphone Processors

Handwritten Text Recognition for manuscripts and early printed texts

Driving Behavioral Change for Information Management through Data-Driven Gree...

How to Troubleshoot Apps for the Modern Connected Worker

IAC 2024 - IA Fast Track to Search Focused AI Solutions

Artificial Intelligence: Facts and Myths

Evaluating the top large language models.pdf

presentation ICT roal in 21st century education

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Data Cloud, More than a CDP by Matt Robison

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Partners Life - Insurer Innovation Award 2024

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

Scaling API-first – The story of a global engineering organization

Strategies for Landing an Oracle DBA Job as a Fresher

GenCyber Cyber Security Day Presentation

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Chapter 01 introduction to security

1. Questions & Answers Chapter 1 - Introduction to Security Prowse (2012) 8 Questions Muhammad Jazman, S.Kom.,MInfoSys jazman@uin-suska.ac.id http://sif.uin-suska.ac.id/

2. Question 1 In information security, what are the three main goals? (Select the three best answers.) A. Auditing B. Integrity C. Nonrepudiation D. Confidentiality E. Risk Assessment F. Availability

3. Question 2 To protect against malicious attacks, what should you think like? A. Hacker B. Network admin C. Spoofer D. Auditor

4. Question 3 Tom sends out many e-mails containing secure information to other companies. What concept should be implemented to prove that Tom did indeed send the e-mails? A. Authenticity B. Nonrepudiation C. Confidentiality D. Integrity

5. Question 4 Which of the following does the A in CIA stand for when it comes to IT security? Select the best answer. A. Accountability B. Assessment C. Availability D. Auditing

6. Question 5 Which of the following is the greatest risk when it comes to removable storage? A. Integrity of data B. Availability of data C. Confidentiality of data D. Accountability of data

7. Question 6 When it comes to information security, what is the I in CIA? A. Insurrection B. Information C. Indigestion D. Integrity

8. Question 7 You are developing a security plan for your organization. Which of the following is an example of a physical control? A. Password B. DRP C. ID card D. Encryption

9. Question 8 When is a system completely secure? A. When it is updated B. When it is assessed for vulnerabilities C. When all anomalies have been removed D. Never

Chapter 01 introduction to security

Recommended

Recommended

More Related Content

Similar to Chapter 01 introduction to security

Similar to Chapter 01 introduction to security (20)

More from Muhammad Jazman

More from Muhammad Jazman (10)

Recently uploaded

Recently uploaded (20)

Chapter 01 introduction to security