Deck 1: Computer Systems Overview

Computer security is protection of the integrity,availability,and
confidentiality of information system resources.

The first step in devising security services and mechanisms is to
develop a security policy.

Data integrity assures that information and programs are changed only
in a specified and authorized manner.

Security mechanisms typically do not involve more than one particular
algorithm or protocol.

Threats are attacks carried out.

X.800 architecture was developed as an international standard and
focuses on security in the context of networks and communications.

The more critical a component or service,the higher the level of
availability required.

Hardware is the most vulnerable to attack and the least susceptible to
automated controls.

Many security administrators view strong security as an impediment to
efficient and user-friendly operation of an information system.

In the context of security our concern is with the vulnerabilities of
system resources.

T F 4.Availability assures that systems works promptly and service is not
denied to authorized users.

The "A" in the CIA triad stands for "authenticity".

Contingency planning is a functional area that primarily requires
computer security technical measures.

Computer security is essentially a battle of wits between a perpetrator
who tries to find holes and the administrator who tries to close them.

In the United States,student grade information is an asset whose confidentiality is regulated by the __________.

__________ is the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity,availability,and confidentiality of information system resources.

A loss of _________ is the disruption of access to or use of information or an information system.

The assets of a computer system can be categorized as hardware,software,communication lines and networks,and _________.

Misappropriation and misuse are attacks that result in ________ threat consequences.

A(n)_________ is a threat that is carried out and,if successful,leads to an undesirable violation of security,or threat consequence.

Replay,masquerade,modification of messages,and denial of service are example of _________ attacks.

Confidentiality,Integrity,and Availability form what is often referred to as the _____.

Release of message contents and traffic analysis are two types of _________ attacks.

A(n)_________ is any means taken to deal with a security attack.

The OSI security architecture focuses on security attacks,__________,and services.

A __________ is data appended to,or a cryptographic transformation of,a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery.

Establishing,maintaining,and implementing plans for emergency response,backup operations,and post disaster recovery for organizational information systems to ensure the availability of critical information resources and continuity of operations in emergency situations is a __________ plan.

A(n)_________ assessment is periodically assessing the risk to organizational operations,organizational assets,and individuals,resulting from the operation of organizational information systems and the associated processing,storage,or transmission or organizational information.

Security implementation involves four complementary courses of action: prevention,detection,response,and _________.