Give us your feedback!
Question:
More key terms from Chapter 2
Response:
Weakness or lack of a countermeasure
Vulnerability
Entity that can exploit a vulnerability
Threat agent
The danger of having a vulnerability exploited
Risk
The probability of a threat being realized
Exposure
Presence of a vulnerability which exposes the organization
Threat
Match the following key terms
Availability
Reliable and timely access to data and resources
Confidentiality
Necessary level of secrecy, unauthorized disclosure is prevented
Shoulder surfing
Unauthorized viewing of information (screen peeking)
Social Engineering
Tricking someone into giving sensitive information (to gain unauthorized access)
Which classification of fuel type is a computer given?
D
C
B
A
Match the following control types to their purposes
Reducing Risk
Preventative
Correcting violations and incidents
Detective
Corrective controls also help improve existing preventative and detective controls
Discouraging violations
Deterrent
Providing alternate ways of accomplishing a task
Compensating
Restoring systems and information
Recovery
John's computer access changed with his reassignment to a new department. This is an example of:
Role-based access control
Mandatory access control
Need-to-Know control
Access List Control
Owner set access control
In MAC the access policy is set by:
the system
the GPO
the role
network ACL
the owner
Which of the following is the highest in the OSI model:
Presentation
Physical
Network
Data Link
Transport
Clark-Wilson focuses primarily on:
Accessibility
Address Integrity
Confidentialty
Authentication
Which of the following is immediately above the Transport Layer in the OSI model:
Session
Datalink
Motion detectors, video cameras, fences, locked doors, guards and dogs are all examples of
Technical controls
Both Technical and Administrative controls
Physical controls
Administrative controls
Which of the following are the three components of the fire triangle?
Heat/Fuel/Oxygen
Fire/Combustion/Oxygen
Fire/Fuel/Oxygen
Heat/Combustion/Oxygen
Match the following examples to their definitions
Unpatched servers
A virus that relies on unpatched code or OS levels
The likelihood a threat will be realized, the frequency of natural disasters
$1M dollars per day downtime
A proxy server
A LAN is
a Least Access Notification
a Local Account Name
a Local Authentication Node
a Linear Applebaum Network diagram
a Local Area Network
"The strength of the cryptosystem is a function of the keys, not the algorithm" is also known as
Moore's Law
Rijndael's Challenge
Diffe-Hillman's Axiom
Kerckhoff's Principle
Auguste Kerckhoff, trying to get the French to clean up their military cryptography back in 1883... seriously kickin' it old school.
What OSI Layer includes data compression?
Application
