CECS 378 EXAM 1 QUESTIONS AND ANSWERS
Threats are attacks carried out. - CORRECT ANSWER✅✅False
Computer security is protection of the integrity, availability, and confidentiality of information system
resources. - CORRECT ANSWER✅✅True
Data integrity assures that information and programs are changed only in a specified and authorized
manner. - CORRECT ANSWER✅✅True
Availability assures that systems works promptly and service is not denied to authorized users. -
CORRECT ANSWER✅✅True
The "A" in the CIA triad stands for "authenticity". - CORRECT ANSWER✅✅False
The more critical a component or service, the higher the level of availability required. - CORRECT
ANSWER✅✅True
Computer security is essentially a battle of wits between a perpetrator who tries to find holes and the
administrator who tries to close them. - CORRECT ANSWER✅✅True
Security mechanisms typically do not involve more than one particular algorithm or protocol. - CORRECT
ANSWER✅✅False
Many security administrators view strong security as an impediment to efficient and user-friendly
operation of an information system. - CORRECT ANSWER✅✅True
In the context of security our concern is with the vulnerabilities of system resources. - CORRECT
ANSWER✅✅True
Hardware is the most vulnerable to attack and the least susceptible to automated controls. - CORRECT
ANSWER✅✅True
, Contingency planning is a functional area that primarily requires computer security technical measures. -
CORRECT ANSWER✅✅False
X.800 architecture was developed as an international standard and focuses on security in the context of
networks and communications. - CORRECT ANSWER✅✅True
The first step in devising security services and mechanisms is to develop a security policy. - CORRECT
ANSWER✅✅True
Assurance is the process of examining a computer product or system with respect to certain criteria. -
CORRECT ANSWER✅✅False
__________ assures that individuals control or influence what information related to them may be
collected and stored and by whom and to whom that information may be disclosed. - CORRECT
ANSWER✅✅Privacy
________ assures that a system performs its intended function in an unimpaired manner, free from
deliberate or inadvertent unauthorized manipulation of the system. - CORRECT ANSWER✅✅System
Integrity
A loss of _________ is the unauthorized disclosure of information. - CORRECT
ANSWER✅✅Confidentiality
A ________ level breach of security could be expected to have a severe or catastrophic adverse effect
on organizational operations, organizational assets, or individuals. - CORRECT ANSWER✅✅high
A flaw or weakness in a system's design, implementation, or operation and management that could be
exploited to violate the system's security policy is a(n) __________. - CORRECT
ANSWER✅✅vulnerability
Threats are attacks carried out. - CORRECT ANSWER✅✅False
Computer security is protection of the integrity, availability, and confidentiality of information system
resources. - CORRECT ANSWER✅✅True
Data integrity assures that information and programs are changed only in a specified and authorized
manner. - CORRECT ANSWER✅✅True
Availability assures that systems works promptly and service is not denied to authorized users. -
CORRECT ANSWER✅✅True
The "A" in the CIA triad stands for "authenticity". - CORRECT ANSWER✅✅False
The more critical a component or service, the higher the level of availability required. - CORRECT
ANSWER✅✅True
Computer security is essentially a battle of wits between a perpetrator who tries to find holes and the
administrator who tries to close them. - CORRECT ANSWER✅✅True
Security mechanisms typically do not involve more than one particular algorithm or protocol. - CORRECT
ANSWER✅✅False
Many security administrators view strong security as an impediment to efficient and user-friendly
operation of an information system. - CORRECT ANSWER✅✅True
In the context of security our concern is with the vulnerabilities of system resources. - CORRECT
ANSWER✅✅True
Hardware is the most vulnerable to attack and the least susceptible to automated controls. - CORRECT
ANSWER✅✅True
, Contingency planning is a functional area that primarily requires computer security technical measures. -
CORRECT ANSWER✅✅False
X.800 architecture was developed as an international standard and focuses on security in the context of
networks and communications. - CORRECT ANSWER✅✅True
The first step in devising security services and mechanisms is to develop a security policy. - CORRECT
ANSWER✅✅True
Assurance is the process of examining a computer product or system with respect to certain criteria. -
CORRECT ANSWER✅✅False
__________ assures that individuals control or influence what information related to them may be
collected and stored and by whom and to whom that information may be disclosed. - CORRECT
ANSWER✅✅Privacy
________ assures that a system performs its intended function in an unimpaired manner, free from
deliberate or inadvertent unauthorized manipulation of the system. - CORRECT ANSWER✅✅System
Integrity
A loss of _________ is the unauthorized disclosure of information. - CORRECT
ANSWER✅✅Confidentiality
A ________ level breach of security could be expected to have a severe or catastrophic adverse effect
on organizational operations, organizational assets, or individuals. - CORRECT ANSWER✅✅high
A flaw or weakness in a system's design, implementation, or operation and management that could be
exploited to violate the system's security policy is a(n) __________. - CORRECT
ANSWER✅✅vulnerability
