ISC2 Certified In Cybersecurity: Chapter 1
Questions And Answers With Complete Solutions
100% Correct | 2024
The National Institute of Standards and Technology defines _____ as the characteristic of data or
information when it is not made available or disclosed to unauthorized persons or processes. NIST SP
800-66
Confidentiality
A term pertaining to any data about an individual that could be used to identify them.
Personally Identifiable Information (PII)
A term referring to information regarding one's health status.
Protected Health Information (PHI)
What measures the degree to which something is whole and complete, internally consistent and
correct?
Integrity
_____ _____ is the assurance that data has not been altered in an unauthorized manner.
Data Integrity
_____ _____ refers to the maintenance of a known good configuration and expected operational
function as the system processes the information.
System Integrity
The quality that a system has when it performs its intended function in an unimpaired manner, free
from unauthorized manipulation of the system, whether intentional or accidental. NIST SP 800-27 Rev.
A
System Integrity
The property that data has not been altered in an unauthorized manner. This covers data in storage,
during processing and while in transit. NIST SP 800-27 Rev. A
Data Integrity
The condition an entity is at a point in time.
State
A documented, lowest level of security configuration allowed by a standard or organization.
Baseline
, Integrity of data or system can always be ascertained by comparing the _____ with the current _____.
Baseline and State
If the two match, then the integrity of the data or the system is intact; if they two do not match, then the
integrity of hte data or the system has been compromised.
What is a measure of the importance assigned to information by its owner, or the purpose of denoting
its need for protection? NIST SP 800-60 Vol 1 Rev 1
Sensitivity
_____ information is information that if improperly disclosed (confidentiality) or modified (integrity)
would harm an organization or individual.
Sensitive
What can be defined as timely and reliable access to information and the ability to use it by authorized
users?
Availability
A measure of the degree to which an organization depends on the information or information system
for the success of a mission or of a business function. NIST SP 800-60 Vol 1 Rev 1
Criticality
To define security, it has become common to use the CIA Triad. Define the CIA Triad.
Confidentiality
Integrity
Availability
Access control process validating that the identity being claimed by a user or entity is known to the
system by comparing one or more factors of identification.
Authentication
When users have stated their identity, it is necessary to validate that they are the rightful owners of
that identity. This process of verifying or proving the user's identification is known as _____.
Authentication
What are the common methods of authentication?
1. Something you know (Knowledge-Based)
2. Something you have (Token-Based)
3. Something you are (Characteristics-Based)
Something you know authentication methods.
Passwords, Paraphrases, PIN (Personal Identification Number), Secret Code
Questions And Answers With Complete Solutions
100% Correct | 2024
The National Institute of Standards and Technology defines _____ as the characteristic of data or
information when it is not made available or disclosed to unauthorized persons or processes. NIST SP
800-66
Confidentiality
A term pertaining to any data about an individual that could be used to identify them.
Personally Identifiable Information (PII)
A term referring to information regarding one's health status.
Protected Health Information (PHI)
What measures the degree to which something is whole and complete, internally consistent and
correct?
Integrity
_____ _____ is the assurance that data has not been altered in an unauthorized manner.
Data Integrity
_____ _____ refers to the maintenance of a known good configuration and expected operational
function as the system processes the information.
System Integrity
The quality that a system has when it performs its intended function in an unimpaired manner, free
from unauthorized manipulation of the system, whether intentional or accidental. NIST SP 800-27 Rev.
A
System Integrity
The property that data has not been altered in an unauthorized manner. This covers data in storage,
during processing and while in transit. NIST SP 800-27 Rev. A
Data Integrity
The condition an entity is at a point in time.
State
A documented, lowest level of security configuration allowed by a standard or organization.
Baseline
, Integrity of data or system can always be ascertained by comparing the _____ with the current _____.
Baseline and State
If the two match, then the integrity of the data or the system is intact; if they two do not match, then the
integrity of hte data or the system has been compromised.
What is a measure of the importance assigned to information by its owner, or the purpose of denoting
its need for protection? NIST SP 800-60 Vol 1 Rev 1
Sensitivity
_____ information is information that if improperly disclosed (confidentiality) or modified (integrity)
would harm an organization or individual.
Sensitive
What can be defined as timely and reliable access to information and the ability to use it by authorized
users?
Availability
A measure of the degree to which an organization depends on the information or information system
for the success of a mission or of a business function. NIST SP 800-60 Vol 1 Rev 1
Criticality
To define security, it has become common to use the CIA Triad. Define the CIA Triad.
Confidentiality
Integrity
Availability
Access control process validating that the identity being claimed by a user or entity is known to the
system by comparing one or more factors of identification.
Authentication
When users have stated their identity, it is necessary to validate that they are the rightful owners of
that identity. This process of verifying or proving the user's identification is known as _____.
Authentication
What are the common methods of authentication?
1. Something you know (Knowledge-Based)
2. Something you have (Token-Based)
3. Something you are (Characteristics-Based)
Something you know authentication methods.
Passwords, Paraphrases, PIN (Personal Identification Number), Secret Code
