Fundamentals of I.T. Security - D430 Chapter
1
1. Information Security is defined as: protecting information and information sys- tems from unauthorized access,
use, disclosure, disruption, modification, or destruc- tion.
2. What are the 3 primary concepts in information security?: Confidentiality, Integrity, and Availability
(C.I.A.)
3. According to the C.I.A., what does Confidentiality stand for?: Refers to the ability to protect our data from
those who are not authorized to view it.
4. According to the C.I.A., what does Integrity stand for?: The ability to prevent people from changing your data in
an unauthorized or undesirable manner. You must also have the ability to reverse any data that might've been changed.
5. According to the C.I.A., what does Availability stand for?: Refers to the ability to access our data when we need
it.
6. What is the Parkerian Hexad?: Extended version of C.I.A. Triad. Now includes Possession or Control,
Authenticity, and Utility.
7. What is Possession and Control?: A part of the Parkerian Hexad. Refers to the physical disposition of the media on
which Data is stored. Do you have physically have the data at risk?
8. What is Authenticity apart of and what does it stand for?: A part of the Parkerian Hexad. Refers to helping one
verify if you've correctly identified who the true owner or creator of data is.
9. What does nonrepudiation mean?: Making sure that someone cannot deny that they did something. In the context of
data, it means that if someone sends a message or signs a document, they cannot later say " I did not do that "
10.What does Utility mean?: A part of the Parkerian Hexad. Refers to how useful that data is to you. For example,
trying to utilize an encrypted HDD would most likely not prove useful.
11.What are the types of attacks for data?: 4 types of categories for data attacks. Interception, Interruption
1/
, Fundamentals of I.T. Security - D430 Chapter
1
Modification, and Fabrication. Each can affect one or more principles of the C.I.A.,
12.What does Interception mean?: Type of data attack that allows unauthorized users to access your data,
applications, or environments. These are primarily at- tacks against confidentiality. Think of unauthorized file accessing,
eavesdropping, or reading somebody's email. Can be difficult to detect when properly executed.
13.What does Interruption mean?: Type of data attack that means to make your assets unusable/unavailable. Can
affect availability, but also integrity. A DOS attack on a mail server i would be an availability attack.
Can also affect integrity, for example by manipulating the processes of which a
2/
1
1. Information Security is defined as: protecting information and information sys- tems from unauthorized access,
use, disclosure, disruption, modification, or destruc- tion.
2. What are the 3 primary concepts in information security?: Confidentiality, Integrity, and Availability
(C.I.A.)
3. According to the C.I.A., what does Confidentiality stand for?: Refers to the ability to protect our data from
those who are not authorized to view it.
4. According to the C.I.A., what does Integrity stand for?: The ability to prevent people from changing your data in
an unauthorized or undesirable manner. You must also have the ability to reverse any data that might've been changed.
5. According to the C.I.A., what does Availability stand for?: Refers to the ability to access our data when we need
it.
6. What is the Parkerian Hexad?: Extended version of C.I.A. Triad. Now includes Possession or Control,
Authenticity, and Utility.
7. What is Possession and Control?: A part of the Parkerian Hexad. Refers to the physical disposition of the media on
which Data is stored. Do you have physically have the data at risk?
8. What is Authenticity apart of and what does it stand for?: A part of the Parkerian Hexad. Refers to helping one
verify if you've correctly identified who the true owner or creator of data is.
9. What does nonrepudiation mean?: Making sure that someone cannot deny that they did something. In the context of
data, it means that if someone sends a message or signs a document, they cannot later say " I did not do that "
10.What does Utility mean?: A part of the Parkerian Hexad. Refers to how useful that data is to you. For example,
trying to utilize an encrypted HDD would most likely not prove useful.
11.What are the types of attacks for data?: 4 types of categories for data attacks. Interception, Interruption
1/
, Fundamentals of I.T. Security - D430 Chapter
1
Modification, and Fabrication. Each can affect one or more principles of the C.I.A.,
12.What does Interception mean?: Type of data attack that allows unauthorized users to access your data,
applications, or environments. These are primarily at- tacks against confidentiality. Think of unauthorized file accessing,
eavesdropping, or reading somebody's email. Can be difficult to detect when properly executed.
13.What does Interruption mean?: Type of data attack that means to make your assets unusable/unavailable. Can
affect availability, but also integrity. A DOS attack on a mail server i would be an availability attack.
Can also affect integrity, for example by manipulating the processes of which a
2/
