SECURITY OAEXAM 2 VERSIONS TESTBANK AND
LATEST UPDATED STUDYGUIDE COMPLETE 300
QUESTIONS AND CORRECT DETAILED ANSWERS
(VERIFIED ANSWERS) NEWEST UPDATED VERSION
2025 |ALREADY GRADED A+
Information security
Answer- Keeping data, software, and hardware secure against
unauthorized access, use, disclosure, disruption, modification, or
destruction.
Compliance
Answer- The requirements that are set forth by laws and
industry regulations. Example: HIPPA/ HITECH- healthcare,
PCI/DSS- payment card industry, FISMA- federal government
agencies
CIA
Answer- The core model of all information security.
Confidential, integrity and availability
,Confidential
Answer- Allowing only those authorized to access the data
requested
integrity
answer- Keeping data unaltered by accidental or malicious intent
Availability
Answer- The ability to access data when needed
Parker Ian hexed model
Answer- Confidentiality, integrity, availability,
possession/control, authenticity, utility
Possession/ control
Answer- Refers to the physical disposition of the media on
which the data is stored
,authenticity
answer- Allows us to talk about the proper attribution as to the
owner or creator of the data in question
Utility
Answer- How useful the data is to us?
Types of attacks
1- interception
2- interruption
3- modification
4- fabrication
Interception
Attacks allows unauthorized users to access our data,
applications, or environments. Is primarily an attack against
confidentiality?
, Interruption
Attacks cause our assets to become unstable or unavailable for
our use, on a temporary or permanent basis. This attack affects
availability but can also attack integrity
Modification
Attacks involve tampering with our asset. Such attacks might
primarily be considered an integrity attack, but could also be an
availability attack.
Fabrication
Attacks involve generating data, processes, communications, or
other similar activities with a system. Attacks primarily affect
integrity but can be considered an availability attack.
Risk
The likelihood that a threat will occur. There must be a threat
and vulnerability