ITSY-2341 FINAL
QUESTIONS AND
ANSWERS
,ITSY-2341
1. A data custodian works directly with data owners and True
is responsible for the storage, maintenance, and pro-
tection of the information.
2. A champion is a project manager, who may be a de- False
partmental line manager or staff unit manager, and
has expertise in project management and information
security technical requirements.
3. The history of information security begins with the False
concept of communications security.
4. Information Security can be an absolute. False
5. When unauthorized individuals or systems can view True
information, confidentiality is breached.
6. An organizational resource that is being protected is Asset
sometimes logical, such as a Web site, software infor-
mation, or data. Sometimes the resource is physical,
such as a person, computer system, hardware, or oth-
er tangible object. Either way, the resource is known
as a(n) .
7. In file hashing, a file is read by a special algorithm that Hash
uses the value of the bits in the file to compute a single
number called the value.
8. Which of the following was not an identified funda- phone numbers for access
mental problem with ARPANET security? were closely held and dis-
tributed
9. System administrators
, People with the primary responsibility for administer-
ing the systems that house the information used by
the organization perform the role of .
10. The protection of tangible items, objects, or areas Physical security
from unauthorized access and misuse is known as
.
11. has become a widely accepted standard for NSTISSI No. 4011
training and education related to the security of infor-
mation systems and is hosted by CNSS.
12. The community of interest made up of IT managers Information Technology
and skilled professionals in systems design, program- Management and Profes-
ming, networks, and other related disciplines is called sionals
.
13. An information system is the entire set of , peo- All of the above; software,
ple, procedures, and networks that enable the use of hardware, and data
information resources in the organization.
14. Individuals who are assigned the task of managing Trustees
a particular set of information and coordinating its
protection, storage, and use are known as data .
15. In 1993, the first conference was held in Las Ve- DEFCON
gas. Originally, it was established as a gathering for
people interested in information security, including
authors, lawyers, government employees, and law en-
forcement officials.
16. Physical
, security addresses the issues necessary to
protect the tangible items, objects, or areas of an or-
ganization from unauthorized access and misuse.
17. The famous study entitled "Protection Analysis: Final Vulnerabilities
Report" focused on a project undertaken by ARPA
to understand and detect in operating sys-
tems security.
18. of information is the quality or state of be- Authenticity
ing genuine or original.
19. The is the individual primarily responsible for CISO
the assessment, management, and implementation
of information security in the organization.
20. A technique used to compromise a system is known Exploit
as a(n) .
21. According to the CNSS, networking is "the protection False
of information and its critical elements".
22. The roles of information security professionals focus True
on protecting the organization's information systems
and stored information from attacks.
23. The role of the project manager—typically an execu- False
tive such as a chief information officer (CIO) or the
vice president of information technology (VP-IT)—in
this effort cannot be overstated.
24. Every organization, whether public or private and re- True
gardless of size, has information it wants to protect.
QUESTIONS AND
ANSWERS
,ITSY-2341
1. A data custodian works directly with data owners and True
is responsible for the storage, maintenance, and pro-
tection of the information.
2. A champion is a project manager, who may be a de- False
partmental line manager or staff unit manager, and
has expertise in project management and information
security technical requirements.
3. The history of information security begins with the False
concept of communications security.
4. Information Security can be an absolute. False
5. When unauthorized individuals or systems can view True
information, confidentiality is breached.
6. An organizational resource that is being protected is Asset
sometimes logical, such as a Web site, software infor-
mation, or data. Sometimes the resource is physical,
such as a person, computer system, hardware, or oth-
er tangible object. Either way, the resource is known
as a(n) .
7. In file hashing, a file is read by a special algorithm that Hash
uses the value of the bits in the file to compute a single
number called the value.
8. Which of the following was not an identified funda- phone numbers for access
mental problem with ARPANET security? were closely held and dis-
tributed
9. System administrators
, People with the primary responsibility for administer-
ing the systems that house the information used by
the organization perform the role of .
10. The protection of tangible items, objects, or areas Physical security
from unauthorized access and misuse is known as
.
11. has become a widely accepted standard for NSTISSI No. 4011
training and education related to the security of infor-
mation systems and is hosted by CNSS.
12. The community of interest made up of IT managers Information Technology
and skilled professionals in systems design, program- Management and Profes-
ming, networks, and other related disciplines is called sionals
.
13. An information system is the entire set of , peo- All of the above; software,
ple, procedures, and networks that enable the use of hardware, and data
information resources in the organization.
14. Individuals who are assigned the task of managing Trustees
a particular set of information and coordinating its
protection, storage, and use are known as data .
15. In 1993, the first conference was held in Las Ve- DEFCON
gas. Originally, it was established as a gathering for
people interested in information security, including
authors, lawyers, government employees, and law en-
forcement officials.
16. Physical
, security addresses the issues necessary to
protect the tangible items, objects, or areas of an or-
ganization from unauthorized access and misuse.
17. The famous study entitled "Protection Analysis: Final Vulnerabilities
Report" focused on a project undertaken by ARPA
to understand and detect in operating sys-
tems security.
18. of information is the quality or state of be- Authenticity
ing genuine or original.
19. The is the individual primarily responsible for CISO
the assessment, management, and implementation
of information security in the organization.
20. A technique used to compromise a system is known Exploit
as a(n) .
21. According to the CNSS, networking is "the protection False
of information and its critical elements".
22. The roles of information security professionals focus True
on protecting the organization's information systems
and stored information from attacks.
23. The role of the project manager—typically an execu- False
tive such as a chief information officer (CIO) or the
vice president of information technology (VP-IT)—in
this effort cannot be overstated.
24. Every organization, whether public or private and re- True
gardless of size, has information it wants to protect.
