Information Assurance and Security 1

UGRD-IT6205A Information Assurance and Security 1
(Prelim Q1, Q2, PreLim)

The course exposes the students to the basic structure of cyberspace and to a risk-based approach to cybersecurity.

Question text

 Availability:Assurance that the systems responsible for delivering, storing and processing information are accessible when needed, by those who need them.

Select one:

True 

False

Question text

Is the process of maintaining an acceptable level of perceived risk   

Answer: 

Question text

Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets.

Select one:

True 

False

Question text

Is a process, not an end state

Answer: 

Question text

Availability: Availability of information refers to ensuring that authorized parties are able to access the information when needed

Select one:

True 

False

Question text

Is roughly equivalent to privacy

Select one:

a.

Integrity

b.

Confidentiality

c.

Security

d.

Availability

Feedback

Question text

Three Features of Security

Select one:

a.

CyberSpace, Integrity and Availability

b.

Confidentiality, Integrity and Availability

c.

Confidentiality, System and Availability

d.

Confidentiality, Integrity and Security

Feedback

Question text

Assurance that the information is authentic and complete.

Select one:

a.

Confidentiality

b.

Security

c.

Integrity

d.

Availability

Feedback

Question text

Concept of Cybercrime

Cyber Crime Computer crime, or cybercrime, is any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target.

Select one:

True 

False

Question text

Cyberspace is "the environment in which communication over computer networks occurs.“

Select one:

True 

False

Question text

Cyber security, also referred to as information technology security, focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction.

Select one:

True 

False

Question text

Six Concept of CyberCrime

Select one:

a.

System, Underground Economy, Phishing, Hacktivism, Cyberwar:Estonia Case and Stuxnet

b.

Digital Underground, Virus, Phishing, Hacktivism, Cyberwar:Estonia Case and Stuxnet

c.

Digital Underground, Underground Economy, System, Hacktivism, Cyberwar:Estonia Case and Stuxnet

d.

Digital Underground, Underground Economy, Phishing, Hacktivism, Cyberwar:Estonia Case and Stuxnet

Feedback

Question text

Assurance that the sender is provided with proof  of a data delivery and recipient is provided with proof  of the sender’s identity, so that neither can later deny  having processed the data.

Answer: 

Question text

Protection against unauthorized modification or  destruction of information

Answer: 

Question text

Security measures to establish the validity of a  transmission, message, or originator.

Answer: 

Question text

Converting data into  information thus  requires knowledge

Select one:

a.

Data

b.

Information

c.

Knowledge

d.

Noise

Feedback

Question text

Accepted facts, principles, or rules of thumb that are  useful  for specific domains.

Answer: 

Question text

Information and data manipulation abilities in cyberspace;

Select one:

a.

IT Security

b.

Information Infrastructure

c.

Physical Security

d.

Noise

Feedback

Question text

Assurance that information is not disclosed to  unauthorized persons

Answer: 

Question text

Raw facts with a known coding system

Answer: 

Question text

Information Assurance (IA) is the study of how to protect your  information assets from destruction, degradation, manipulation and  exploitation.   

Select one:

True 

False

Question text

Actions taken that protect and defend information and  information systems by ensuring their availability,  integrity, authentication, confidentiality and non-repudiation

Select one:

True 

False

Question text

Data and data processing activities in physical space;

Select one:

a.

IT Security

b.

Physical Security

c.

Physical

d.

Personnel Security

Feedback

Question text

Timely, reliable access to data and information  services for authorized users;

Answer: 

Question text

It should be:  accurate, timely, complete, verifiable, consistent,  available.

Select one:

a.

Knowledge

b.

Information

c.

Noise

d.

Data

Feedback

Question text

Processed data

Answer: 

Question text

Four Security Domain

Select one:

a.

Physical Security, Personnel Security, IT Security and Security

b.

System, Personnel Security, IT Security and Operational Security

c.

Physical Security, Virus, IT Security and Operational Security

d.

Physical Security, Personnel Security, IT Security and Operational Security

Feedback

Question text

Is data  endowed with relevance  and purpose.

Select one:

a.

Data

b.

Noise

c.

Knowledge

d.

Information

Feedback

Question text

Raw facts with an unknown coding system

Answer: 

Question text

Raw facts with a known coding system

Answer: 

Question text

Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets.

Select one:

True 

False

Question text

Concept of Cybercrime

Cyber Crime Computer crime, or cybercrime, is any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target.

Select one:

True 

False

Question text

Three Features of Security

Select one:

a.

Confidentiality, Integrity and Availability

b.

No Feelings, Integrity and Availability

c.

Confidentiality, Integrity and Flexible

d.

Efficient, Integrity and Availability

Feedback

Question text

Consists of employees, former employees and  contractors.

 

Answer: 

Question text

Protection against unauthorized modification or  destruction of information

Answer: 

Question text

Cyber security, also referred to as information technology security, focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction.

Select one:

True 

False

Question text

Three distinct levels:

Select one or more:

a.

Frameworks

b.

Physical

c.

Perceptual

d.

Conceptual

e.

Desired Effects

Feedback

Question text

Information and data manipulation abilities in cyberspace;

Select one:

a.

Noise

b.

IT Security

c.

Physical Security

d.

Information Infrastructure

Feedback

Question text

Availability: Availability of information refers to ensuring that authorized parties are able to access the information when needed

Select one:

True 

False

Question text

Cyberspace is "the environment in which communication over computer networks occurs.“

Select one:

True 

False

Question text

Is a variety of ongoing measures taken to  reduce the likelihood and severity of accidental and intentional  alteration, destruction, misappropriation, misuse, misconfiguration,  unauthorized distribution, and unavailability of an organization’s  logical and physical assets, as the result of action or inaction by  insiders and known outsiders, such as business partners.”

Select one:

a.

IT Security

b.

Operational Security

c.

Physical Security

d.

Personnel Security

Feedback

Question text

It should be:  accurate, timely, complete, verifiable, consistent,  available.

Select one:

a.

Knowledge

b.

Noise

c.

Data

d.

Information

Feedback

Question text

Processed data

Answer: 

Question text

Involves the implementation of standard  operational security procedures that define the nature and  frequency of the interaction between users, systems, and system  resources, the purpose of which is to.

Answer: 

Question text

 Availability:Assurance that the systems responsible for delivering, storing and processing information are accessible when needed, by those who need them.

Select one:

True 

False

Question text

Is the study of how to protect your  information assets from destruction, degradation, manipulation and  exploitation.

Select one:

a.

Information Assurance

b.

Efficient 

c.

Integrity

d.

Confidentiality

Feedback

Question text

In information security, data integrity means maintaining and assuring the accuracy and consistency of data over its entire life-cycle.

Select one:

True 

False

Question text

Is the inherent technical features and functions that  collectively contribute to an IT infrastructure achieving and  sustaining confidentiality, integrity, availability, accountability, authenticity, and reliability.”

Answer: 

Question text

Information security technical measures  such as:        encryption and key management, intrusion  detection, anti-virus software, auditing, redundancy,  firewalls, policies and standards.

Answer: 

Question text

Is a process, not an end state

Answer: 

Question text

Converting data into  information thus  requires knowledge

Select one:

a.

Information

b.

Noise

c.

Data

d.

Knowledge

Feedback

Question text

Data and data processing activities in physical space;

Select one:

a.

Physical

b.

Personnel Security

c.

Physical Security

d.

IT Security

Feedback

Question text

Raw facts with an unknown coding system

Answer: 

Question text

Accepted facts, principles, or rules of thumb that are  useful  for specific domains.

Answer: 

Question text

Assurance that the sender is provided with proof  of a data delivery and recipient is provided with proof  of the sender’s identity, so that neither can later deny  having processed the data.

Answer: 

Question text

Is data  endowed with relevance  and purpose.

Select one:

a.

Information

b.

Noise

c.

Knowledge

d.

Data

Feedback

Question text

Is roughly equivalent to privacy

Select one:

a.

Confidentiality

b.

Security

c.

Integrity

d.

Availability

Feedbackn

Question text

Assurance that the information is authentic and complete.

Select one:

a.

Confidentiality

b.

Availability

c.

Integrity

d.

Security

Feedback

Question text

Type of Concept for Cybercrime

Select one:

a.

Digital Underground, Underground Economy, Phishing, Hacktivism, Cyberwar:Estonia Case and System

b.

Digital Underground, Efficient Phishing, Hacktivism, Cyberwar:Estonia Case and Stuxnet

c.

Digital Underground, Underground Economy, Phishing, Hacktivism, Cyberwar:Estonia Case and Stuxnet

d.

Program, Underground Economy, Phishing, Hacktivism, Cyberwar:Estonia Case and Stuxnet

Feedback

Question text

Information Assurance (IA) is the study of how to protect your  information assets from destruction, degradation, manipulation and  exploitation.   

Select one:

True 

False

Question text

To affect the technical performance and the  capability of physical systems, to disrupt the  capabilities of the defender.

Select one:

a.

Attacker's Operations

b.

Desired Effects

c.

Perceptual

d.

Noise

Feedback

Question text

Actions taken that protect and defend information and  information systems by ensuring their availability,  integrity, authentication, confidentiality and non-repudiation

Select one:

True 

False

Question text

Physical attack and destruction, including:  electromagnetic attack, visual spying, intrusion,  scavenging and removal, wiretapping, interference,  and eavesdropping.

Select one:

a.

Attacker's Operations

b.

Information

c.

Desired Effects

d.

Data

Feedback

Question text

Refers to the protection of hardware, software,  and data against physical threats to reduce or prevent disruptions  to operations and services and loss of assets.”

Select one:

a.

Physical Security

b.

Operational Security

c.

IT Security

d.

Personnel Security

Feedback

Question text

Assurance that information is shared only among authorized persons or organizations.

Select one:

a.

Confidentiality

b.

Integrity

c.

Availability

d.

Security

Feedback

Question text

Is the process of maintaining an acceptable level of perceived risk   

Answer: 

Question text

Security measures to establish the validity of a  transmission, message, or originator.

Answer: 

Question text

Timely, reliable access to data and information  services for authorized users;

Answer: 

Question text

Four Security Domains

Select one or more:

a.

Web Security

b.

Operational Security

c.

Data Security

d.

Personnel Security

e.

IT Security

f.

Physical Security

Feedback