UGRD-IT6205A Information Assurance and Security 1
(Prelim Q1, Q2, PreLim)
The course exposes the students to the basic structure of cyberspace and to a risk-based approach to cybersecurity.
Question text
Availability:Assurance that the systems responsible for delivering, storing and processing information are accessible when needed, by those who need them.
Question text
Is the process of maintaining an acceptable level of perceived risk
Question text
Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets.
Question text
Is a process, not an end state
Question text
Availability: Availability of information refers to ensuring that authorized parties are able to access the information when needed
Question text
Is roughly equivalent to privacy
Feedback
Question text
Three Features of Security
Feedback
Question text
Assurance that the information is authentic and complete.
Feedback
Question text
Concept of Cybercrime
Cyber Crime Computer crime, or cybercrime, is any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target.
Question text
Cyberspace is "the environment in which communication over computer networks occurs.“
Question text
Cyber security, also referred to as information technology security, focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction.
Question text
Six Concept of CyberCrime
Feedback
Question text
Assurance that the sender is provided with proof of a data delivery and recipient is provided with proof of the sender’s identity, so that neither can later deny having processed the data.
Question text
Protection against unauthorized modification or destruction of information
Question text
Security measures to establish the validity of a transmission, message, or originator.
Question text
Converting data into information thus requires knowledge
Feedback
Question text
Accepted facts, principles, or rules of thumb that are useful for specific domains.
Question text
Information and data manipulation abilities in cyberspace;
Feedback
Question text
Assurance that information is not disclosed to unauthorized persons
Question text
Raw facts with a known coding system
Question text
Information Assurance (IA) is the study of how to protect your information assets from destruction, degradation, manipulation and exploitation.
Question text
Actions taken that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality and non-repudiation
Question text
Data and data processing activities in physical space;
Feedback
Question text
Timely, reliable access to data and information services for authorized users;
Question text
It should be: accurate, timely, complete, verifiable, consistent, available.
Feedback
Question text
Processed data
Question text
Four Security Domain
Feedback
Question text
Is data endowed with relevance and purpose.
Feedback
Question text
Raw facts with an unknown coding system
Question text
Raw facts with a known coding system
Question text
Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets.
Question text
Concept of Cybercrime
Cyber Crime Computer crime, or cybercrime, is any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target.
Question text
Three Features of Security
Feedback
Question text
Consists of employees, former employees and contractors.
Question text
Protection against unauthorized modification or destruction of information
Question text
Cyber security, also referred to as information technology security, focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction.
Question text
Three distinct levels:
Feedback
Question text
Information and data manipulation abilities in cyberspace;
Feedback
Question text
Availability: Availability of information refers to ensuring that authorized parties are able to access the information when needed
Question text
Cyberspace is "the environment in which communication over computer networks occurs.“
Question text
Is a variety of ongoing measures taken to reduce the likelihood and severity of accidental and intentional alteration, destruction, misappropriation, misuse, misconfiguration, unauthorized distribution, and unavailability of an organization’s logical and physical assets, as the result of action or inaction by insiders and known outsiders, such as business partners.”
Feedback
Question text
It should be: accurate, timely, complete, verifiable, consistent, available.
Feedback
Question text
Processed data
Question text
Involves the implementation of standard operational security procedures that define the nature and frequency of the interaction between users, systems, and system resources, the purpose of which is to.
Question text
Availability:Assurance that the systems responsible for delivering, storing and processing information are accessible when needed, by those who need them.
Question text
Is the study of how to protect your information assets from destruction, degradation, manipulation and exploitation.
Feedback
Question text
In information security, data integrity means maintaining and assuring the accuracy and consistency of data over its entire life-cycle.
Question text
Is the inherent technical features and functions that collectively contribute to an IT infrastructure achieving and sustaining confidentiality, integrity, availability, accountability, authenticity, and reliability.”
Question text
Information security technical measures such as: encryption and key management, intrusion detection, anti-virus software, auditing, redundancy, firewalls, policies and standards.
Question text
Is a process, not an end state
Question text
Converting data into information thus requires knowledge
Feedback
Question text
Data and data processing activities in physical space;
Feedback
Question text
Raw facts with an unknown coding system
Question text
Accepted facts, principles, or rules of thumb that are useful for specific domains.
Question text
Assurance that the sender is provided with proof of a data delivery and recipient is provided with proof of the sender’s identity, so that neither can later deny having processed the data.
Question text
Is data endowed with relevance and purpose.
Feedback
Question text
Is roughly equivalent to privacy
Feedbackn
Question text
Assurance that the information is authentic and complete.
Feedback
Question text
Type of Concept for Cybercrime
Feedback
Question text
Information Assurance (IA) is the study of how to protect your information assets from destruction, degradation, manipulation and exploitation.
Question text
To affect the technical performance and the capability of physical systems, to disrupt the capabilities of the defender.
Feedback
Question text
Actions taken that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality and non-repudiation
Question text
Physical attack and destruction, including: electromagnetic attack, visual spying, intrusion, scavenging and removal, wiretapping, interference, and eavesdropping.
Feedback
Question text
Refers to the protection of hardware, software, and data against physical threats to reduce or prevent disruptions to operations and services and loss of assets.”
Feedback
Question text
Assurance that information is shared only among authorized persons or organizations.
Feedback
Question text
Is the process of maintaining an acceptable level of perceived risk
Question text
Security measures to establish the validity of a transmission, message, or originator.
Question text
Timely, reliable access to data and information services for authorized users;
Question text
Four Security Domains