ADVANCED e-SECURITY
Lecture 1 Quick Quiz
Q: What is computer security?
A: Protection of physical locations, hardware and software of computers from outside threats.
Q: Name three primary threats to security of computers.
A: Physical theft, espionage and sabotage.
Q: Name two fundamental problems with ARPANET security?
A: (1) No safety for dial-up connections. (2) Nonexistent user identification and authorization.
Q: What was the name of the now obsolete operating system designed for security objectives?
A: MULTICS
Q: What is the security that addresses the issues needed to protect items, objects, or areas?
A: Physical security.
Q: What is the security that addresses the protection of individuals or groups authorized to access an organization?
A: Personal security.
Q: What is the security that encompasses the protection of an organization’s communications media, technology and content?
A: Communications security.
Q: In regard to critical characteristics of information, a breach of confidentiality always results in a breach of:
A: possession
The characteristic of information that deals with preventing disclosure is confidentiality.
When a computer is used as an active tool to conduct an attack on another information asset, that computer is then considered the subject of an attack.
When a computer is the information asset that is being attacked, it is considered the object of an attack.
Ownership or control of information is called the characteristic of possession.
If information has a state of being genuine or original and is not a fabrication, it has the characteristic of authenticity.
A formal approach to solving a problem based on a structured sequence of procedures is called a SDLC methodology.
When projects are initiated at the highest levels of an organization and then pushed to all levels, they are said to follow a top-down approach.
Information security programs that begin at a grassroots level by system administrators to improve security are often
Q: What is computer security?
A: Protection of physical locations, hardware and software of computers from outside threats.
Q: Name three primary threats to security of computers.
A: Physical theft, espionage and sabotage.
Q: Name two fundamental problems with ARPANET security?
A: (1) No safety for dial-up connections. (2) Nonexistent user identification and authorization.
Q: What was the name of the now obsolete operating system designed for security objectives?
A: MULTICS
Q: What is the security that addresses the issues needed to protect items, objects, or areas?
A: Physical security.
Q: What is the security that addresses the protection of individuals or groups authorized to access an organization?
A: Personal security.
Q: What is the security that encompasses the protection of an organization’s communications media, technology and content?
A: Communications security.
Q: In regard to critical characteristics of information, a breach of confidentiality always results in a breach of:
A: possession
The characteristic of information that deals with preventing disclosure is confidentiality.
When a computer is used as an active tool to conduct an attack on another information asset, that computer is then considered the subject of an attack.
When a computer is the information asset that is being attacked, it is considered the object of an attack.
Ownership or control of information is called the characteristic of possession.
If information has a state of being genuine or original and is not a fabrication, it has the characteristic of authenticity.
A formal approach to solving a problem based on a structured sequence of procedures is called a SDLC methodology.
When projects are initiated at the highest levels of an organization and then pushed to all levels, they are said to follow a top-down approach.
Information security programs that begin at a grassroots level by system administrators to improve security are often