Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/15

Click to flip

15 Cards in this Set

  • Front
  • Back
The absence or weakness in a system that may possibly be exploited is called a
vulnerability
The probability that a threat to an information system will materialize is called
risk
Security assurance requirements describe:
how to test the system
Security functional requirements describe:
what a security system should do by design
The two types of IT security requirements are:
functional and assurance
The weadest link in any security system is the:
human element
Defense in depth is needed to assure that which three mandatory activities are present in a security system?
prevention, detection, and response
The CIA triad is often represented by a:
triangle
Related to information security, confidentiality is the opposite of which of the following?
disclosure
Making sure that data has not been changed unintentionally due to an accident or malice is:
Integrity
The three goals of information security are:
confidentiality, integrity, and availability
Controls are implemented to:
mitigate risk and eliminate the potential for loss.
A cookbook on how to take advantage of a vulnerability is called an
exploit
The three types of security controls are:
people, process, and technology
Process controls for IT security include:
A) assignment of roles for least privilege
B) separation of duties
C) documented procedures