Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

15 Cards in this Set

  • Front
  • Back
The absence or weakness in a system that may possibly be exploited is called a
The probability that a threat to an information system will materialize is called
Security assurance requirements describe:
how to test the system
Security functional requirements describe:
what a security system should do by design
The two types of IT security requirements are:
functional and assurance
The weadest link in any security system is the:
human element
Defense in depth is needed to assure that which three mandatory activities are present in a security system?
prevention, detection, and response
The CIA triad is often represented by a:
Related to information security, confidentiality is the opposite of which of the following?
Making sure that data has not been changed unintentionally due to an accident or malice is:
The three goals of information security are:
confidentiality, integrity, and availability
Controls are implemented to:
mitigate risk and eliminate the potential for loss.
A cookbook on how to take advantage of a vulnerability is called an
The three types of security controls are:
people, process, and technology
Process controls for IT security include:
A) assignment of roles for least privilege
B) separation of duties
C) documented procedures