Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
14 Cards in this Set
- Front
- Back
|
(3) Requirements of Security Management Program
|
Availability, Integrity, and Confidentiality
|
|
|
Assurance that a computer system is accessible by authorized users is ...
|
Availability (one of 3 Requirements of Security Management Program)
|
|
|
(2) Facets of Availability
|
1) Denial-of-service 2) Los of dta processing capabilities due to natural disaster or human actions
|
|
|
Refers to user or intruder actions that tie up computing services in a way that renders system unusable ...
|
Denial-of-Service
|
|
|
What are (3) types of controls used to maintain "Availability"
|
1) Physical
2) Technical 3) Administrative |
|
|
What are some typical Physical Controls to maintain "Availability"
|
1) Prevent unauthorized people
2) Fire protection 3) Temperature controls 4) etc ... |
|
|
What are some typical Technical Controls to maintain "Availability"
|
1) Fault tolerance (mirror drives, etc)
2) Backups 3) Access Controls to prevent unauthorized users |
|
|
What are some typical Administrative Controls to maintain "Availability"
|
1) Access control "Policies"
2) Operating Procedures 3) Contingency Planning (DR) 4) Training |
|
|
What are some common denial-of-service methods of disrupting "Availability"
|
1) Computer Viruses
2) Trojan Horses 3) Logic Bombs |
|
|
Aspects of a "Trustworthy System"
|
Security (Availability, Integrity, Confidentiality), assurance, safety, reliability, and privacy
|
|
|
Aspect of Security Program that is the protection of system informations or processes from intentional or accidental unauthorized changes
|
Integrity
|
|
|
What is general way of describing the Integrity aspect of Security
|
Data is in a state that the user expects
|
|
|
How does the Security Program improve the accuracy of the data input
|
It cannot improve accuracy of the input, only ensures that changes were intended
|
|
|
Fraudulant data is an example of failings of what aspect of Security
|
Example of poor Security Integrity
|
