CIS4361 Chapter 1Q&A
A breach of possession always results in a breach of confidentiality. - =False
During the early years, information security was a straightforward process composed predominantly of
____________________ security and simple document classification schemes. - =Physical
Which of the following is a valid type of data ownership? - =Data Users, Data Owners and Data
Custodians
____ is the predecessor to the Internet. - =Arpanet
A(n) ____ attack is a hacker using a personal computer to break into a system. - =Direct
In an organization, the value of ____________________ of information is especially high when it
involves personal information about employees, customers, or patients. - =Confidentiality
The ____ model consists of six general phases. - =Waterfall
Key end users should be assigned to a developmental team, known as the united application
development team. - =False
A(n) _________________________ is a group of individuals who are united by similar interests or values
within an organization and who share a common goal of helping the organization to meet its objectives.
- =Community of Interest
The primary threats to security during the early years of computers were physical theft of equipment,
espionage against the products of the systems, and sabotage. - =True
A data custodian works directly with data owners and is responsible for the storage, maintenance, and
protection of the information. - =True
, The physical design is the blueprint for the desired solution. - =False
The ____________________ of information is the quality or state of ownership or control of some
object or item. - =Possession
The Internet brought connectivity to virtually all computers that could reach a phone line or an Internet-
connected local area ____________________. - =Network
The history of information security begins with the history of ____________________ security. -
=Computer
MULTICS stands for Multiple Information and Computing Service. - =False
During the ____________________ War, many mainframes were brought online to accomplish more
complex and sophisticated tasks so it became necessary to enable the mainframes to communicate via a
less cumbersome process than mailing magnetic tapes between computer centers. - =Cold
Recently, many states have implemented legislation making certain computer-related activities illegal. -
=True
Information security can begin as a grassroots effort in which systems administrators attempt to
improve the security of their systems, which is often referred to as a bottom-up approach. - =True
A famous study entitled "Protection Analysis: Final Report" was published in ____. - =1978
Risk evaluation is the process of identifying, assessing, and evaluating the levels of risk facing the
organization, specifically the threats to the organization's security and to the information stored and
processed by the organization. - =False
The implementation phase is the longest and most expensive phase of the systems development life
cycle (SDLC). - =False
A breach of possession always results in a breach of confidentiality. - =False
During the early years, information security was a straightforward process composed predominantly of
____________________ security and simple document classification schemes. - =Physical
Which of the following is a valid type of data ownership? - =Data Users, Data Owners and Data
Custodians
____ is the predecessor to the Internet. - =Arpanet
A(n) ____ attack is a hacker using a personal computer to break into a system. - =Direct
In an organization, the value of ____________________ of information is especially high when it
involves personal information about employees, customers, or patients. - =Confidentiality
The ____ model consists of six general phases. - =Waterfall
Key end users should be assigned to a developmental team, known as the united application
development team. - =False
A(n) _________________________ is a group of individuals who are united by similar interests or values
within an organization and who share a common goal of helping the organization to meet its objectives.
- =Community of Interest
The primary threats to security during the early years of computers were physical theft of equipment,
espionage against the products of the systems, and sabotage. - =True
A data custodian works directly with data owners and is responsible for the storage, maintenance, and
protection of the information. - =True
, The physical design is the blueprint for the desired solution. - =False
The ____________________ of information is the quality or state of ownership or control of some
object or item. - =Possession
The Internet brought connectivity to virtually all computers that could reach a phone line or an Internet-
connected local area ____________________. - =Network
The history of information security begins with the history of ____________________ security. -
=Computer
MULTICS stands for Multiple Information and Computing Service. - =False
During the ____________________ War, many mainframes were brought online to accomplish more
complex and sophisticated tasks so it became necessary to enable the mainframes to communicate via a
less cumbersome process than mailing magnetic tapes between computer centers. - =Cold
Recently, many states have implemented legislation making certain computer-related activities illegal. -
=True
Information security can begin as a grassroots effort in which systems administrators attempt to
improve the security of their systems, which is often referred to as a bottom-up approach. - =True
A famous study entitled "Protection Analysis: Final Report" was published in ____. - =1978
Risk evaluation is the process of identifying, assessing, and evaluating the levels of risk facing the
organization, specifically the threats to the organization's security and to the information stored and
processed by the organization. - =False
The implementation phase is the longest and most expensive phase of the systems development life
cycle (SDLC). - =False
