BPI - 6
information security - correct answer ✔a broad term encompassing the
protection of information from accidental or intentional misuse by persons
inside or outside an organization
people - correct answer ✔First line of defense:
The biggest issue surrounding information security; 38% of security incidents
originate within the organization
Insiders - correct answer ✔Legitimate users who purposely or accidentally
misuse their access to the environment and cause some kind of business-
affecting incident.
Social Engineering - correct answer ✔Is using ones social skills to trick
people into revealing access credentials or other information valuable to the
attacker.
information security policies - correct answer ✔identify the rules required to
maintain information security
information security plan - correct answer ✔details how an organization will
implement the information security policies
five steps to creating an information security plan - correct answer ✔1)
develop the information security policies
2) communicate the information security policies
3) identify critical information assets and risks
4) test and reevaluate risks
, 5) obtain stakeholder support
IDS - Intrusion Detection Software - correct answer ✔Searches out patterns
in information and network traffic to indicate attacks and quickly responds to
prevent any harm.
Technology - correct answer ✔Second line of defense
Three primary information security areas - correct answer ✔1) authentication
and authorization
2) prevention and resistance
3) detection and response
Three primary information security areas: #1 Authentication & Authorization -
correct answer ✔Three primary information security areas: #1
A) A method for confirming a users' identities.
B) The process of giving someone permission to do or have something.
Three categories of Authentication & Authorization - correct answer ✔Most
secure type involves a combination of all three:
1) something the user knows such as an ID and password.
2) something the user has such as smart card or token.
3) something that is part of the user such as fingerprint or voice signature.
Authentication & Authorization: identity theft - correct answer
✔Authentication & Authorization:
the forging of someone's identity for the purpose of fraud.
information security - correct answer ✔a broad term encompassing the
protection of information from accidental or intentional misuse by persons
inside or outside an organization
people - correct answer ✔First line of defense:
The biggest issue surrounding information security; 38% of security incidents
originate within the organization
Insiders - correct answer ✔Legitimate users who purposely or accidentally
misuse their access to the environment and cause some kind of business-
affecting incident.
Social Engineering - correct answer ✔Is using ones social skills to trick
people into revealing access credentials or other information valuable to the
attacker.
information security policies - correct answer ✔identify the rules required to
maintain information security
information security plan - correct answer ✔details how an organization will
implement the information security policies
five steps to creating an information security plan - correct answer ✔1)
develop the information security policies
2) communicate the information security policies
3) identify critical information assets and risks
4) test and reevaluate risks
, 5) obtain stakeholder support
IDS - Intrusion Detection Software - correct answer ✔Searches out patterns
in information and network traffic to indicate attacks and quickly responds to
prevent any harm.
Technology - correct answer ✔Second line of defense
Three primary information security areas - correct answer ✔1) authentication
and authorization
2) prevention and resistance
3) detection and response
Three primary information security areas: #1 Authentication & Authorization -
correct answer ✔Three primary information security areas: #1
A) A method for confirming a users' identities.
B) The process of giving someone permission to do or have something.
Three categories of Authentication & Authorization - correct answer ✔Most
secure type involves a combination of all three:
1) something the user knows such as an ID and password.
2) something the user has such as smart card or token.
3) something that is part of the user such as fingerprint or voice signature.
Authentication & Authorization: identity theft - correct answer
✔Authentication & Authorization:
the forging of someone's identity for the purpose of fraud.
