Computer #mpSecurity: # m p Principles #mpand #mpPractice, Chapter
#mp4th # m p Edition #mp1
Chapter 1 – Computer Systems Overview
TRUE/FALSE QUESTIONS:
T F 1. Threats are attacks carried out.
T F 2. Computer security is protection of the integrity, availability, and
confidentiality of information system resources.
T F 3. Data integrity assures that information and programs are changed only
in a specified and authorized manner.
T F 4. Availability assures that systems works promptly and service is not
denied to authorized users.
T F 5. The “A” in the CIA triad stands for “authenticity”.
T F 6. The more critical a component or service, the higher the level of
availability required.
T F 7. Computer security is essentially a battle of wits between a perpetrator
who tries to find holes and the administrator who tries to close them.
T F 8. Security mechanisms typically do not involve more than one particular
algorithm or protocol.
T F 9. Many security administrators view strong security as an impediment to
efficient and user-friendly operation of an information system.
T F 10. In the context of security our concern is with the vulnerabilities of
system resources.
T F 11. Hardware is the most vulnerable to attack and the least susceptible to
automated controls.
T F 12. Contingency planning is a functional area that primarily requires
computer security technical measures.
T F 13. X.800 architecture was developed as an international standard and
focuses on security in the context of networks and communications.
T F 14. The first step in devising security services and mechanisms is to
develop a security policy.
T F 15. Assurance is the process of examining a computer product or system
with respect to certain criteria.
SCHOLARVAULT
,Computer #mpSecurity: # m p Principles #mpand #mpPractice, Chapter
#mp4th # m p Edition #mp1
MULTIPLE #mpCHOICE #mpQUESTIONS:
1. assures #mpthat #mpindividuals #mpcontrol #mpor #mpinfluence #mpwhat
#mpinformation #mprelated #mpto #mpthem #mpmay #mpbe #mpcollected #mpand #mpstored #mpand #mpby
#mpwhom #mpand #mpto #mpwhom #mpthat #mpinformation #mpmay #mpbe #mpdisclosed.
A. Availability B. # m p System #mpIntegrity
C. # m p Privacy D. # m p Data #mpIntegrity
2. assures #mpthat #mpa #mpsystem #mpperforms #mpits #mpintended #mpfunction #mpin
#mpan #mpunimpaired #mpmanner, #mpfree #mpfrom #mpdeliberate #mpor #mpinadvertent
#mpunauthorized #mpmanipulation #mpof #mpthe #mpsystem.
A. System #mpIntegrity B. # m p Data #mpIntegrity
C. # m p Availability D. # m p Confidentiality
3. A #mploss #mpof is #mpthe #mpunauthorized #mpdisclosure #mpof #mpinformation.
A. confidentiality B. # m p integrity
C. # m p authenticity D. # m p availability
4. A #mp level #mpbreach #mpof #mpsecurity #mpcould #mpbe #mpexpected #mpto #mphave #mpa
#mpsevere #mpor #mpcatastrophic #mpadverse #mpeffect #mpon #mporganizational #mpoperations,
#mporganizational #mpassets, #mpor #mpindividuals.
A. low B. # m p normal
C. #mpmoderate D. # m p high
5. A #mpflaw #mpor #mpweakness #mpin #mpa #mpsystem’s #mpdesign, #mpimplementation, #mpor
#mpoperation #mpand #mpmanagement #mpthat #mpcould #mpbe #mpexploited #mpto #mpviolate
#mpthe #mpsystem’s #mpsecurity #mppolicy #mpis #mpa(n) # m p .
A. countermeasure B. #mpvulnerability
C. # m p adversary D. # m p risk
6. An #mpassault #mpon #mpsystem #mpsecurity #mpthat #mpderives #mpfrom #mpan #mpintelligent #mpact
#mpthat #mpis #mpa #mpdeliberate #mpattempt #mpto #mpevade #mpsecurity #mpservices #mpand
#mpviolate #mpthe #mpsecurity #mppolicy #mpof #mpa #mpsystem #mpis #mpa(n) #mp .
A. risk B. # m p asset
C. # m p attack D. # m p vulnerability
SCHOLARVAULT
,Computer #mpSecurity: # m p Principles #mpand #mpPractice, Chapter
#mp4th # m p Edition #mp1
7. A(n) #mp is #mpan #mpaction, #mpdevice, #mpprocedure, #mpor #mptechnique #mpthat
#mpreduces #mpa #mpthreat, #mpa #mpvulnerability, #mpor #mpan #mpattack #mpby #mpeliminating #mpor
#mppreventing #mpit, #mpby #mpminimizing #mpthe #mpharm #mpit #mpcan #mpcause, #mpor #mpby
#mpdiscovering #mpand #mpreporting #mpit #mpso #mpthat #mpcorrect #mpaction #mpcan #mpbe #mptaken.
A. attack B. # m p countermeasure
C. # m p adversary D. # m p protocol
8. A(n) #mp is #mpan #mpattempt #mpto #mplearn #mpor #mpmake #mpuse #mpof #mpinformation
#mpfrom #mpthe #mpsystem #mpthat #mpdoes #mpnot #mpaffect #mpsystem #mpresources.
A. passive #mpattack B. #mpinside #mpattack
C. # m p outside #mpattack D. # m p active #mpattack
9. Masquerade, #mpfalsification, #mpand #mprepudiation #mpare #mpthreat #mpactions #mpthat #mpcause
threat #mpconsequences.
A. unauthorized #mpdisclosure B. # m p deception
C. # m p disruption D. # m p usurpation
10. A # m p threat #mpaction #mpin #mpwhich #mpsensitive #mpdata #mpare #mpdirectly #mpreleased #mpto
#mpan #mpunauthorized #mpentity #mpis #mp .
A. corruption B. # m p disruption
C. # m p intrusion D. # m p exposure
11. An # m p example #mpof #mp is #mpan #mpattempt #mpby #mpan #mpunauthorized #mpuser #mpto
#mpgain #mpaccess #mpto #mpa #mpsystem #mpby #mpposing #mpas #mpan #mpauthorized #mpuser.
A. masquerade B. # m p interception
C. # m p repudiation D. # m p inference
12. The # m p prevents #mpor #mpinhibits #mpthe #mpnormal #mpuse #mpor
#mpmanagement #mpof #mpcommunications #mpfacilities.
A. passive #mpattack B. # m p traffic #mpencryption
C. # m p denial #mpof #mpservice D. # m p masquerade
13. A # m p is #mpany #mpaction #mpthat #mpcompromises #mpthe #mpsecurity #mpof
#mpinformation #mpowned #mpby #mpan #mporganization.
A. security #mpmechanism B. # m p security #mpattack
C. # m p security #mppolicy D. # m p security #mpservice
SCHOLARVAULT
, Computer #mpSecurity: # m p Principles #mpand #mpPractice, Chapter
#mp4th # m p Edition #mp1
14. The # m p assurance #mpthat #mpdata #mpreceived #mpare #mpexactly #mpas #mpsent #mpby
#mpan #mpauthorized #mpentity #mpis #mp .
A. authentication B. # m p data #mpconfidentiality
C. # m p access #mpcontrol D. # m p data #mpintegrity
15. #mp is #mpthe #mpinsertion #mpof #mpbits #mpinto #mpgaps #mpin #mpa #mpdata #mpstream #mpto
#mpfrustrate #mptraffic #mpanalysis #mpattempts.
A. Traffic #mppadding B. # m p Traffic #mprouting
C. # m p Traffic #mpcontrol D. # m p Traffic #mpintegrity
SHORT #mpANSWER #mpQUESTIONS:
1. is #mpthe #mpprotection #mpafforded #mpto #mpan #mpautomated #mpinformation #mpsystem
#mpin #mporder #mpto #mpattain #mpthe #mpapplicable #mpobjectives #mpof #mppreserving #mpthe #mpintegrity,
#mpavailability, #mpand #mpconfidentiality #mpof #mpinformation #mpsystem #mpresources.
2. Confidentiality, #mpIntegrity, #mpand #mpAvailability #mpform #mpwhat #mpis #mpoften #mpreferred #mpto #mpas
#mpthe #mp .
3. A #mploss #mpof #mp is #mpthe #mpdisruption #mpof #mpaccess #mpto #mpor #mpuse #mpof
#mpinformation #mpor #mpan #mpinformation #mpsystem.
4. In #mpthe #mpUnited #mpStates, #mpstudent #mpgrade #mpinformation #mpis #mpan #mpasset #mpwhose
#mpconfidentiality #mpis #mpregulated #mpby #mpthe #mp .
5. A(n) #mp is #mpa #mpthreat #mpthat #mpis #mpcarried #mpout #mpand, #mpif #mpsuccessful, #mpleads
#mpto #mpan #mpundesirable #mpviolation #mpof #mpsecurity, #mpor #mpthreat #mpconsequence.
6. A(n) #mp is #mpany #mpmeans #mptaken #mpto #mpdeal #mpwith #mpa #mpsecurity #mpattack.
7. Misappropriation #mpand #mpmisuse #mpare #mpattacks #mpthat #mpresult #mpin #mp threat #mpconsequences.
8. The #mpassets #mpof #mpa #mpcomputer #mpsystem #mpcan #mpbe #mpcategorized #mpas
#mphardware, #mpsoftware, #mpcommunication #mplines #mpand #mpnetworks, #mpand #mp
.
9. Release #mpof #mpmessage #mpcontents #mpand #mptraffic #mpanalysis #mpare #mptwo #mptypes #mpof #mp attacks.
10. Replay, #mpmasquerade, #mpmodification #mpof #mpmessages, #mpand #mpdenial #mpof #mpservice #mpare
#mpexample #mpof
attacks.
11. Establishing, #mpmaintaining, #mpand #mpimplementing #mpplans #mpfor #mpemergency
#mpresponse, #mpbackup #mpoperations, #mpand #mppost #mpdisaster #mprecovery #mpfor #mporganizational
#mpinformation #mpsystems #mpto #mpensure #mpthe #mpavailability #mpof #mpcritical #mpinformation
#mpresources #mpand #mpcontinuity #mpof #mpoperations #mpin #mpemergency #mpsituations #mpis #mpa #mp
plan.
SCHOLARVAULT
#mp4th # m p Edition #mp1
Chapter 1 – Computer Systems Overview
TRUE/FALSE QUESTIONS:
T F 1. Threats are attacks carried out.
T F 2. Computer security is protection of the integrity, availability, and
confidentiality of information system resources.
T F 3. Data integrity assures that information and programs are changed only
in a specified and authorized manner.
T F 4. Availability assures that systems works promptly and service is not
denied to authorized users.
T F 5. The “A” in the CIA triad stands for “authenticity”.
T F 6. The more critical a component or service, the higher the level of
availability required.
T F 7. Computer security is essentially a battle of wits between a perpetrator
who tries to find holes and the administrator who tries to close them.
T F 8. Security mechanisms typically do not involve more than one particular
algorithm or protocol.
T F 9. Many security administrators view strong security as an impediment to
efficient and user-friendly operation of an information system.
T F 10. In the context of security our concern is with the vulnerabilities of
system resources.
T F 11. Hardware is the most vulnerable to attack and the least susceptible to
automated controls.
T F 12. Contingency planning is a functional area that primarily requires
computer security technical measures.
T F 13. X.800 architecture was developed as an international standard and
focuses on security in the context of networks and communications.
T F 14. The first step in devising security services and mechanisms is to
develop a security policy.
T F 15. Assurance is the process of examining a computer product or system
with respect to certain criteria.
SCHOLARVAULT
,Computer #mpSecurity: # m p Principles #mpand #mpPractice, Chapter
#mp4th # m p Edition #mp1
MULTIPLE #mpCHOICE #mpQUESTIONS:
1. assures #mpthat #mpindividuals #mpcontrol #mpor #mpinfluence #mpwhat
#mpinformation #mprelated #mpto #mpthem #mpmay #mpbe #mpcollected #mpand #mpstored #mpand #mpby
#mpwhom #mpand #mpto #mpwhom #mpthat #mpinformation #mpmay #mpbe #mpdisclosed.
A. Availability B. # m p System #mpIntegrity
C. # m p Privacy D. # m p Data #mpIntegrity
2. assures #mpthat #mpa #mpsystem #mpperforms #mpits #mpintended #mpfunction #mpin
#mpan #mpunimpaired #mpmanner, #mpfree #mpfrom #mpdeliberate #mpor #mpinadvertent
#mpunauthorized #mpmanipulation #mpof #mpthe #mpsystem.
A. System #mpIntegrity B. # m p Data #mpIntegrity
C. # m p Availability D. # m p Confidentiality
3. A #mploss #mpof is #mpthe #mpunauthorized #mpdisclosure #mpof #mpinformation.
A. confidentiality B. # m p integrity
C. # m p authenticity D. # m p availability
4. A #mp level #mpbreach #mpof #mpsecurity #mpcould #mpbe #mpexpected #mpto #mphave #mpa
#mpsevere #mpor #mpcatastrophic #mpadverse #mpeffect #mpon #mporganizational #mpoperations,
#mporganizational #mpassets, #mpor #mpindividuals.
A. low B. # m p normal
C. #mpmoderate D. # m p high
5. A #mpflaw #mpor #mpweakness #mpin #mpa #mpsystem’s #mpdesign, #mpimplementation, #mpor
#mpoperation #mpand #mpmanagement #mpthat #mpcould #mpbe #mpexploited #mpto #mpviolate
#mpthe #mpsystem’s #mpsecurity #mppolicy #mpis #mpa(n) # m p .
A. countermeasure B. #mpvulnerability
C. # m p adversary D. # m p risk
6. An #mpassault #mpon #mpsystem #mpsecurity #mpthat #mpderives #mpfrom #mpan #mpintelligent #mpact
#mpthat #mpis #mpa #mpdeliberate #mpattempt #mpto #mpevade #mpsecurity #mpservices #mpand
#mpviolate #mpthe #mpsecurity #mppolicy #mpof #mpa #mpsystem #mpis #mpa(n) #mp .
A. risk B. # m p asset
C. # m p attack D. # m p vulnerability
SCHOLARVAULT
,Computer #mpSecurity: # m p Principles #mpand #mpPractice, Chapter
#mp4th # m p Edition #mp1
7. A(n) #mp is #mpan #mpaction, #mpdevice, #mpprocedure, #mpor #mptechnique #mpthat
#mpreduces #mpa #mpthreat, #mpa #mpvulnerability, #mpor #mpan #mpattack #mpby #mpeliminating #mpor
#mppreventing #mpit, #mpby #mpminimizing #mpthe #mpharm #mpit #mpcan #mpcause, #mpor #mpby
#mpdiscovering #mpand #mpreporting #mpit #mpso #mpthat #mpcorrect #mpaction #mpcan #mpbe #mptaken.
A. attack B. # m p countermeasure
C. # m p adversary D. # m p protocol
8. A(n) #mp is #mpan #mpattempt #mpto #mplearn #mpor #mpmake #mpuse #mpof #mpinformation
#mpfrom #mpthe #mpsystem #mpthat #mpdoes #mpnot #mpaffect #mpsystem #mpresources.
A. passive #mpattack B. #mpinside #mpattack
C. # m p outside #mpattack D. # m p active #mpattack
9. Masquerade, #mpfalsification, #mpand #mprepudiation #mpare #mpthreat #mpactions #mpthat #mpcause
threat #mpconsequences.
A. unauthorized #mpdisclosure B. # m p deception
C. # m p disruption D. # m p usurpation
10. A # m p threat #mpaction #mpin #mpwhich #mpsensitive #mpdata #mpare #mpdirectly #mpreleased #mpto
#mpan #mpunauthorized #mpentity #mpis #mp .
A. corruption B. # m p disruption
C. # m p intrusion D. # m p exposure
11. An # m p example #mpof #mp is #mpan #mpattempt #mpby #mpan #mpunauthorized #mpuser #mpto
#mpgain #mpaccess #mpto #mpa #mpsystem #mpby #mpposing #mpas #mpan #mpauthorized #mpuser.
A. masquerade B. # m p interception
C. # m p repudiation D. # m p inference
12. The # m p prevents #mpor #mpinhibits #mpthe #mpnormal #mpuse #mpor
#mpmanagement #mpof #mpcommunications #mpfacilities.
A. passive #mpattack B. # m p traffic #mpencryption
C. # m p denial #mpof #mpservice D. # m p masquerade
13. A # m p is #mpany #mpaction #mpthat #mpcompromises #mpthe #mpsecurity #mpof
#mpinformation #mpowned #mpby #mpan #mporganization.
A. security #mpmechanism B. # m p security #mpattack
C. # m p security #mppolicy D. # m p security #mpservice
SCHOLARVAULT
, Computer #mpSecurity: # m p Principles #mpand #mpPractice, Chapter
#mp4th # m p Edition #mp1
14. The # m p assurance #mpthat #mpdata #mpreceived #mpare #mpexactly #mpas #mpsent #mpby
#mpan #mpauthorized #mpentity #mpis #mp .
A. authentication B. # m p data #mpconfidentiality
C. # m p access #mpcontrol D. # m p data #mpintegrity
15. #mp is #mpthe #mpinsertion #mpof #mpbits #mpinto #mpgaps #mpin #mpa #mpdata #mpstream #mpto
#mpfrustrate #mptraffic #mpanalysis #mpattempts.
A. Traffic #mppadding B. # m p Traffic #mprouting
C. # m p Traffic #mpcontrol D. # m p Traffic #mpintegrity
SHORT #mpANSWER #mpQUESTIONS:
1. is #mpthe #mpprotection #mpafforded #mpto #mpan #mpautomated #mpinformation #mpsystem
#mpin #mporder #mpto #mpattain #mpthe #mpapplicable #mpobjectives #mpof #mppreserving #mpthe #mpintegrity,
#mpavailability, #mpand #mpconfidentiality #mpof #mpinformation #mpsystem #mpresources.
2. Confidentiality, #mpIntegrity, #mpand #mpAvailability #mpform #mpwhat #mpis #mpoften #mpreferred #mpto #mpas
#mpthe #mp .
3. A #mploss #mpof #mp is #mpthe #mpdisruption #mpof #mpaccess #mpto #mpor #mpuse #mpof
#mpinformation #mpor #mpan #mpinformation #mpsystem.
4. In #mpthe #mpUnited #mpStates, #mpstudent #mpgrade #mpinformation #mpis #mpan #mpasset #mpwhose
#mpconfidentiality #mpis #mpregulated #mpby #mpthe #mp .
5. A(n) #mp is #mpa #mpthreat #mpthat #mpis #mpcarried #mpout #mpand, #mpif #mpsuccessful, #mpleads
#mpto #mpan #mpundesirable #mpviolation #mpof #mpsecurity, #mpor #mpthreat #mpconsequence.
6. A(n) #mp is #mpany #mpmeans #mptaken #mpto #mpdeal #mpwith #mpa #mpsecurity #mpattack.
7. Misappropriation #mpand #mpmisuse #mpare #mpattacks #mpthat #mpresult #mpin #mp threat #mpconsequences.
8. The #mpassets #mpof #mpa #mpcomputer #mpsystem #mpcan #mpbe #mpcategorized #mpas
#mphardware, #mpsoftware, #mpcommunication #mplines #mpand #mpnetworks, #mpand #mp
.
9. Release #mpof #mpmessage #mpcontents #mpand #mptraffic #mpanalysis #mpare #mptwo #mptypes #mpof #mp attacks.
10. Replay, #mpmasquerade, #mpmodification #mpof #mpmessages, #mpand #mpdenial #mpof #mpservice #mpare
#mpexample #mpof
attacks.
11. Establishing, #mpmaintaining, #mpand #mpimplementing #mpplans #mpfor #mpemergency
#mpresponse, #mpbackup #mpoperations, #mpand #mppost #mpdisaster #mprecovery #mpfor #mporganizational
#mpinformation #mpsystems #mpto #mpensure #mpthe #mpavailability #mpof #mpcritical #mpinformation
#mpresources #mpand #mpcontinuity #mpof #mpoperations #mpin #mpemergency #mpsituations #mpis #mpa #mp
plan.
SCHOLARVAULT
