Chapter 01

Chapter 01 - ch01 True/False Indicate whether the statement...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
ch01 True/False Indicate whether the statement is true or false. ____ 1. The primary threats to security during the early years of computers were physical theft of equipment, espion- age against the products of the systems, and sabotage. ____ 2. Network security focuses on the protection of the details of a particular operation or series of activities. ____ 3. The value of information comes from the characteristics it possesses. ____ 4. An E-mail virus involves sending an e-mail message with a modified field. ____ 5. The possession of information is the quality or state of having value for some purpose or end. ____ 6. A breach of possession always results in a breach of confidentiality. ____ 7. When a computer is the subject of an attack, it is the entity being attacked. ____ 8. Information security can be an absolute. ____ 9. The bottom-up approach to information security has a higher probability of success than the top-down ap- proach. ____ 10. A methodology increases the probability of success. ____ 11. The investigation phase of the SecSDLC begins with a directive from upper management. ____ 12. A champion is a project manager, who may be a departmental line manager or staff unit manager, who under- stands project management, personnel management, and information security technical requirements. ____ 13. A data custodian works directly with data owners and is responsible for the storage, maintenance, and protec- tion of the information. ____ 14. The concept of the security artesan is based on the way individuals have perceived systems technologists since computers became commonplace. ____ 15. Applications systems developed within the framework of the traditional SDLC are designed to anticipate a vi- cious attack that would require some degree of application reconstruction. ____ 16. The physical design is the blueprint for the desired solution. ____ 17. The SDLC process may be initiated in response to specific conditions or combinations of conditions. ____ 18. To achieve balance — that is, to operate an information system to the satisfaction of the user and the security professional — the level of security must allow reasonable access, yet protect against threats. ____ 19. Hardware is often the most valuable asset possessed by an organization and it is the main target of intentional attacks. ____ 20. The Implementation phase is the longest and most expensive phase of the systems development life cycle (SDLC). Modified True/False Indicate whether the statement is true or false. If false, change the identified word or phrase to make the statement true.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
____ 21. MULTICS stands for Multiple Information and Computing Service. _________________________ ____ 22. In general, protection is “the quality or state of being secure—to be free from danger.” _________________________ ____ 23. Information has redundancy when it is free from mistakes or errors and it has the value that the end user ex- pects. _________________________ ____ 24. Confidentiality
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 10

Chapter 01 - ch01 True/False Indicate whether the statement...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online