



Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
A series of multiple-choice questions covering key concepts in information security, focusing on the fundamentals of information security, vulnerabilities, and the sdlc (software development life cycle). It provides answers to each question, making it a valuable resource for students preparing for exams or reviewing key concepts.
Typology: Exams
1 / 6
This page cannot be seen from the preview
Don't miss anything!
The protection of the confidentiality, integrity, and availability of information assets, whether in storage, processing, or transmission, via the application of policy, education, training and awareness, and technology is known as ___________. a. information security b. network security c. physical security d. communications security - Answer:::✔✔information security The famous study entitled "Protection Analysis: Final Report" focused on a project undertaken by ARPA to understand and detect __________ in operating systems security. a. bugs b. vulnerabilities c. malware d. maintenance hooks - Answer:::✔✔vulnerabilities During the __________ phase, specific technologies are selected to support the alternatives identified and evaluated in the prior phases.
a. investigation b. physical design c. analysis d. implementation - Answer:::✔✔physical design The __________ design phase of an SDLC methodology is implementation independent, meaning that it contains no reference to specific technologies, vendors, or products. a. integral b. conceptual c. physical d. logical - Answer:::✔✔logical A technique used to compromise a system is known as a(n) ___________. a. risk b. access method c. exploit d. asset - Answer:::✔✔exploit
Which of the following is a valid type of role when it comes to data ownership? a. Data owners b. Data custodians c. Data users d. All of the above - Answer:::✔✔All of the above An emerging methodology to integrate the effort of the development team and the operations team to improve the functionality and security of applications is known as __________. a. SDLC b. JAD/RAD c. DevOps d. SecOps - Answer:::✔✔DevOps A data custodian works directly with data owners and is responsible for the storage, maintenance, and protection of the information. True False - Answer:::✔✔True
The physical design is the blueprint for the desired solution. True False - Answer:::✔✔False A subject or object's ability to use, manipulate, modify, or affect another subject or object is known as ___________. a. risk b. access c. exploits d. assets - Answer:::✔✔access E-mail spoofing involves sending an e-mail message with a harmful attachment. True False - Answer:::✔✔False Using a methodology will usually have no effect on the probability of success.