Professional Documents
Culture Documents
Information Security
Information Security
Information Security
Lecture 1
: Choices
1-Security should be considered a balance between:
(Procedures and Availability - Protection and Procedures -
Protection and Data - Protection and Availability)
: True or false
- Computers can be subjects and/or objects of an attack
(true)
. Data Integrity:
protection of data from unauthorized disclosure
A mechanism (set of procedures) that is designed to detect, prevent, or
recover from a security attack
assurance that data received is as sent by an authorized entity
Aalgorithm that transforms plaintext to ciphertext
.true or false
1-Security policies are least expensive controls to execute
but most difficult to implement (true)
.complete
1. NSA stand for… (National Security Agency)
2. NIPC stand for …( National Infrastructure
Protection Center)
3. DHS stand for…( Department of Homeland
Security)
4. FBI stand for …( Federal Bureau of Investigation’s)
: define(Malware):
malicious code such as viruses, worms, Trojan
– Improper training
– Incorrect assumptions
Authorization:
read/write/execute file)
controlled system
Malwar
e:
– Self-propagating malware over networks
11-compare between Timing attack and Side-
channel attacks .
Timing attack :
etc.
True or false
(1) Electronic theft can be easily controlled than Physical theft
(false)
exposure )
software (malware).
attacks - Sniffers )
lecture 3
Lecture 4
o A vulnerability exists
o Attackers can exploit a vulnerability
o Attacker’s cost is less than potential gain
o Substantial potential loss to organization
answer: d
11: What attacker “spends” to launch
attack thats means:
a)Attacker benefit
b)Attacker cost
c)Risk management
d)none of the above
Answer: b
Answer: a
Answer:b
14:Mention three of Problems with
Benchmarking?
1- Organizations don’t talk to each other
2- No two organization are identical
3-Best practices are a moving target