An exposure occurs when a vulnerability _____________.
View Feedback
Question 2 2 / 2 points
Confidentiality is the principle that _____________.
View Feedback
Question 3 0 / 2 points
Risk can be reduced by _____________.
View Feedback
Your quiz has been submitted successfully.
creates the...
An exposure occurs when a vulnerability _____________.
creates the possibility of incurring a loss or experiencing harm.
is reported to authorities as a source of risk.
is discovered by a penetration testing team.
is published in the Common Vulnerabilities and Exposures (CVE) database.
View Feedback
Question 2 points
Confidentiality is the principle that _____________.
is lost when hackers break into a database.
ensures data security.
ensures required levels of secrecy during processing, transmission, storage, and
use of information.
ensures privacy of information.
View Feedback
Question 3 points
Risk can be reduced by _____________.
applying countermeasures to eliminate threats and threat agents.
moving data from cloud servers to physical servers owned and operated by the
company.
moving data from physical servers to cloud-based servers.
applying countermeasures to eliminate vulnerabilities.
View Feedback
,Question 4 points
A control is _____________
used to impose penalties for misuse of confidential information.
used to eradicate the impact of an attack.
used to reduce or mitigate risks.
a mechanism for locking down configurations to prevent patching.
View Feedback
Question 5 points
Hashing is a control that _______
maps to the Integrity component of the AIC triad.
maps to the Availability and Confidentiality component of the AIC triad.
maps to the Confidentiality component of the AIC triad.
maps to the Integrity and Confidentiality components of the AIC triad.
View Feedback
Question 6 points
________ is a legal principle that requires that individuals perform necessary actions to
prevent negligence from occurring. It is judged using the reasonable person standard.
Due care
Separation of duties
Due diligence
Customary law
View Feedback
Question 7 points
Which of the following statements is true?
, PCI-DSS is a federal law that protects the privacy of credit card transactions.
USA Patriot Act broadens privacy protections for federal law enforcement agents
and immigration authorities.
HIPAA applies to all medical information held and used by hospitals and doctors'
offices.
FISMA applies to federal agencies and their contractors.
View Feedback
Question 8 points
Clustering and load balanging are controls that ________
map to the Availability and Integrity components of the AIC triad.
map to the Network Infrastructure component of the AIC triad.
map to the Availability component of the AIC triad.
map to the Network Integrity component of the AIC triad.
View Feedback
Question 9 points
Balanced security refers to _____________
addressing threats and implementing controls for availability, integrity, and
confidentiality.
understanding the concepts of the AIC triad.
weighing choices in controls against the magnitude of risk presented by a variety
of threats.
mapping controls to the AIC triad.
View Feedback
Question 10 points
Confidentiality can be protected by implementing which of the following controls?
, Data hiding and data obscuring techniques.
Access controls and auditing controls.
Encrypting data at rest and in transit.
Software digital signing to verify recipients.
View Feedback
Question 11 points
Availability is the principle which ensures ____________.
access to data and networks
the right information is sent to the right people at the right time.
reliability and timely access to data and other resources by authorized individuals.
required business systems have better than 99.999% uptime.
View Feedback
Question 12 points
Which of the following guidance documents specifically addresses security controls
required for information systems owned by or operated for the U.S. Federal
Government?
COBIT 5
NIST SP-800-53
DoDAF
NIST SP-800-37
View Feedback
Question 13 points
What is "security through obscurity?"
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Michael01. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $15.99. You're not tied to anything after your purchase.
