What are the three properties of secure information? Answer- Confidentiality, Integrity,
and Availability
What does confidentiality mean in the context of the CIA Triad? Answer- means that
certain information should only be known to certain people.
What does integrity mean in the context of the...
what are the three properties of secure information
what does confidentiality mean in the context of the cia triad
what does integrity mean in the
Written for
Security+ SY0-601
All documents for this subject (18)
Seller
Follow
EvaTee
Reviews received
Content preview
Security+ SY0-601
What are the three properties of secure information? Answer- Confidentiality, Integrity,
and Availability
What does confidentiality mean in the context of the CIA Triad? Answer- means that
certain information should only be known to certain people.
What does integrity mean in the context of the CIA Triad? Answer- means that the data
is stored and transferred as intended and that any modification is authorized.
What does availability mean in the context of the CIA Triad? Answer- means that
information is accessible to those authorized to view or modify it.
What is a fourth property of secure information that could be added to the CIA Triad?
Answer- Nonrepudiation
What is nonrepudiation? Answer- means that a subject cannot deny doing something,
such as creating, modifying, or sending a resource.
What are the five functions of cybersecurity according to the National Institute of
Standards and Technology (NIST)? Answer- Identify, Protect, Detect, Respond, and
Recover
What does 'Identify' mean in the context of cybersecurity functions according to the
NIST? Answer- develop security policies and capabilities. Evaluate risks, threats, and
vulnerabilities and recommend security controls to mitigate them.
What does 'protect' mean in the context of cybersecurity functions according to the
NIST? Answer- procure/develop, install, operate, and decommission IT hardware and
software assets with security as an embedded requirement of every stage of this
operations life cycle.
What does 'detect' mean in the context of cybersecurity functions according to the
NIST? Answer- perform ongoing, proactive monitoring to ensure that controls are
effective and capable of protecting against new types of threats.
What does 'respond' mean in the context of cybersecurity functions according to the
NIST? Answer- identify, analyze, contain, and eradicate threats to systems and data
security.
, What does 'recover' mean in the context of cybersecurity functions according to the
NIST? Answer- implement cybersecurity resilience to restore systems and data if other
controls are unable to prevent attacks.
Information security professionals must be competent in the following areas Answer-
Participate in risk assessments and testing of security systems and make
recommendations.
Specify, source, install, and configure secure devices and software.
Set up and maintain document access control and user privilege profiles.
Monitor audit logs, review user privileges, and document access controls.
Manage security-related incident response and reporting.
Create and test business continuity and disaster recovery plans and procedures.
Participate in security training and education programs.
What is a security policy? Answer- A formalized statement that defines how security will
be implemented within an organization
Overall internal responsibility for security might be allocated to a dedicated department
such as a Answer- Director of Security, Chief Security Officer (CSO), or Chief
Information Security Officer (CISO).
What is a Security Operations Center (SOC)? Answer- a location where security
professionals monitor and protect critical information assets across other business
functions, such as finance, operations, sales/marketing, and so on. Because SOCs can
be difficult to establish, maintain, and finance, they are usually employed by larger
corporations, like a government agency or a healthcare company.
What is Development and Operations (DevOps)? Answer- a cultural shift within an
organization to encourage much more collaboration between developers and system
administrators. By creating a highly orchestrated environment, IT personnel and
developers can build, test, and release software faster and more reliably.
a single point-of-contact for the notification of security incidents should be handled by a
dedicated... Answer- cyber incident response team (CIRT)/computer security incident
response team (CSIRT)/computer emergency response team (CERT)
A multinational company manages a large amount of valuable intellectual property (IP)
data, plus personal data for its customers and account holders. What type of business
unit can be used to manage such important and complex security requirements?
Answer-
A business is expanding rapidly and the owner is worried about tensions between its
established IT and programming divisions. What type of security business unit or
function could help to resolve these issues? Answer-
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller EvaTee. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.49. You're not tied to anything after your purchase.
