100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Comp3704 Midterm Exam Questions With Multiple Choices And Verified Answers. $14.99   Add to cart

Exam (elaborations)

Comp3704 Midterm Exam Questions With Multiple Choices And Verified Answers.

 6 views  0 purchase
  • Course
  • COM 3704
  • Institution
  • COM 3704

Data - correct answer ---- can be any character, number, text, word, or binary representation but is lacking context. ----- that is given context and meaning then becomes information Information - correct answer ...

[Show more]

Preview 3 out of 22  pages

  • August 12, 2024
  • 22
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • COM 3704
  • COM 3704
avatar-seller
RealGrades
Comp3704 Midterm

Data - correct answer ---- can be any character, number, text, word, or binary
representation but is lacking context. ----- that is given context and meaning then becomes information



Information - correct answer Any communication or representation of
knowledge.Such as facts, data, or opinions In any medium or form including but not limited to: textual,
numerical, graphic, cartographic, narrative audiovisual



Information System - correct answer Any organized system for the collection,
organization, storage and communication of information.. A discrete set of information resources
organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of
information.



Information Technology - correct answer Any equipment or interconnected
system or subsystem of equipment that is used in the automatic...

Acquisition Storage Management Movement Control

Display Switching Interchange Transmission Reception



Information Security - correct answer The practice of preventing unauthorized
access, use, disclosure, disruption, modification, inspection, recording or destruction of information



ROT-13 Cipher - correct answer Move character 13 places in it's alphabetic
position. A-Z = 1-26 . first/early form of a cipher and cryptography used by Ceaser



Communication Security: Enigma Machine - correct answer Invented at the
end of WWI. Used commercially in '20s, and by military/governments before & during WWII. Although it
had some cryptographic weaknesses, it failed due to operator mistakes, procedural flaws, and allied
capture of key table and hardware



Hackers - correct answer Technical experts; skilled, often young, computer
programmers, who almost whimsically probe the defenses of a computer system, searching out the

,limits and the possibilities of the machine. Despite their seemingly subversive role, hackers are a
recognized asset in the computer industry, often highly prized.



Security threats - correct answer Spam Malware Botnets Social Engineering
Mainstream Viruses Hacking Tools



The CIA Triad: - correct answer Confidentiality, Integrity and Availability



Confidentiality - correct answer The property that sensitive information is not
disclosed to unauthorized individuals, entities, or processes



Integrity - correct answer The property that sensitive data has not been
modified or deleted in an unauthorized and undetected manner



Availability - correct answer The property that information is accessible in a
timely and reliable manner



InfoSec Mechanisms - correct answer Authentication (AuthN) ,Authorization
(AuthZ), Non-Repudiation / Accounting



Authentication - correct answer Verify (with a certain level of confidence) the
identity of a user, process, device, or other entity. and Encompasses identity verification, message origin
authentication, and message content authentication.



Authorization - correct answer Grant and restrict information and system
privileges to a user, program, process, or other entity. Once you have been identified, what actions can
you perform?



Non-Repudiation - correct answer Protect against an individual falsely denying
having performed a particular action. Provides the capability to determine whether a given individual
took a particular action such as creating information, sending a message, approving information, and
receiving a message. How can the improper storage of passwords be a non-repudiation issue? If more
than one person knows the password at any time non-repudiation is nulled This includes system admins

, storing passwords in the clear This also includes password complexity scanning and cracked passwords
Makes evidence against computer crimes less admissible in court



Prioritize the CIA properties for these types of information - correct answer
Your bank card PIN

An electronic money transfer / bill payment

Your healthcare records

Your laptop



Principle of Least Privilege - correct answer Only allow access to information
(systems) according to necessity. Minimizes the attack surface. Users should be able to perform only the
actions required for their job What are some examples of highly priviledged users? Administrators How
about payroll? How about software developers? Should everyone have access to everything? Requires
careful analysis of business roles



Defense in Depth - correct answer Employ layers of defense to reduce risk of
harm to assets. Maximize defenses against threats. E.g. locked cabinet and admin password protects
integrity of lab computers. E.g. cyber-intelligence and lots of bandwidth reduces the risk of a DDOS
attack harming my company.

Basically never say things like "Oh, but we have a firewall so why do we need to do that too?" What are
some examples of Defense in Depth during daily life? Your car door has a lock, so why do you need an
alarm? Your house has a lock and an alarm, so why do you have a safe?



- correct answer



Policies - correct answer Is clear and concise

Outlines the consequences of not being followed

Make them modular

Don't reference document/information locations that might change

Solicit feedback



- correct answer Something of value.

Something worth protecting.

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller RealGrades. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $14.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

81989 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$14.99
  • (0)
  Add to cart