100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
CSE 4471 Quizzes and Homework 2023 solution guide $10.99   Add to cart
Quickly navigate to
Preview
  2.  
  3. CSE 4471
  4.  
  5. CSE 4471

Exam (elaborations)

CSE 4471 Quizzes and Homework 2023 solution guide
 0 view  0 purchase
  • Course
  • CSE 4471
  • Institution
  • CSE 4471

CSE 4471 Quizzes and Homework 2023 solution guide Name the 6 major components of an information system 1. data 2. people 3. networks 4. hardware 5. software 6. procedures According to the 2015 Information Systems Audit and Control Association (ISAC) report, what was the biggest gap in the...

[Show more]

Preview 2 out of 11  pages

Document information

  • May 3, 2023
  • 11
  • 2022/2023
  • Exam (elaborations)
  • Questions & answers

Subjects

  • cse 4471 quizzes and homework 2023 solution guide name the 6 major components of an information system 1 data 2 people 3 networks 4 hardware 5 software 6 procedures according to the 2015 inform

Written for

  • CSE 4471
All documents for this subject (26)

Seller

avatar-seller
magdamwikash23

Reviews received

Content preview

CSE 4471 Quizzes and Homework 2023 solution guide
Name the 6 major components of an information system
1. data
2. people
3. networks
4. hardware
5. software
6. procedures
According to the 2015 Information Systems Audit and Control Association (ISAC)
report, what was the biggest gap in the knowledge of security professionals
today?
Not knowing that a security risk exists
asset
a specific organizational resource of value
attack
an intentional or unintentional act that may damage an asset; an action which
instantiates a threat; when a threat becomes realized
countermeasure
a specific security mechanism or policy which is intended to improve security
threat
an object, person or other entity which represents a danger to assets
authentic
an attribute of information which is genuine
confidential
an attribute of information which has access restrictions
available
an attribute of information which is accessible for use without obstruction
accurate
an attribute of information which is free from errors
integrity
an attribute of information which is complete and uncorrupted
utility
an attribute of information which has a useful purpose
possession
an attribute of information describing data ownership or control
access
the ability to interact with a resource, legitimately or otherwise
exploit
a known, documented method of attack
(a technique used to compromise an information system)
loss
actual damage to an information asset
threat agent
a person or system who uses exploits to instantiate threats
vulnerability

, a system weakness or fault which decreases security
evolution
considered the first phase in the security development life-cycle, concerns include
establishing project goals and determining feasibility
analyze
a phase of the security development life-cycle which includes analyzing potential legal
issues as well as performing other risk evaluation processes
design
a phase of the SDLC where we select key components, and finalize plans for business
continuity and incident response
implementation
a phase of the SDLC where we "build it or buy it"
What is the difference between a threat and a threat agent?
threat - an object, person or entity that represents a danger to assets
threat agent - a person or system who uses exploits to instantiate threats
What are the 3 components of the CIA triangle?
1. confidentiality
2. integrity
3. availability
What are the sides of the McCumber Cube (CNSS security model)?
security aspect
1. confidentiality
2. integrity
3. availability

state of data
1. storage
2. processing
3. transmission

tool category
1. policy
2. technology
3. education
What is C-2 security?
C-2 security is a level of security where the person/company must follow those
standards to achieve C-2 security. This is part of an A-D, 1-4 security standard where it
shows how strict the security is.
Concisely describe a TCP SYN Flood attack.
Many transmissions occur on the same TCP networks
Sender sends too many TCP SYN requests for the receiver to process, so a connection
cannot be established
From 2000 to 2011, the incidence of several specific attack types declined. Name
one such attack type, and provide a reasonable statement of why it's frequency
has declined.

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller magdamwikash23. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $10.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75632 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$10.99
  • (0)
  Add to cart