100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
BADM 7401 - Exam 1 Questions with Explanations of Answers | latest upate 2024 $7.99   Add to cart

Exam (elaborations)

BADM 7401 - Exam 1 Questions with Explanations of Answers | latest upate 2024

 11 views  0 purchase
  • Course
  • Institution

BADM 7401 - Exam 1 Questions with Explanations of Answers | latest upate 2024

Preview 2 out of 11  pages

  • June 25, 2024
  • 11
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers
avatar-seller
BADM 7401 - Exam 1
Threat - ANS-Any event or circumstance that has the potential to adversely affect operations
and assets

Attack - ANS-An intentional or unintentional act that can damage or otherwise compromise
information and the systems that support it

Vulnerability - ANS-A potential weakness in an asset or its defensive control system(s)

identification - ANS-The access control mechanism whereby unverified entities who seek
access to a resource provide a label by which they are known to the system.

Authorization - ANS-The access control mechanism that represents the matching of an
authenticated entity to a list of information assets and corresponding access levels.

Accountability - ANS-The access control mechanism that ensures all actions on a
system—authorized or unauthorized—can be attributed to an authenticated identity.

Authentication - ANS-the process by which a control establishes whether a user (or system) is
the entity it claims to be

Information Security - ANS-Protection of the confidentiality, integrity, and availability of
information assets, whether in storage, processing, or transmission, via the application of policy,
education, training and awareness, and technology.

Policy - ANS-function of information security management that seeks to dictate certain behavior
within the organization through a set of organizational guidelines

Privacy - ANS-In the context of information security, the right of individuals or groups to protect
themselves and their information from unauthorized access, providing confidentiality.

Digital Forensics - ANS-the preservation, identification, extraction, documentation, and
interpretation of digital media for evidentiary and/or root cause analysis

Deontological Ethics - ANS-the study of the rightness or wrongness of intentions and motives as
opposed to the rightness or wrongness of the consequences (also known as duty- or
obligation-based ethics)

Elements of the CIA triad - ANS-Confidentiality, Integrity, Availability

Most desirable characteristic for privacy - ANS-Confidentiality

, The function of InfoSec management that encompasses security personnel as well as aspects
of the SETA program - ANS-People

The primary functions of information security management - ANS-Planning, policy, programs,
protection, people, project management

The rationale for the breach law - ANS-They specify a requirement for organizations to notify
affected parties when they have experienced a specified type of loss of information and require
some form of after breach support from the organization.

The two key purposes for digital forensics - ANS-To investigate allegations of digital
malfeasance or to perform root cause analysis

The categories of unethical behavior that organizations and society should seek to eliminate -
ANS-Ignorance, Accident, Intent

How laws and policies deter illegal or unethical activity - ANS-Fear of penalty, probability of
being caught, probability of penalty being administered

Convergence - ANS-The process of integrating the governance of the physical security and
information security efforts

Policy Compliance - ANS-means the employee must agree to the policy

Standard - ANS-detailed statement of what must be done to comply with policy, sometimes
viewed as the rules governing policy compliance

Risk Assessment - ANS-A determination of the extent to which an organization's information
assets are exposed to risk.

Risk Treatment - ANS-the process of selecting and implementing of measures to modify risk

phases of the SecSDLC - ANS-Investigation, Analysis, Design (Logical and Physical),
Implementation, Maintenance

The activities of the Investigation phase of the SecSDLC - ANS-- specifying the process,
outcomes, and goals of the project and its budget
- creation of security policies
- Teams assembled to analyze problems, define scope, specify goals, and identify constraints
- A feasibility analysis determines whether to conduct a successful security analysis and design

The activities of the Analysis phase of the SecSDLC - ANS-- analysis of existing security
policies or programs is prepared along with known threats and associated controls

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller ACTUALSTUDY. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $7.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75323 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$7.99
  • (0)
  Add to cart