100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CSE 4471 UPDATED Exam Questions and CORRECT Answers $9.99   Add to cart

Exam (elaborations)

CSE 4471 UPDATED Exam Questions and CORRECT Answers

 4 views  0 purchase
  • Course
  • CSE 4471
  • Institution
  • CSE 4471

CSE 4471 UPDATED Exam Questions and CORRECT Answers Information System - CORRECT ANSWER- Software, Hardware, Data, People, Procedure, Network Information Security - CORRECT ANSWER- Protection of information and critical elements including use, storage, and transmission. Uses policy, awarene...

[Show more]

Preview 3 out of 16  pages

  • August 15, 2024
  • 16
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CSE 4471
  • CSE 4471
avatar-seller
MGRADES
CSE 4471 UPDATED Exam Questions and
CORRECT Answers

Information System - CORRECT ANSWER- Software, Hardware, Data, People, Procedure,
Network


Information Security - CORRECT ANSWER- Protection of information and critical elements
including use, storage, and transmission. Uses policy, awareness, training, education, and
technology


Computer - CORRECT ANSWER- Key component in information system, subject or object
of attack - can be on either side of the attack


Balance - CORRECT ANSWER- Between protection and availability. Level must allow
access to authorized users, but protect against threats.


CIA Triangle - CORRECT ANSWER- Confidentiality, Integrity, Availability


History of Information Security - CORRECT ANSWER- Began with the first mainframes in
WWII, with ARPA. Rand Report R-609 began study of safety of data, limiting unauthorized
access, involvement of personnel from multiple levels of an organization


Access - CORRECT ANSWER- Ability to interact with resource, illegal or legal


Asset - CORRECT ANSWER- Specific resource of value


Attack - CORRECT ANSWER- Act, intentional or unintentional that may damage asset


Countermeasure - CORRECT ANSWER- Mechanism or policy intended to improve security


Exploit - CORRECT ANSWER- Technique used to compromise a system

,Loss - CORRECT ANSWER- Instance of asset suffering damage


Threat Agent - CORRECT ANSWER- Person/system who uses exploit to instantiate threat


Vulnerability - CORRECT ANSWER- System weakness or fault that decreases security


Available - CORRECT ANSWER- Attribute which is accessible for use w/o obstruction


Accurate - CORRECT ANSWER- Attribute which is free from errors


Authentic - CORRECT ANSWER- Attribute which is genuine


Confidential - CORRECT ANSWER- Attribute which has access restrictions


Integrity - CORRECT ANSWER- Attribute which is complete and uncorrupted


Utility - CORRECT ANSWER- Attribute which has useful purpose


Possession - CORRECT ANSWER- Attribute which describes data ownership


CNSS Security Model - CORRECT ANSWER- Transmission, Storage, Processing
Confidentiality, Integrity, Availability
Education, Policy, Technology


Software - CORRECT ANSWER- Applications, OS, Utility. Difficult to secure, bugs can be
exploited, created under time/cost constraints and security is usually an afterthought


Hardware - CORRECT ANSWER- Physical computational technology - often no guarantee
of security if physical access to hardware is gained

, Networks - CORRECT ANSWER- Physical communication technology - no guarantee if
physical access is gained, miles of coverage, increased potential for access by unauthorized
users


Data - CORRECT ANSWER- Stored, processed, or transmitted assets. Most valuable, wide
variation of usage, approach is often haphazard, inconsistent, and solutions often impede
access


Procedures - CORRECT ANSWER- Protection of written instruction and policy - often
overlooked and loss thereof can result in loss


C-2 TCSEC Discretionary Access Control - CORRECT ANSWER- Grant/deny access to
specific resources to users/groups


C-2 TCSEC Individual Authentication/Login - CORRECT ANSWER- User identification via
unique password


C-2 TCSEC Object Reuse - CORRECT ANSWER- Memory and disk must not be readable
after deletion


C-2 TCSEC Audit Trail - CORRECT ANSWER- Audited actions must associate user, access
to audit data must be limited to administrators


C-2 TCSEC Resource Isolation - CORRECT ANSWER- System protected from external
modification of running operating system or stored system files


Systems Development Life-Cycle - CORRECT ANSWER- Requirement Analysis, Design,
Implementation, Testing, Evolution


Security Development Life-Cycle - CORRECT ANSWER- Analyze, Design,
Implementation, Testing, Evolution


Analyze - CORRECT ANSWER- - enumerate specific threat impacts
- analyze potential legal issues
- risk evaluation and management

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller MGRADES. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $9.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75632 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$9.99
  • (0)
  Add to cart