Your browser does not support JavaScript!
AMA University Answers
Login Register

Information Assurance and Security 2

Showing 1-75 of 93 answers

_______ : assuring that authorized users have continued access to information and resources
  • Availability Correct
_______ is a weakness or fault in a system that exposes information to attack.
  • Vulnerability Correct
________ :assuring that information and programs are changed only in a specified and authorized manner.
  • Integrity Correct
_________ are the mechanisms and techniques—administrative, procedural, and technical—that are instituted to implement a security policy
  • Management controls Correct
___________________ or security ratings are the cyber equivalent of a credit score.
  • Cybersecurity ratings Correct
__________:controlling who gets to read information
  • Confidentiality Correct
20 different risk markers grouped under five main categories
  • Security, Medical, Political, Environmental and Infrastructural Risks Correct
A ______ is a concise statement, by those responsible for a system (e.g., senior management), of information values, protection responsibilities, and organizational commitment.
  • security policy Correct
A ______ that must be restored within an hour after disruption represents, and requires, a more demanding set of policies and controls than does a similar system that need not be restored for two to three days.
  • system Correct
a data endowed with relevance and purpose.
  • Information Correct
A major conclusion of this report is that the lack of a clear_____of security policy for general computing is a major impediment to improved security in computer systems.
  • articulation Correct
a variety of ongoing measures taken to reduce the likelihood and severity of accidental and intentional alteration, destruction, misappropriation, misuse, misconfiguration, unauthorized distribution, and unavailability of an organization’s logical and physical assets, as the result of action or inaction by insiders and known outsiders, such as business partners.”
  • Personnel security Correct
Accepted facts, principles, or rules of thumb that are useful for specific domains.
  • Knowledge Correct
According to _____ , IA can be thought of as protecting information at three distinct levels.
  • Blyth and Kovacich Correct
According to _______ IA has four major categories: physical security personnel security IT security operational security.
  • Debra Herrmann Correct
According to ______taxonomy of information security, a computing environment is made up of five continuously interacting components
  • Raggad’s Correct
Always closely guard their personal effects when it comes to identity theft.
  • True Correct
An _____ must have administrative procedures in place to bring peculiar actions to the attention of someone who can legitimately inquire into the appropriateness of such actions, and that person must actually make the inquiry.
  • organization Correct
An effective ________ controls is needed to cover all aspects of information security, including physical security, classification of information, the means of recovering from breaches of security, and above all training to instill awareness and acceptance by people.
  • program of management Correct
As viruses have escalated from a hypothetical to a commonplace threat, it has become necessary to rethink such policies in regard to methods of distribution and acquisition of
  • software Correct
assurance that information is not disclosed to unauthorized persons.
  • Confidentiality Correct
assurance that the sender is provided with proof of a data delivery and recipient is provided with proof of the sender’s identity, so that neither can later deny having processed the data.
  • Non-repudiation Correct
Because ratings are easy to understand, they are a useful mechanism for ____________________ and vendor risk to a non-technical audience in the C-suite, boardroom, or with the vendor in question.
  • communicating internal Correct
Both individuals need to know what data is most critical to the organization so they can focus on placing the right ____________________ and monitoring controls on that data.
  • cyber risk management Correct
Business partners and investors are increasingly aware of the importance of this topic, and companies are asked regularly about their effectiveness in securing data and managing both ___________________.
  • physical and cyber risk Correct
Carrying items makes you more vulnerable targets for criminals.
  • True Correct
Computer security and cybersecurity are both children of ______________________.
  • information security Correct
Computer security and cybersecurity are completely ___________________, and require digital computer technology from 1946’s ENIAC to now.
  • interchangeable terms Correct
Computers are ______ entities, and programs can be changed in a twinkling, so that past happiness is no predictor of future bliss.
  • active Correct
Criminals are constantly surveying the environment for an opportunity to commit crimes.
  • True Correct
Cybersecurity professionals traditionally understand the technology, firewalls, and intrusion protection systems needed, but weren’t necessarily brought up in the ___________________.
  • data evaluation business Correct
Data and data processing activities in physical space.
  • physical Correct
Disruptions in their day-to-day business: Time is money.
  • True Correct
Early disclosure may jeopardize______ advantage, but disclosure just before the intended announcement may be insignificant.
  • competitive Correct
Ensuring proper HTTPS implementation for an ecommerce website or mobile app falls under cybersecurity and computer security, so it’s ___________________.
  • information security Correct
Feeling confident about their organization's security level: When information security community members participated in the Cybersecurity Trends Report, they were asked how positive they felt about their security stance.
  • True Correct
Fifth Reason why investing in information security is significant
  • Regulatory compliance's Correct
First Reason why investing in information security is significant
  • Rising cost of breaches Correct
For a ________ , the chief concern may be ensuring the confidentiality of classified information, whereas a funds transfer system may require strong integrity controls
  • national defense system Correct
for assets are one that has known threats
  • hostile environment Correct
Fourth Reason why investing in information security is significant
  • Funded hackers and wide availability of hacking tool Correct
If you feel vulnerable do not ask Police or Security to escort you to your car
  • False Correct
If you have an intuitive feeling something is wrong, trust your instincts.
  • True Correct
If your data is stored physically or digitally, you need to be sure you have all the right ____________________ in place to prevent unauthorized individuals from gaining access.
  • physical access controls Correct
In any particular circumstance, some threats are more probable than others, and a______ must assess the threats, assign a level of concern to each, and state a policy in terms of which threats are to be resisted.
  • prudent policy setter Correct
In some scenarios, an __________________ would help a cybersecurity professional prioritize data protection — and then the cybersecurity professional would determine the best course of action for the data protection.
  • information security professional Correct
Info security is concerned with making sure data in any form is kept secure and is a bit broader than
  • cybersecurity Correct
Information and data manipulation abilities in cyberspace.
  • information infrastructure Correct
Information is one of the most significant ______ resources.
  • non-substantial Correct
involves the implementation of standard operational security procedures that define the nature and frequency of the interaction between users, systems, and system resources, the purpose.
  • Operational security Correct
is a collection of computing environments connected by one or more internal networks under the control of a single authority and security policy, including personnel and physical security.
  • enclave Correct
is a nonhostile environment that may be protected from external hostile elements by physical, personnel, and procedural countermeasures.
  • Benign environment Correct
is a requirement whose purpose is to keep sensitive information from being disclosed to unauthorized recipients.
  • Confidentiality Correct
is all about protecting data that is found in electronic form (such as computers, servers, networks, mobile devices, etc.) from being compromised or attacked.
  • Cybersecurity Correct
is another way of saying “data security.”
  • Information security Correct
is the study of how to protect your information assets from destruction, degradation, manipulation and exploitation. But also, how to recover should any of those happen.
  • Information Assurance Correct
IT is the ___________________for practical purposes, largely for industry (mainframes, supercomputers, datacentres, servers, PCs and mobile devices as endpoints for worker interaction) and consumers (PCs, mobile devices, IoT devices, and video game console endpoints for enduser lifestyles.)
  • application of computer science Correct
IT security can probably be used interchangeably with cybersecurity, computer security and information security if ___________________.
  • it pertains to business Correct
Keeping information___________________ electronic computers (such as ancient cryptography) to this very day falls under the banner of information security.
  • secure for the history of data predating Correct
Knowledge and understanding in human decision space.
  • perceptual Correct
Layer describes the notion that data ought to be secured while in motion.
  • data in motion Correct
Layer describes the notion that the physical access to any system, server, computer, data center, or another physical object storing confidential information has to be constrained to business ought-to-know.
  • Physical Access Correct
may prevent people from doing unauthorized things but cannot prevent them from doing things that their job functions entitle them to do.
  • Technical measure Correct
Method of reducing criminal opportunity.
  • Be alert and aware, Display confidence, Keep your hands free, Trust your instincts, Ask for help, Closely Guard your personal Effects Correct
One can implement that policy by taking specific actions guided by management control principles and utilizing specific security standards, procedures, and
  • mechanisms Correct
Over the last decade, we’ve seen a _________________ between cybersecurity and information security, as these previously siloed positions have come together.
  • fusion Correct
protection against unauthorized modification or destruction of information
  • Integrity Correct
Raw facts with a known coding system
  • Data Correct
Raw facts with an unknown coding system
  • Noise Correct
refers to the protection of hardware, software, and data against physical threats to reduce or prevent disruptions to operations and services and loss of assets.”.
  • Physical security Correct
Second Reason why investing in information security is significant
  • Increasingly sophisticated attacker Correct
security measures to establish the validity of a transmission, message, or originator.
  • Authentication Correct
sing this high-level, objectively-derived data can simplify the ______________________ around risk.
  • conversation Correct
Some ____are explicitly concerned with protecting information and information systems, but the concept of management controls includes much more than a computer's specific role in enforcing security.
  • management controls Correct
The framework within which an organization strives to meet its needs for information security is codified as _____
  • Security policy Correct
All courses