Search Header Logo

CO2521 Information Security Management - 3 week revision

Authored by Christopher Finnigan

Computers

University

Used 3+ times

CO2521 Information Security Management - 3 week revision
AI

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

    Content View

    Student View

16 questions

Show all answers

1.

MATCH QUESTION

1 min • 2 pts

Match the following

Ensures that information is available to authorized parties

Availability

Ensures that only authorized parties can view the information.

Integrity

Ensures that information is correct and there is no unauthorized modification

Confidentiality

2.

DRAG AND DROP QUESTION

1 min • 3 pts

Assets can be any resource of value to organisation, they can be ​ (a)   like a website or they can be ​ (b)   such as people and hardware.

logical
physical
expensive
difficult
remote

Answer explanation

Asset – Any resources that are of value to an organization. (Items to be protected). • An asset can be: • Logical – e.g. website; software information or data. • Physical – e.g. person; hardware or computer system

3.

MATCH QUESTION

1 min • 4 pts

Match the following

the technique used to compromise a system and take advantage of a vulnerability.

Threat

a single instance of an information asset suffering damage or destruction.

Exploit

an intentional or unintentional act that causes damage/compromise information or systems

Loss

an action that has the potential to adversely affect operations and assets.

Attack

4.

DRAG AND DROP QUESTION

30 sec • 1 pt

A weakness that could allow an attacker to bypass security is ​ (a)  

Vulnerability
Risk
Exploit
Attack

5.

DRAG AND DROP QUESTION

1 min • 1 pt

​ (a)   is the mechanism that represents the matching of an authenticated entity to a list of information assets and corresponding access levels

Authorisation
Authentication
Auditability
Accountability

Answer explanation

Authentication – process by which a control establishes whether a user/ system is the entity it claims to be. • Authorisation – mechanism that represents the matching of an authenticated entity to a list of information assets and corresponding access levels. • Accountability/Auditability – mechanism that records all actions on a system (authorised or unauthorised).

6.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of these is NOT a description of Confidentiality?

Ensures that no one other than the intended recipient of a message receives it or is able to read it.

Allows authorised users to access and interact with resources, but it actively prevents unauthorised users from doing so.

Measures to ensure the protection of the secrecy of data, objects, or resources.

Ensures that data remains correct, unaltered, and preserved.

7.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of these is NOT a description of Integrity?

Protecting the reliability and correctness of data.

Ensures that data remains correct, unaltered, and preserved

Prevents unauthorised alterations of data.

Authorised subjects are granted timely and uninterrupted access to objects.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Google

Continue with Google

Email

Continue with Email

Classlink

Continue with Classlink

Clever

Continue with Clever

or continue with

Microsoft

Microsoft

Apple

Apple

Others

Others

Already have an account?