CSE 4471 Quizzes and Homework 2023 solution guide
Name the 6 major components of an information system
1. data
2. people
3. networks
4. hardware
5. software
6. procedures
According to the 2015 Information Systems Audit and Control Association (ISAC) report, what was the biggest gap in the...
cse 4471 quizzes and homework 2023 solution guide name the 6 major components of an information system 1 data 2 people 3 networks 4 hardware 5 software 6 procedures according to the 2015 inform
Written for
CSE 4471
All documents for this subject (26)
Seller
Follow
magdamwikash23
Reviews received
Content preview
CSE 4471 Quizzes and Homework 2023 solution guide
Name the 6 major components of an information system
1. data
2. people
3. networks
4. hardware
5. software
6. procedures
According to the 2015 Information Systems Audit and Control Association (ISAC)
report, what was the biggest gap in the knowledge of security professionals
today?
Not knowing that a security risk exists
asset
a specific organizational resource of value
attack
an intentional or unintentional act that may damage an asset; an action which
instantiates a threat; when a threat becomes realized
countermeasure
a specific security mechanism or policy which is intended to improve security
threat
an object, person or other entity which represents a danger to assets
authentic
an attribute of information which is genuine
confidential
an attribute of information which has access restrictions
available
an attribute of information which is accessible for use without obstruction
accurate
an attribute of information which is free from errors
integrity
an attribute of information which is complete and uncorrupted
utility
an attribute of information which has a useful purpose
possession
an attribute of information describing data ownership or control
access
the ability to interact with a resource, legitimately or otherwise
exploit
a known, documented method of attack
(a technique used to compromise an information system)
loss
actual damage to an information asset
threat agent
a person or system who uses exploits to instantiate threats
vulnerability
, a system weakness or fault which decreases security
evolution
considered the first phase in the security development life-cycle, concerns include
establishing project goals and determining feasibility
analyze
a phase of the security development life-cycle which includes analyzing potential legal
issues as well as performing other risk evaluation processes
design
a phase of the SDLC where we select key components, and finalize plans for business
continuity and incident response
implementation
a phase of the SDLC where we "build it or buy it"
What is the difference between a threat and a threat agent?
threat - an object, person or entity that represents a danger to assets
threat agent - a person or system who uses exploits to instantiate threats
What are the 3 components of the CIA triangle?
1. confidentiality
2. integrity
3. availability
What are the sides of the McCumber Cube (CNSS security model)?
security aspect
1. confidentiality
2. integrity
3. availability
state of data
1. storage
2. processing
3. transmission
tool category
1. policy
2. technology
3. education
What is C-2 security?
C-2 security is a level of security where the person/company must follow those
standards to achieve C-2 security. This is part of an A-D, 1-4 security standard where it
shows how strict the security is.
Concisely describe a TCP SYN Flood attack.
Many transmissions occur on the same TCP networks
Sender sends too many TCP SYN requests for the receiver to process, so a connection
cannot be established
From 2000 to 2011, the incidence of several specific attack types declined. Name
one such attack type, and provide a reasonable statement of why it's frequency
has declined.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller magdamwikash23. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.99. You're not tied to anything after your purchase.