Exam (elaborations)
SCS 275 Exam 1 Study Set Questions and Answers 2024
- Course
- Institution
SCS 275 Exam 1 Study Set
[Show more]
Content preview
SCS 275 Exam 1 Study SetIntegrity - answer The property that information has not been altered in an unauthorized
way
Backups, checksums and data correcting codes are tools for which security goal? -
answer Integrity
Confidentiality - answer The avoidance of the unauthorized disclosure of information.
Encryption, access control, authentication, authorization, and physical security are tools
for which security goal? - answer Confidentiality
Availability - answer The property that information is accessible and modifiable in a
timely fashion by those authorized to do so
Physical protections and computational redundancies are tools for which security goal?
- answer Availability
Assurance - answer Refers to how trust is provided and managed in computer systems
Authenticity - answer The ability to determine that statements, policies, and permissions
issued by persons or systems are genuine
Anonymity - answer The property that certain records or transactions are not
attributable to any individual
Economy of mechanism, fail-safe defaults, complete mediation, open design, separation
of privilege, least privilege, least common mechanism, psychological acceptability, work
factor, and compromise recording - answer The top 10 security principles
Economy of mechanism - answer Stresses simplicity in the design and implementation
of security measures
Fail-safe defaults - answer States that the default configuration of a system should have
a conservative protection scheme
Complete mediation - answer Every access to a resource must be checked for
compliance with a protection scheme
Open design - answer The security architecture and design of a system should be made
publicly available
, Separation of privilege - answerDictates that multiple conditions should be required to
achieve access to restricted resources or have a program perform some action
Least privilege - answerEach program and user of a computer system should operate
with the bare minimum privileges necessary to function properly.
Least common mechanism - answerIn systems with multiple users, mechanisms that
allow resources to be shared by more than one user should be minimized
Psychological acceptability - answerStates that user interfaces should be well designed
and intuitive.
Work factor - answerThe cost of circumventing a security mechanism should be
compared with the resources of an attacker when designing a security scheme.
Compromise recording - answerSometimes it is more desirable to record the details of
an intrusion than to adopt more sophisticated measures to prevent it
Matrices - answerA table that defines permissions. Each row is associated with a
subject. Each table column is associated with an object, and each table cell is filled with
the access rights for the associated subject and object.
Access Control Lists - answerFor each object a list that enumerates all the subjects that
have the access rights to that object and defines the access rights that each subject has
for that object
Capabilities - answerFor each subject the list of objects for which that subject has
specific (nonempty) access control rights
Symmetric Encryption - answerthe same key is used to encode and decode
Public-Key Encryption - answeruses two keys: a public key that everyone can have and
a private key for only the recipient
Digital Signatures - answerTechnique used to authenticate remote users, such as online
shopping businesses.
Digital Certificates - answerCertificate authority (CA) digitally signs a binding between
an identity and the public key for that identity
Destructive Entry - answerInvolves using force to defeat physical security
Non-Destructive Entry - answerCompromises security without leaving signs of a breach
Side Channel Attacks - answerRather than attempting to directly bypass security
measures, an attacker instead goes around them by exploiting other vulnerabilities
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller julianah420. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
82871 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now