sec578 midterm exam 2017 march

October 23, 2025 Claire B 0 Comments

Question 1.1.(TCO A) According to NIST, a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited is a(n) ______. (Points : 5)

vulnerability
threat
risk
impact
danger

Question 2.2.(TCO B) The expression {(confidentiality, impact), (integrity, impact), (availability, impact)} is an expression called what? (Points : 5)

Security Risk
Security Threat
Security Damage
Security Category
INFOCON

Question 3.3.(TCO C) According to NIST, preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information is called _______. (Points : 5)

nonrepudiation
confidentiality
authorization
integrity
availability

Question 4.4.(TCO F) According to NIST, what is the weakest link in security? (Points : 5)

Administrative controls
Technical controls
Personnel controls
Physical controls
People

Question 1. 1. (TCO A) What does it mean to say that
information assets are critical business assets? (Points : 5)

Spellchecker

Question 2. 2. (TCO B) Explain why the term due care is very
rarely used in policy documents. (Points : 5)

Spellchecker

Question 3. 3. (TCO C) What are the vulnerabilities that (1)
confidentiality controls, (2) integrity, controls, and (3) availability
controls protect information assets against? (Points : 5)

Spellchecker

Question 4. 4. (TCO F) Describe the idea of reuse in the
computer systems life cycle. (Points : 5)

Spellchecker

Below 4

1. (TCO A) Reuse is a term that is commonly used to mean
that things do not need to be developed each time that they are needed, but
rather can be used over and over without redevelopment. Reuse is common in the
software and hardware industries. However, one must be careful with reuse. What
is a pitfall of the strategy of reuse? (Points : 15)

Spellchecker

Question 2. 2. (TCO B) Controlled Unclassified Information
is a term invented by the President of the United States in 2008. This new
category of information replaces about 150 (or more) existing categories of information
and eliminates those over a five-year period. Controlled Unclassified
Information is intended to include all of the unclassified information
currently addressed by SOX, HIPAA, FERPA, FISMA, GLB, and so forth. When this
effort is completed, there will be exactly three categories of Controlled
Unclassified Information, which will replace all 150 (or more) current
information categories. What is the advantage of reducing the number of
categories of unclassified information from the estimated 150 to three? (Points
: 15)

Spellchecker

Question 3. 3. (TCO C) Today, several security services are
increasingly provided as common security services. These include audit and
monitoring services, authentication services, access management services, directory
services, and a variety of detection, prevention, and mitigation services. What
is meant by “common security services” and what advantage and
disadvantage do they provide when compared to commodity security controls?
(Points : 15)

Spellchecker

Question 4. 4. (TCO F) Explain why human errors are
considered a threat to computer security. (Points : 15)

Spellchecker

Share:

Categories:

Business

Graded Homework

sec578 midterm exam 2017 march

Order a similar assignment, and have writers from our team of experts write it for you, guaranteeing you an A