Computer Security Quiz 1

Confidentiality

The concealment of information or resources to protect sensitive data.

Need to know principle

A military-driven concept that restricts access to information based on necessity.

Cryptographic key

A tool that controls access to unscrambled data, requiring protection itself.

Resource hiding

The practice of concealing system configurations and specific equipment to prevent unauthorized use.

Access control mechanisms

Tools that enforce restrictions on who can access certain data or resources.

Integrity

The trustworthiness of data, ensuring it has not been improperly altered.

Data integrity

The accuracy and consistency of the content of information.

Origin integrity

The verification of the source of data, often referred to as authentication.

Prevention mechanisms

Tools designed to stop unauthorized changes to data.

Detection mechanisms

Tools that report when data integrity has been compromised.

Availability

The ability to access and use information or resources when needed.

Denial of service attacks

Attempts to block access to resources, making systems unavailable.

Threat

A potential violation of security that may or may not occur.

Attacks

Actions taken to exploit vulnerabilities and cause security violations.

Disclosure

Unauthorized access to information.

Deception

Acceptance of false data or impersonation of entities.

Disruption

Interruption or prevention of correct operation of a system.

Usurpation

Unauthorized control over a part of a system.

Snooping

Unauthorized interception of information.

Active wiretapping

Altering data in transit across a network.

Masquerading

Impersonation of one entity by another to deceive.

Delegation

Authorization of one entity to act on behalf of another.

Repudiation of origin

False denial that an entity sent or created something.

Delay

Temporary inhibition of service, often used in conjunction with deception.

Security policy

A statement defining what is allowed and what is not in a security context.

Security mechanism

Methods or tools used to enforce a security policy.

Prevention

Measures taken to ensure an attack fails.

Detection

Identifying when an attack is occurring or has occurred.

Recovery

Actions taken to restore systems after an attack.

Assurance

The trust in the effectiveness of security mechanisms.

Specification

A formal or informal statement of how a system should function.

Testing

A verification technique to ensure a program performs as specified.

Risk

The potential for loss or damage in a given environment.

Outsiders

Unauthorized individuals who pose a threat to an organization.

Insiders

Authorized individuals who may misuse their access to systems.

Social engineering

Manipulating individuals into divulging confidential information.

Detection mechanisms

Tools that analyze system events or data to identify security issues.

Back door

An exception in security rules that allows bypassing security mechanisms.

Trust

The belief in the reliability of security mechanisms and systems.

Security manager challenges

Issues faced in finding trained personnel in computer security.