《Information Security and Risk Management(112)》由会员分享,可在线阅读,更多相关《Information Security and Risk Management(112)(90页珍藏版)》请在金锄头文库上搜索。
1、Question: 547 | Difficulty: 1/5 | Relevancy: 3/3 Making sure that the data is accessible when and where it is needed is which of the following? confidentiality integrity acceptability ?availability Details Submit a comment on this question Availability is making sure that the data is accessible when
2、 and where it is needed.Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 59.Contributor: Rakesh SudStudy area: CISSP CBK - Information Security and Risk ManagementCovered topic: Confidentiality, integrity
3、 and availability This question ? Copyright 20032009 Rakesh Sud, cccure.org. All rights reserved. No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question: 390 | Difficulty: 3/5 | Relevancy: 3/3 Which of the following is not a goal of integrity? Pre
4、vention of the modification of information by unauthorized users. Prevention of the unauthorized or unintentional modification of information by authorized users. Preservation of the internal and external consistency. ?Prevention of the modification of information by authorized users. Details Submit
5、 a comment on this question Integrity is addressed through the following three goals: 1. Prevention of the modification of information by unauthorized users.2. Prevention of the unauthorized or unintentional modification of information by authorized users.3. Preservation of the internal and external
6、 consistency.Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 31.Contributor: Rakesh SudStudy area: CISSP CBK - Information Security and Risk ManagementCovered topic: Confidentiality, integrity and availa
7、bility This question ? Copyright 20032009 Rakesh Sud, cccure.org. All rights reserved. No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question: 548 | Difficulty: 1/5 | Relevancy: 3/3 Related to information security, availability is the opposite of
8、which of the following? delegation distribution documentation ?destruction Details Submit a comment on this question Availability is the opposite of destruction.Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons,
9、 Page 59.Contributor: Rakesh SudStudy area: CISSP CBK - Information Security and Risk ManagementCovered topic: Confidentiality, integrity and availability This question ? Copyright 20032009 Rakesh Sud, cccure.org. All rights reserved. No unauthorized use or duplication without explicit written permi
10、ssion of author and of cccure.org.Question: 1287 | Difficulty: 1/5 | Relevancy: 3/3 What can be described as a measure of the magnitude of loss or impact on the value of an asset? Probability ?Exposure factor Vulnerability Threat Details Submit a comment on this question The exposure factor is a mea
11、sure of the magnitude of loss or impact on the value of an asset. The probability is the chance or likelihood, in a finite sample, that an event will occur or that a specific loss value may be attained should the event occur. A vulnerability is the absence or weakness of a risk-reducing safeguard. A
12、 threat is event, the occurrence of which could have an undesired impact.Source: ROTHKE, Ben, CISSP CBK Review presentation on domain 3, August 1999. Available at http:/www.cccure.org.Thanks to Deepak Seth for reporting a typo within this question. Contributor: Christian VezinaStudy area: CISSP CBK
13、- Information Security and Risk ManagementCovered topic: Risk management This question ? Copyright 20032009 Christian Vezina, cccure.org. All rights reserved. No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question: 843 | Difficulty: 1/5 | Relevanc
14、y: 3/3 Making sure that the data has not been changed unintentionally, due to an accident or malice is:?Integrity. Confidentiality. Availability. Auditability. Details Submit a comment on this question Integrity is the correct answer. Integrity refers to the protection of information from unauthoriz
15、ed modification or deletion.Confidentiality is incorrect. Confidentiality refers to the protection of information from unauthorized disclosure.Availability is incorrect. Availability refers to the assurance that information and services will be available to authorized users in accordance with the service level objective.Auditability is incorrect. Auditability refers to the ability to trace an action to the identity that performed it and identify the date and time at which it occurred.ReferencesCBK, pp. 5 - 6AIO3, pp. 56 - 57Last modified 6/2
