An information system provides this so that authorized users can identify themselves, validate their identity, and use their granted permissions.
What is access control?
100
For hundreds of years, people have used this to obscure messages by replacing each letter with another letter.
What is a cipher?
100
A network connecting computer equipment in one location without use of outside telecommunication services.
What is a local area network (or LAN)?
100
This has direct control over a computer's hardware resources and provides access to them in response to users and their running applications.
What is an operating system (or OS)?
100
These have a more essential role in information security than any policy, tool, or information system component.
What are users?
200
This provides a short-term backup so that information systems continue to run during a blackout.
What is an uninterruptible power supply (or UPS)?
200
This is the current standard for secure communication, officially adopted by the U.S. government in 2001.
What is Advanced Encryption Standard (or AES)?
200
This network layer is a reliable direct point-to-point data connection that allows packet transfer between two networked hosts.
What is the link (or data link) layer?
200
A web page is based on this type of document that web browsers download from a web server, containing references to style information, images, scripts, and links to other documents.
What is hypertext markup language (or HTML)?
200
Even though you don't want this kind of message in your email inbox, using a link in the message to unsubscribe will probably just generate more of these messages.
What is spam?
300
To achieve high availability, this is the most common way to eliminate single points of failure in an information system.
What is redundancy?
300
Although many have made the observation that people incorrectly believe their own encryption methods can't be broken, this principal is attributed to a modern cryptology expert.
What is Schneier's Law?
300
This transport layer protocol supports application protocols by providing reliable delivery of network packets, verifying that all packets are received in the correct order.
What is Transmission Control Protocol (or TCP)?
300
Known vulnerabilities in operating systems and applications are most easily eliminated by this practice of installing small updates provided to fix the cause of the problem.
What is patching?
300
Use of this widely available resource can allow others to easily eavesdrop on unencrypted traffic or capture security information using man-in-the-middle attacks.
What is an open WiFi network?
400
When data has been modified by anything other than an intentional, authorized means, this key security goal has not been met.
What is integrity?
400
To keep confidential data from all other users, this must be used on a shared information system to which you do not have privileged access.
What is file encryption?
400
This system is used to translate between human-readable references to information systems and the numeric addresses used by network protocols to communicate with those systems.
What is the Domain Name System (or DNS)?
400
Web-based and database applications that don't correctly validate input can be tricked into executing specially crafted malicious instructions in this kind of attack.
What is a code-injection attack?
400
Since a strong password is neither shared nor guessable, this must be changed on any new device that is preconfigured with a privileged account for administrative use.
What is a default password?
500
Since a single safeguard isn't reliable enough to completely remove the risk associated with a vulnerability, a secure information system requires the use of this strategy.
What is layered security (or defense in depth)?
500
This is used as part of a system of authorization to securely store passwords so that an entered password can be verified as a match using the same algorithm.
What is a cryptographic hash?
500
This common networking process serves both to prevent the use of private network IP addresses on the public Internet and to shield systems from Internet-based attack.
What is network address translation (NAT)?
500
These applications are hugely popular for communication, but they introduce risks of personal information exposure, fraud, cyberbullying, and damage to one's reputation.
What are social networking applications?
500
Our basic needs (such as faith in God and genuine, deep personal relationships) highlight the reality that information and communication technology, imperfect, incomplete, and insecure as it is, should not receive this from us.