Show:
Questions
Responses
Print
CIA
Threats
Goals
Attacks
Controls
100
These are three common goals of information security.
What are confidentiality, integrity, and availability?
100
This is the greatest threat to information security.
What are humans?
100
This attacker goal describes for making resources unavailable or extremely limited.
What is “Interruption” or “Denial”?
100
In this type of attack, the attacker tricks a user into revealing information.
What is social engineering?
100
Authenticating someone is a control for this leg of the CIA triad.
What is “Integrity”?
200
This ensures information cannot be accessed by or disclosed to unauthorized parties.
What is confidentiality?
200
These external threat actors are usually very technically adept and enjoy the challenge of breaking into an organization.
What are “hackers”?
200
This attacker goal describes modifying or fabricating data.
What is “Deception”?
200
The installation of an unauthorized transmission device is an example of this type of attack.
What is a physical attack?
200
This is one of the three means by which we can authenticate someone.
What is "by what you have," "by what you know," or "by who you are"?
300
This refers to the protection of data and information systems.
What is information security?
300
*** DAILY DOUBLE ***
These are categories of human threats.
What are “external” and “internal”?
300
This attacker goal describes exposing information to unauthorized parties.
What is “Interception” or “Disclosure”?
300
The ability to "log keystrokes" is delivered through this type of attack.
What is malicious code?
300
This ensures someone cannot deny their statement.
What is “nonrepudiation”?
400
This ensures information cannot be modified in an unauthorized manner.
What is integrity?
400
These external threat actors are not technically adept are tend to enjoy cyber vandalism.
What are “script kiddies”?
400
This exploits a vulnerability that doesn’t yet have a remedy.
What is a “Zero-day attack”?
400
** DAILY DOUBLE ***
Network sniffers are used to engage in this type of attack.
What is electronic eavesdropping?
400
This is used to verify data has not been modified.
What is “cryptography”?
500
These IS goals are impacted by environmental disasters.
What are availability and integrity?
500
These are the two categories of internal threats.
What are “malicious insiders” or “untrained users”?
500
This attacker goal describes gaining unauthorized control of some part of a system.
What is “Usurpation”?
500
This results when a “threat” might be used to exploit a particular “vulnerability.”
What is a “risk” to the system?
500
A courier is an example of this type of confidentiality control.
What is a “secure channel”?