Computer Security Principles And Practice 3rd Edition by Stalling – Test Bank

Chapter 1 – Computer Systems Overview

TRUE/FALSE QUESTIONS:

T          F          1.  Threats are attacks carried out.

T          F          2.  Computer security is protection of the integrity, availability, and

confidentiality of information system resources.

T          F          3.  Data integrity assures that information and programs are changed only

in a specified and authorized manner.

T          F          4.  Availability assures that systems works promptly and service is not

denied to authorized users.

T          F          5.  The “A” in the CIA triad stands for “authenticity”.

T          F          6.  The more critical a component or service, the higher the level of

availability required.

T          F          7.  Computer security is essentially a battle of wits between a perpetrator

who tries to find holes and the administrator who tries to close them.

T          F          8.  Security mechanisms typically do not involve more than one particular

algorithm or protocol.

T          F          9.  Many security administrators view strong security as an impediment to

efficient and user-friendly operation of an information system.

T          F          10.  In the context of security our concern is with the vulnerabilities of

system resources.

T          F          11.Hardware is the most vulnerable to attack and the least susceptible to

automated controls.

T          F          12.  Contingency planning is a functional area that primarily requires

computer security technical measures.

T          F          13.  X.800 architecture was developed as an international standard and

focuses on security in the context of networks and communications.

T          F          14.  The first step in devising security services and mechanisms is to

develop a security policy.

T          F          15.  Assurance is the process of examining a computer product or system

with respect to certain criteria.