HomeworkLib
Question

Multiple choice. Please give a brief explanation for your answer. The implementation of a security program...

Multiple choice. Please give a brief explanation for your answer.

The implementation of a security program was started in an enterprise. Security controls to address confidentiality and availability have been included in the program. What else should be included?
A) Ensure critical systems provide uninterrupted service.
B) Protect data-in-transit from unauthorized disclosure.
C) Ensure systems are not susceptible to unauthorized changes.
D) Secure data to prevent unauthorized disclosure.

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

Correct answer is c) Ensure systems are not susceptible to unauthorised changes.

The property is part of integrity of data definition.

Security programs must ensure 3 types of securities- Confidentiality, Availability and Integrity commonly called CIA triad  

Point A is part of availability

Point B and D are parts of confidentiality

and Point C is part of integrity. So c) is correct

0 0
Add a comment
Know the answer?
Add Answer to:
Multiple choice. Please give a brief explanation for your answer. The implementation of a security program...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • Multiple choice. Please give a brief explanation for your answers. QUESTION 1 PART A An organization...

    Multiple choice. Please give a brief explanation for your answers. QUESTION 1 PART A An organization decided to implement an education program using role-based training, and wants to ensure that each role gets the necessary training based on the role. Which of the following best describes the responsibilities of data owners and indicates what training they need? A) Ensuring data is backed up in accordance with the data policy. B) Ensuring data is classified and labeled correctly. C) Complying with...

  • Multiple choice. Please give a brief explanation for your answer. Which of the following is the...

    Multiple choice. Please give a brief explanation for your answer. Which of the following is the preferred system that provides both data security and non-repudiation? A) PPTP - Point-to-Point Tunneling Protocol B) 3DES - Triple Data Encryption Standard C) PKI - Public Key Infrastructure D) RSA - Data Security

  • Which role has the PRIMARY responsibility for the documentation of control implementation? Systems security engineer Control...

    Which role has the PRIMARY responsibility for the documentation of control implementation? Systems security engineer Control assessor Information System Owner (ISO) Information Owner/Steward When making determinations regarding the adequacy of common controls for their respective systems, Information System Owner (ISO) refer to the Common Control Providers’ (CCP) Privacy Impact Assessment (PIA) Business Impact Analysis (BIA) Authorization Packages Vulnerability Scans An organization-wide approach to identifying common controls early in the Risk Management Framework (RMF) process does which of the following? Considers...

  • Multiple choice. Please give a brief explanation for your answer. Which of the following would a...

    Multiple choice. Please give a brief explanation for your answer. Which of the following would a security administrator use to encrypt transmissions from an internal database to an internal server, keeping in mind that the encryption process must add as little latency to the process as possible? A) ECC B) RSA C) SHA D) 3DES

  • Multiple choice. Please give a brief explanation for your answer. An attacker sent multiple broadcast messages...

    Multiple choice. Please give a brief explanation for your answer. An attacker sent multiple broadcast messages to the network routers, spoofing an IP address of one of the network servers. This caused the network to send a flood of packets to that server and it is no longer responding. What best describes this attack? A) DDoS attack B) TCP SYN flood attack C) Smurf Attack D) TCP hijacking attack

  • Multiple choice. Please give a brief explanation for your answer. While using which type of networking...

    Multiple choice. Please give a brief explanation for your answer. While using which type of networking device would each host 'see' all other traffic on the network? A) network router B) token ring network C) network hub D) network switch

  • DQ1. What is an Audit Work Program (some call it Audit Program)? The audit work program...

    DQ1. What is an Audit Work Program (some call it Audit Program)? The audit work program - Email Surveillance Audit Program – What is the structure and contents including various audit steps. Find 1-2 steps in the audit program where the audit software can be used. How can audit software be used to gather evidence?. (the Audit program (Email Surveillance Audit Program details is attached). DQ3. Review the contents of the Audit Manual of Office of University Audits at University...

  • The discussion: 150 -200 words. Auditing We know that computer security audits are important in business....

    The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...

  • TRUE/FALSE QUESTIONS:  Foundations of Information Security and Assurance 1. There is a problem anticipating and testing for...

    TRUE/FALSE QUESTIONS:  Foundations of Information Security and Assurance 1. There is a problem anticipating and testing for all potential types of non-standard inputs that might be exploited by an attacker to subvert a program. 2. Without suitable synchronization of accesses it is possible that values may be corrupted, or changes lost, due to over-lapping access, use, and replacement of shared values. 3. The biggest change of the nature in Windows XP SP2 was to change all anonymous remote procedure call (RPC)...

  • Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around...

    Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT