Lattice-based access control specifies the level of access each subject has to each object,if any.
Free
True False
The Information Technology Infrastructure Library (ITIL)is a collection of policies and practices for managing the development and operation of IT infrastructures.____________
Free
True False
The principle of limiting users' access privileges to the specific information required to perform their assigned tasks is known as need-to-know.____________
Free
True False
Which of the following specifies the authorization classification of information asset an individual user is permitted to access,subject to the need-to-know principle?
Multiple Choice
A security blueprint is the outline of the more thorough security framework.
True False
Which access control principle specifies that no unnecessary access to data exists by regulating members so they can perform only the minimum data manipulation necessary?
Multiple Choice
Controls that remedy a circumstance or mitigate damage done during an incident are categorized as which of the following?
Multiple Choice
Which of the following is a generic blueprint offered by a service organization which must be flexible,scalable,robust,and detailed?
Multiple Choice
Separation of duties is the principle by which members of the organization can access the minimum amount of information for the minimum amount of time necessary to perform their required duties.
True False
A person's security clearance is a personnel security structure in which each user of an information asset is assigned an authorization level that identifies the level of classified information he or she is cleared to access.____________
True False
A security monitor is a conceptual piece of the system within the trusted computer base that manages access controls-in other words,it mediates all access to objects by subjects.____________
True False
Information Technology Infrastructure Library provides guidance in the development and implementation of an organizational InfoSec governance structure.
True False
The data access principle that ensures no unnecessary access to data exists by regulating members so they can perform only the minimum data manipulation necessary is known as minimal privilege.____________
True False
In information security,a specification of a model to be followed during the design, selection,and initial and ongoing implementation of all subsequent security controls is known as a blueprint.____________
True False
In a lattice-based access control,a restriction table is the row of attributes associated with a particular subject (such as a user). ____________
True False
The information security principle that requires significant tasks to be split up so that more than one individual is required to complete them is called isolation of duties.____________
True False
Under the Clark-Wilson model,internal consistency means that the system is consistent with similar data in the outside world.
True False
Dumpster delving is an information attack that involves searching through a target organization's trash and recycling bins for sensitive information.____________
True False
Which access control principle limits a user's access to the specific information required to perform the currently assigned task?
Multiple Choice
In information security,a framework or security model customized to an organization,including implementation details is known as a floorplan._____________
True False