Principles of Information Security Chapter 2 Review Questions

1112 Words5 Pages
1. Management is responsible for implementing information security to protect the ability of the organization to function. They must set policy and operate the organization in a manner that complies with the laws that govern the use of technology. Technology alone cannot solve information security issues. Management must make policy choices and enforce those policies to protect the value of the organization’s data. 2. Data is important to an organization because without it an organization will lose its record of transactions and/or its ability to furnish valuable deliverables to its customers. Other assets that require protection include the ability of the organization to function, the safe operation of applications, and technology…show more content…
10. Types of malware: Viruses, worms, Trojan horses, logic bombs and back doors. Viruses are segments of code that induce other programs to perform actions. Worms can replicate themselves constantly without requiring another program to provide a safe environment for replication. A Trojan horse may carry either a worm or a virus. 11. Polymorphic threats can change their appearances over time. These viruses and worms actually evolve, changing their size and other external file characteristics to elude detection. This makes them virtually undetectable by techniques that look for preconfigured signatures. 12. Software Piracy is the most common form of violation of intellectual property. Digital watermarks and embedded code, copyright codes, and even the intentional placement of bad sectors on software media have been used to enforce copyright laws. Another effort to combat piracy is online registration. Software information industry association (SIIA) and Business Software Alliance (BSA) both fight against IP Violations. 13. Force majeure or forces of nature are threats such as fire, flood, earthquake, lightning, landslide/mudslide, tornado/severe windstorm, hurricane/typhoon, tsunami, electrostatic discharge (ESD), and dust contamination. Las Vegas – Windstorms and floods. Oklahoma City – Tornados. Miami – Hurricanes. Los Angeles – Earthquakes or Fires 14. It occurs when technology becomes outdated, and results in an increased threat. Proper

More about Principles of Information Security Chapter 2 Review Questions

Open Document