1.
Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.
A. 
B. 
C. 
D. 
2.
Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. System integrity
A. 
B. 
C. 
D. 
3.
A loss of _________ is the unauthorized disclosure of information.
A. 
B. 
C. 
D. 
4.
A________ level breach of security could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.
A. 
B. 
C. 
D. 
5.
A flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy is a(n) __________.
A. 
B. 
C. 
D. 
6.
An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) __________.
A. 
B. 
C. 
D. 
7.
A(n) __________ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken.
A. 
B. 
C. 
D. 
8.
A(n) _________ is an attempt to learn or make use of information from the system that does not affect system resources.
A. 
B. 
C. 
D. 
9.
Masquerade, falsification, and repudiation are threat actions that cause __________ threat consequences.
A. 
B. 
C. 
D. 
10.
A threat action in which sensitive data are directly released to an unauthorized entity is __________.
A. 
B. 
C. 
D. 
11.
An example of __________ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user.
A. 
B. 
C. 
D. 
12.
The _________ prevents or inhibits the normal use or management of communications facilities.
A. 
B. 
C. 
D. 
13.
A __________ is any action that compromises the security of information owned by an organization.
A. 
B. 
C. 
D. 
14.
The assurance that data received are exactly as sent by an authorized entity is __________.
A. 
B. 
C. 
D. 
15.
__________ is the insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.
A. 
B. 
C. 
D. 
16.
__________ is the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources.
17.
Confidentiality, Integrity, and Availability form what is often referred to as the _____.
18.
A loss of _________ is the disruption of access to or use of information or an information system.
19.
In the United States, student grade information is an asset whose confidentiality is regulated by the __________.
20.
A(n) _________ is a threat that is carried out and, if successful, leads to an undesirable violation of security, or threat consequence.
21.
A(n) _________ is any means taken to deal with a security attack.
22.
Misappropriation and misuse are attacks that result in ________ threat consequences.
23.
The assets of a computer system can be categorized as hardware, software, communication lines and networks, and _________.
24.
Release of message contents and traffic analysis are two types of _________ attacks.
25.
Replay, masquerade, modification of messages, and denial of service are example of _________ attacks.