Question Answers

What does ARPA stand for?

ANSWER: The Department of Defense's (DoD's) Advanced Research Procurement/Project Agency.

Which DoD report attempted to define the multiple control mechanisms necessary for the protection of a multilevel computer system?

ANSWER: The Rand Report R-609.

What was the name of the now obsolete operating system designed for security objectives?

ANSWER: MULTICS.

What is the security that addresses the issues needed to protect items, objects, or areas?

ANSWER: Physical security

What is the security that addresses the protection of individuals or groups authorized to access an organization?

ANSWER: Personal security

What is the security that encompasses the protection of an organization's communications media, technology, and content?

ANSWER: Communications security

If information has a state of being genuine or original and is not a fabrication, it has the characteristic of ________

ANSWER: authenticity

The characteristic of information that deals with preventing disclosure is ________

ANSWER: confidentiality

Information security programs that begin at a grassroots level by system administrators to improve security are often called a (n) ________ approach.

ANSWER: bottom-up

When projects are initiated at the highest levels of an organization and then pushed to all levels, they are said to follow a (n) __________ approach.

ANSWER: top-down

Who is the person responsible for the security and use of a particular set of information?

ANSWER: The data owner

Who is the person responsible for the storage, maintenance, and protection of the information?

ANSWER: The data custodian

What are the three most commonly encountered communities of interest which have roles and responsibilities in information security?

ANSWER:

1 Information security management and professionals,

2 information technology management and professionals,

3 organizational