Sec Ch. 1

The bottom-up approach to information security has a higher probability of success than the top-down approach
False
_____ security addresses the issues necessary to protect the tangible items, objects, or areas of an organization from unauthorized access and misuse.
Physical
__________ is a network project that preceded the Internet.
ARPANET
The implementation phase is the longest and most expensive phase of the systems development life cycle (SDLC).
False
Part of the logical design phase of the SecSDLC is planning for partial or catastrophic loss. ____ dictates what immediate steps are taken when an attack occurs.
Incident response
An e-mail virus involves sending an e-mail message with a modified field.
False
Many states have implemented legislation making certain computer-related activities illegal.
True
A breach of possession always results in a breach of confidentiality
False
In file hashing, a file is read by a special algorithm that uses the value of the bits in the file to compute a single number called the __________ value.
hash
To achieve balance — that is, to operate an information system that satisfies the user and the security professional — the security level must allow reasonable access, yet protect against threats
True
Policies are detailed written instructions for accomplishing a specific task.
False
The roles of information security professionals are almost always aligned with the goals and mission of the information security community of interest.
True
The investigation phase of the SecSDLC begins with a directive from upper management.
True