NAME: VENKATA SHIVA SAI SUMANTH KOVURI
SEMO.ID: S02045166
Legal, Risk, and Compliance for Security
QUIZ-1
1.
What is the difference between a threat agent and a threat?
Ans.
Someone, anything, or anything else that poses a continuous risk to an asset is considered a threat. Anything that initiates an attack to compromise or pilfer the data or
tangible assets of an organization is considered a threat agent, be it a person, thing, or other.
2. What is the difference between vulnerability and exposure?
Ans.
When controls are absent or ineffective in a system that is under control, it is known as a vulnerability. One time a system is vulnerable to harm; it's called an exposure. Exposure may have resulted from vulnerabilities.
3. How is infrastructure protection (assuring the security of utility services) related to
information security?
Ans.
Information systems that are dependable and maintain high availability are necessary for the availability of information assets.
4. What type of security was dominant in the early years of computing?
Ans.
The early years of computing was dominated by physical security.
5. What are the three components of the C.I.A. triangle? What are they used for?
Ans.
The three components of the C.I.A triangle are confidentiality, integrity, and availability.
They are used for:
Confidentiality:
Only those who are supposed to access the information should be able to access it.
Integrity:
Data should be sent exactly as it was sent.
