Computer Security Principles And Practice 4th Edition By William Stallings - Test Bank

Evaluation {Ans: Examination of a computer product or system with respect to certain criteria, involving testing and formal analytic or mathematical techniques}Accountability {Ans: Tracking of data, computer usage, and network resources}Standards {Ans: Developed to cover management practices and the overall architecture of security mechanisms and services by organizations like NIST, ISOC, ITU-T, and ISO}Computer Security Strategy {Ans: Involves security policy, implementation, assurance, and evaluation}Method—Opportunity—Motive (MOM) {Ans: Three elements required by a malicious attacker: method, opportunity, and motive}Assurance {Ans: Attribute of an information system to ensure enforcement of the security policy}Computer Security {Ans: Protection of hardware, software, and data assets of a computer system}Confidentiality {Ans: Ensures that assets are not accessed by unauthorized people}Countermeasure or Control {Ans: Device, technique, or procedure with the objective to remove current attack or reduce a vulnerability}Non-repudiation {Ans: Having proof that someone has taken an action}Attack Surface Analysis {Ans: Technique for assessing the scale and severity of threats to a system, guiding security measures testing and modification}Integrity {Ans: Ensures that assets are not modified or altered without proper authorization}Attack Surface {Ans: Reachable and exploitable vulnerabilities in a system, categorized as network, software, and