Appendix AAnswers to Review Questions

Chapter 1: Security Governance Through Principles and Policies


  1. B. The primary goals and objectives of security are confidentiality, integrity, and availability, commonly referred to as the CIA Triad.
  2. A. Vulnerabilities and risks are evaluated based on their threats against one or more of the CIA Triad principles.
  3. B. Availability means that authorized subjects are granted timely and uninterrupted access to objects.
  4. C. Hardware destruction is a violation of availability and possibly integrity. Violations of confidentiality include capturing network traffic, stealing password files, social engineering, port scanning, shoulder surfing, eavesdropping, and sniffing.
  5. C. Violations of confidentiality are ...

Get (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide, 8th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.