Chapter 1 to Chapter 4

Edit Answers
123456789101112131415161718192021222324252627282930
Across
  1. 3. has primary responsibility for the assessment, management, and implementation of information security in the organization.
  2. 6. when it is free from mistakes or errors and it has the value that the end user expects.
  3. 8. of information is the quality or state of ownership or control.
  4. 9. is a respected professional society that was established in 1947 as “the world’s first educational and scientific computing society.
  5. 10. enables authorized users—persons or computer systems—to access information without interference or obstruction and to receive it in the required format.
  6. 12. The organization must be able to demonstrate that the relevant policy has been made readily available for review by the employee.
  7. 13. is the analysis of measures against established standards.
  8. 15. is an identified weakness in a controlled system, where controls are not present or are no longer effective.
  9. 16. A single instance of an information asset suffering damage or unintended or unauthorized modification or disclosure.
  10. 19. The organization must be able to demonstrate that the employee understood the requirements and content of the policy.
  11. 22. A subject or object’s ability to use, manipulate, modify, or affect another subject or object.
  12. 23. is the American contribution to an international effort by the World Intellectual Properties Organization (WIPO) to reduce the impact of copyright, trademark, and privacy infringement, especially when accomplished via the removal of technological copyright protection measures.
  13. 24. is a formal approach to solving a problem by means of a structured sequence of procedures.
  14. 26. The organization must be able to demonstrate that the employee agreed to comply with the policy through act or affirmation.
  15. 29. is an attempt to gain personal or financial information from an individual, usually by posing as a legitimate entity.
  16. 30. is any software program intended for marketing purposes such as that used to deliver and display advertising banners
Down
  1. 1. guidelines that describe acceptable and unacceptable employee behaviors in the workplace
  2. 2. allows any person to request access to federal agency records or information not determined to be a matter of national security.
  3. 4. is the legal obligation of an entity that extends beyond criminal or contract law
  4. 5. when it is protected from disclosure or exposure to unauthorized individuals or systems.
  5. 7. The organization must be able to demonstrate that it disseminated the document in an intelligible form, including versions for illiterate, non-English read- ing, and reading-impaired employees.
  6. 11. also known as the Kennedy-Kassebaum Act, protects the confidentiality and security of health care data by establishing and enforcing standards and by standardizing electronic data interchange.
  7. 14. of information is the quality or state of being genuine or original, rather than a reproduction or fabrication.
  8. 17. is any technology that aids in gathering information about a person or organization without their knowledge.
  9. 18. created by the World Trade Organization (WTO) and negotiated over the years 1986–1994, introduced intellectual property rules into the multilateral trade system.
  10. 20. when it is whole, complete, and uncorrupted.
  11. 21. control strategy is the choice to do nothing to protect a vulnerability and to accept the outcome of its exploitation.
  12. 25. is a program or device that can monitor data traveling over a network.
  13. 27. control strategy attempts to reduce the impact caused by the exploitation of vulnerability through planning and preparation.
  14. 28. can lead to unauthorized real or virtual actions that enable information gatherers to enter premises or systems they have not been authorized to enter.