INFORMATİON TECHNOLOGİES

In general, the definition of an adversary is as follows:
Any person, group or force that may intentionally infringe on the integrity, confidentiality and availability of information. Therefore, the correct answer is C.

In general, the definition of securityn breach is as follows:
It is a software or hardware failure or incompleteness which could result in a breach of access in computer security. Therefore, the correct answer is C.

Reliability describes the ability of a system to maintain its function under a given set of conditions for a certain period of time. Therefore, the correct answer is B.

In information technology, there are three principle goals of security (1) confidentiality, (2) integrity, and (3) availability of information. The solution is Availability. Therefore, the correct answer is D.

Confidentiality can be defined as: Prevention of the disclosure of information to unauthorized
persons. Therefore, the correct answer is A.

The solution is 

1: Original Data 2: Public Key 3: Scrambled Data 4: Private Key 5: Original Data. Therefore, the correct answer is D.

Pishing is a specialized type of spam that attempts to trick you into entering one’s confidential personal information for identity theft or fraud. Therefore, the correct answer is B.

The definition given in the question is known as the threat definition.

Threat: It is an action or possible event to violate the security of the system by exploiting known or unknown vulnerabilities (weak points in the security of the system). Threats can be the source of natural events, accidents, or intentional attacks to harm the computer system. Simply, a threat can be considered what it is aimed to be protected against. Therefore, the correct answer is B.

The answer is e.
Always leaving an open door for remote access to the computer is not a best practice for avoiding security threats in a computer. Therefore, the correct answer is E.

Risk can also be defined as a function of threats utilizing vulnerabilities in the system to obtain, modify, damage or destroy the available assets of the system. The answer is A, Risk = Assets x Threats x Vulnerabilities. Therefore, the correct answer is A.

Adversary is any person, group or force that may intentionally infringe on the integrity, confidentiality and availability of information. Correct answer is C.

There are three important goals of security as confidentiality, availability and integrity.  Privacy can not be shown among the goals of security. Correct answer is D.

There are mainly two categories of cryptographic algorithms, symmetric and public key (asymmetric) cryptographic algorithms. Symmetric cryptography uses only one shared key. Sender and receiver agree on a key and encrypts and decrypt the messages using this key, respectively. The same key is used to encrypt and decrypt the data. Contrarily, public key cryptography requires two different keys, private key that is only known by the owner and public key that is delivered anyone freely. Data encrypted by the public key can only be decrypted by its private key counterpart. Correct answer is A.

Since each of the participiants has a key pair in which one of the keys is public and the other one is private, the communication between participiants are provided with public key cryptography.  Data encrypted by the private key can only be decrypted by its public key counterpart. Data encrypted with a public key can only be decrypted with its private key. If John encrypts a message with his private key both July and Mary can decrypt the message. Because they know John's public key. If John encypts a message with Mary's public key, only Mary can decrypt the message. If John takes a message encrypted by his public key, the message may be sent by either Mary or July because both of them know John's public key. Correct answer is A.

Username is not a way of proving that a person who he/she claims that he/she is. Username is the identification process. Using password, authentication can be provided. Another type of authentication is showing something about one’s identity, such as a national identity card, driver’s license, and smart card. One can also authenticate using biometrics. When someone uses his/her biometrics, he/she must first identify himself/herself then submit his biometric information such as a fingerprint or an iris scan. Correct answer is B.

A risk in a computer security can be anything on the computer that may harm or copy the data, or allow one to access the computer without anyone’s knowledge. Simply, risk is the intersection of assets, threats, and vulnerabilities. Correct answer is E.

Possible actions in risk management is eliminating or mitigating risk, assigning risk to a third party or transferring risk and accepting risk.  Suppose that the risk management has same set of actions for a computer based system that is connected to the Internet. There are numerous vulnerabilities in such a system so that malicious intruders can harm the system. Thus, the risk in this system is very high especially if the data is sensitive. To eliminate the risk, employing strong security primitives, e.g., installing an antivirus program, enabling a firewall and using trusted hardware and software will help to mitigate the risk. Again, transferring this risk to a third party is possible. Security can be guaranteed by a secure network service provider. For some situations, the system has to accept the risk since some websites provides minimal security that might lead a potential data loss or harm. Correct answer is C.

A Trojan horse creates an environment that allows its programmer to open a certain channel on the system, allowing the attacker to monitor or control the infected user’s system. Correct answer is D.

Opening e-mails from someone you do not know may harm your computer security. Correct answer is B.

Security is a degree of protection of computer hardware and software from intentional or unintentional changes, uses, spoofing, spread of information over unauthorized people. Correct answer is C.