6 - The Principals Of Infomation Security Flashcards
6.1
What are Legal requirement and prevention?
This is information that is private of an individual and whoever they intend to know this information
Legal requirement under the DPA
Physical and logical security
6.1
requirement and prevention linking to information integrity
Information is maintained, so that it is up to date, accurate, complete and fit for purpose
Legal requirement under the DPA
Can be avoided by periodically checking data
6.1
what is Legal requirement and prevention linking to availability
Information is always available to and to use by the individuals, groups or processes that need to use it
Not under the DPA
Making sure information, hardware and software systems are working correctly to stop workers from being compelled to create copies
6.2
Risk
what is the definition, reason and impact of Unauthorised or unintended access to data?
Any time data is see or used by someone who should not see or use it.
Espionage : gaining an advantage over original holder
Possible infringement of DPA, competitor advantage, reputation
6.2
Risk
what is the definition, reason and impact of Accidental loss of data?
The loss of data itself, rather than a copy or version
Human or equipment error
Breaching the DPA, liable to prosecution, reputation
6.2
Risk
what is the definition, reason and impact of Intentional destruction of data?
Being motivated by a desire to harm the organisation that holds the data
Viruses can delete or encrypt the data
Breached the DPA, cost and reputation
6.2
Risk
what is the definition, reason and impact of Intentional tampering with data?
Data is changed in some way but is still available
Change personal information or competitors information
Decisions based on the data will be flawed and reputation
6.3
Impact
what is the definition and impact of a loss of intellectual property?
Anything that has been created by an individual
Depends on the nature of the item taken, copied or accessed
6.3
Impact
what is the definition and impact of loss of service and access?
Not being able to access a service
Hackers could you use the services purchased
6.3
Impact
what is the definition and impact of failure and security of confidential information?
Not secured data could potentially be accessible to all
Data can be modified and stolen
6.3
Impact
what is the definition and impact of loss of information belonging to a third party?
And attack on a business server is not only impact the business, but also on any businesses or individuals that holds data for
6.3
Impact
what is the definition and impact of loss of reputation
If an organisation fails to keep data safe, they have failed to meet their legal and moral obligations
6.3
Impact
what is the definition and impact of threat to national security
A direct physical threat to the country, as well as a threat to the financial security of the state
6.5
what are locks and biometrics
Locks are a physical mechanism used to fasten shut or close a door, window, container etc
Biometric security devices measure unique characteristics of a person, such as voice pattern, fingerprint patterns etc.
6.5
Impacts of not Placing computers above known flood levels
Data can be lost through a natural disaster like a flood. Pitting machines in areas that are known to be away from damage areas