Chapter 1: Introduction Flashcards
The protection of assets on a computer or computer system
Computer security
Items of value on a computer or computer system
Assets
Hardware or software that is commercially available (not custom-made) and can be easily replaced
Off-the-shelf
A weakness in the system that can be exploited to cause harm or loss
Vulnerability
A set of circumstances that has the potential to cause loss or harm
Threat
When a vulnerability is exploited to cause harm or loss
Attack
An action, device, procedure, or technique that removes or reduces a vulnerability
Control or countermeasure
The ability of a system to ensure that an asset is viewed only by authorized parties
Confidentiality
The ability of a system to ensure that an asset is modified only by authorized parties
Integrity
The ability of a system to ensure that an asset can be used by authorized parties
Availability
The ability of a system to confirm the identity of a user
Authentication
The ability of a system to confirm that a user cannot convincingly deny having committed a given action
Nonrepudiation or Accountability
The three acts that characterize the kinds of harm that can be committed against an asset
Interception, Interruption, and Modification
The term for a person, process, or program accessing a data item
Subject
A data item being accessed by a person, process, or program
Object
The kind of access granted to a person, process, or program to a data item
Access mode
The authorization permitting a person, process or program to access a data item
Policy
A key model of computer security in which one or more policies are designed to guide the way access is permitted to subjects of a given object
Access control
Harm caused by natural disasters, loss of electrical power, or failure of a component
Nonhuman threats
Harm caused by user error
Nonmalicious harm
An attack in which the attacker is attempting to cause harm to any computer or user without prior knowledge of that computer or user
Random attack
An attack directed at a specific computer, user, or organization
Directed attack
A dictionary of publicly known security vulnerabilities and exposures
The Common Vulnerabilities and Exposures (CVE) list, available at cve.org
A standard measurement system that allows accurate and consistent scoring of the impact of vulnerabilties
The Common Vulnerability Scoring System (CVSS), available at nvd.nist.gov/vuln-metrics/cvss
A threat against many computers that belong to a network
Cyberthreat
The online world of computers
Cyberspace
An illegal attack against computers connected to or reached from their network, as well as their users, data, services, and infrastructure
Cybercrime
Security as applied to individual computers and devices, as well as to the broader collection of devices in networks with other users and devices
Cybersecurity
Threats that come from organized, well-financed, patient assailants engaging in long-term campaigns targeted at specific systems or users
Advanced persistent threats
The members of a cybercrime team that manage their team’s full slate of malicious payloads (viruses, ransomware, denial-of-service attack packets), deciding which tool to use and which moment represents the best opportunity to launch an attack
Network administrators
The members of a cybercrime team that are charged with making sure that any and all malicious software that is successfully installed on a target’s systems continues running for as long as possible
Intrusion specialists
The members of a cybercrime team that organize and reformat stolen data in order to make sense of it
Data miners
The members of a cybercrime team that are tasked with developing new variations of malicious software capable of infecting targeted systems, spreading quickly and widely, and evading detection
In-house programmers
The members of a cybercrime team that determine how much money the specific stolen information is worth on various black markets
Financial specialists
The negative consequences of actualized threats
Harm
The process of choosing which threats to try to mitigate
Risk management
The amount of risk that remains uncovered by controls or countermeasures
Residual risk
The amount of damage or potential harm that can be caused by a threat
Impact
The three elements a malicious attacker must have to be successful
Method, opportunity, and motive (also called MOM)
The skills, knowledge, tools, and other things with which to perpetrate an attack
Method
The time and access needed to execute an attack
Opportunity
The reason to perpetrate an attack
Motive
An attacker that downloads a complete attack code package and needs only to enter a few details to identify the target and perform an attack
Script kiddie
A system’s full set of vulnerabilities, both actual and potential
Attack surface
Controls or countermeasures that use tangible objects or people to stop or block an attack or threat
Physical controls
Controls or countermeasures that use commands or agreements to require or advise people how to act
Procedural controls or administrative controls
Controls or countermeasures that use technology to counter threats
Technical controls
The use of more than one control or countermeasure, or the use of more than one class of control or countermeasure to achieve protection
Overlapping controls or defense in depth
