Chapter 1- Overview Flashcards
Act of protecting data and information from unauthorized access, unlawful modification and disruption, disclosure, corruption, and destruction.
Information Security
Act of protecting the systems that hold and process our critical data.
Information Systems Security
What does CIA Triad stand for?
- Confidentiality
- Integrity
- Availability
Information has not been disclosed to unauthorized people.
Confidentiality
Information has not been modified or altered without proper authorization.
Integrity
Information is able to be stored, accessed, or protected at all times.
Availability
What does AAA of Security stand for?
- Authentication
- Authorization
- Accounting
When a person’s identity is established with proof and confirmed by a system.
Authentication
Occurs when a user is given access to a certain piece of data or certain areas of a building
Authorization
▪ Tracking of data, computer usage, and network resources ▪ Non-repudiation occurs when you have proof that someone has taken an action
Accounting
What are the Security Threats?
- Malware
- Unauthorized Access
- System Failure
- Social Engineering
Short-hand term for malicious software (More in Chapter 2)
Malware
Occurs when access to computer resources and data occurs without the consent of the owner
Unauthorized Access
Occurs when a computer crashes or an individual application fails
System Failures
Act of manipulating users into revealing confidential information or performing other detrimental actions
Social Engineering
What are the Mitigating Threats
- Physical Controls
- Technical Controls
- Administrative Controls
Alarm systems, locks, surveillance cameras, identification cards, and security guards are all examples of?
Physical Controls
Smart cards, encryption, access control lists (ACLs), intrusion detection systems, and network authentication
Technical Controls