Chapter 16: Protection and Security Flashcards
Computer security is
the freedom from theft of or damage to hardware, software, or information, and from disruption or misdirection of services.
Protection is
the set of mechanisms and policies that guarantee computer security, including the confidentiality, integrity, availability, and authenticity of all data and services.
Information disclosure
An unauthorized release or dissemination of information, which may be the result of theft or the deliberate release of the information by an authorized user. Violation of confidentiality and/or privacy of users.
Information modification
An unauthorized modification of data or programs, which may be performed by a legitimate user or by an intruder. Loss of information and/or the ability to carry out subsequent security violations.
Information destruction
A deliberate or accidental deletion of information or damage to hardware. Loss of information or access to services.
Unauthorized use
A circumvention of the system’s user authentication services to make unauthorized use of a service. Loss of revenue to the service provider/owner.
Denial of service
Preventing a legitimate user from employing a service in a timely manner. Financial loss, unavailability of a mission-critical or life-critical system.
User deception
Causing a legitimate user to receive and believe false information purported to be true. Loss of information, leading to other possible violations of security.
Virus vs Worm
Viruses rely on host files, require user interaction, and focus on specific systems, while worms are self-replicating, exploit network vulnerabilities, and have the potential for widespread impact. Both malware types require appropriate security measures and practices to prevent infection and mitigate their risks.
A one-way hash function converts
a variable-length input string into a fixed-length output string in a manner that cannot be inverted.
