Chapter 7 Flashcards
complex ensemble of techniques, technologies, regulations, and behaviors that collaboratively protect the integrity of and access to computer systems and data
Information Security
Confidentiality
characteristic of something made accessible to authorized parties only
Integrity
characteristic of not having been altered by an unauthorized party
Availability
characteristic of being accessible and usable during a specified time period.
Authenticity
is the characteristic of something having been provided by an authorized source
Non-repudiation
inability of a party to deny or challenge the authentication of an interaction
Security Controls
Counter measures used to prevent or respond to security threats and reduce/avoid risk
Security Mechanisms
are components comprising a defensive framework that protects IT resources, information, and services
Counter measures are typically described in terms of
security mechanisms
Security policy
establishes a set of security rules and regulations and how they’re implemented
Risk
is the potential unwanted and unexpected loss that may result from a give action
Vulnerability
flaw, gap or weakness in an IT env that leaves an organization open to breaches
occurs when an attacker is able to take advantage of vulnerabiltiy
exploit
vulnerability that an organization is either unaware of or for which it has not been able to yet provide a patch or fix
Exploit
any incident that may result in unauthorized access to information or systems.
Security Breach
type of security breach whereby an attacker is able to steal confidential information.
data breach