Definitions Flashcards
Logical Assets
Assets that exist as data or intellectual property
Physical Assets
those assets which are tangible objects and materials.
Information Security
2 definitions
Protecting information and information systems from unauthorized access, use, disclosure disruption, modification, or destruction.
Protect data and systems from those who seek to misuse them, intentionally or unintentionally, or those who shouldn’t have access at all.
PCI DSS (Payment card industry data security standards are what?
Applies to companies that process credit card payments
FISMA (Federal Information Security Management Act)
Defines security standards for many federal agencies in the USA
Confidentiality
Our ability to protect our data from those who are not authorized to use it.
Integrity
The ability to prevent people from changing your data in an unauthorized or undesirable manner.
Availability
Refers to the ability to access our data when we need it
Parkerian Hexad?
a more thorough model for assessing information security than CIA.
Possession / Control
refers to the physical disposition of the media on which the data is stored.
Authenticity
Allows you to say whether you’ve attributed the data in question to it’s proper owner or creator
Utility
How useful is the data to you?
Interception Attack:
allows unauthorized users to access your data, applications or environments. Primarily attacks against confidentiality.
Data at Rest
stored data that isn’t in the process of being moved from one place to another
Data in Motion
data in the process of being moved from one place to another