Fundamentals

Question 1

Information Security

Answer 1

Protects the data

Question 2

Information Systems Security

Answer 2

Protects the devices that holds and process the data

Question 3

Threat

Answer 3

Anything that could cause harm, loss, damage, or compromise to information technology systems.

Question 4

Threats incidents

Answer 4

• Natural disasters
• Cyber-attacks
• Data integrity breaches
• Disclosure of confidential information

Question 5

Vulnerabilities examples

Answer 5

• Software bugs
• Misconfigured software
• Improperly protected network devices
• Missing security patches
• Lack of physical security

Question 6

Vulnerability

Answer 6

Any weakness in the system design or implementation.

Question 7

Threat x Vulnerability

Answer 7

• Threats are originated from external sources and cannot be controlled.
• Vulnerabilities can be controlled by mitigating, transferring, avoiding or accepting the risk.

Intersection of threats and vulnerabilities is where the risk to enterprise systems and networks lies

Question 8

Threat + No Vulnerability = Is there any risk?

Answer 8

No Risk

Question 9

Vulnerability + No Threat = Is there any risk?

Answer 9

No Risk

Question 10

Vulnerability + Threat = Is there any risk?

Answer 10

Yes! There are some risk envolved.

Question 11

Think about daily analogies for Threats and Vulnerabilites.

Answer 11

While going from home to job…
You car can break in the middle of way = lack of maintenance [VULNERABILITY]
Another driver can cause an accident = Another driver dangerous driving [THREAT]