General knowledge Flashcards
What is computer security?
The protection afforded to an automated information system to preserve the integrity, availability, and confidentiality of information system resources.
What are the three key objectives of computer security known as?
CIA triad.
Define confidentiality from CIA.
Data confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals
Privacy - Assures that individuals control and influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.
Define Integrity from CIA.
Data integrity - Assures that information and programs are changed only in a specified and authorized manner
System integrity - Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.
What does availability from CIA assure?
Assures that systems work promptly and service is not denied to authorized users.
What is authenticity in computer security?
The property of being genuine and being able to be verified and trusted.
Define accountability in the context of computer security.
The ability to trace a security breach to a responsible party through records of system activities.
List the tangible assets of a computer system.
- Servers
- Networking equipment
- Storage devices
List the intangible assets of a computer system.
- Brand reputation
- Data
- Software and applications
- Encryption keys and certificates
What are vulnerabilities in a computer system?
Weaknesses that can be exploited, potentially leading to unauthorized access or damage.
What vulnerability can happen to a system in terms of confidentiality?
It can become leaky, allowing unauthorized access to information.
What vulnerabilities can happen to a system in terms of integrity?
It can be corrupted, leading to wrong outputs or functions.
What vulnerabilities can happen to a system in terms of availability?
It can become unavailable or very slow.
What is an Adversary? (Theat agent)
An entity that attacks, or is a threat to, a system
What is an attack?
A deliberate attempt to bypass security and cause harm to a system.
What is a counter measure?
An action or tool used to reduce or prevent security threats, vulnerabilities, or attacks.
What is risk?
The likelihood that a security weakness will be exploited and cause harm.
What is security policy?
A set of rules that guide how a system or organization protects its data and resources.
What is an asset?
Anything valuable in a system, like data, processing power, hardware, or facilities.
What is a threat?
A potential danger that could take advantage of a security weakness and cause harm.
What is a Vulnerability?
A flaw or weakness in a system that an attacker could exploit.
What is Auditability?
An ability of a system to conduct persistent monitoring of all actions
What is trustworthiness?
An ability of a system to verify identity and establish trust in third party
What is non-repudiation?
An ability of a system to confirm occurrence/non-occurrence of an action
What is privacy?
Ensuring that the system enables individuals to control their personal information