Internet Security Flashcards
refers to the online security or safety of
people and their information when using the internet.
Internet Safety
Is network etiquette, the dos and
don’ts of online communication
Netiquette
is roughly equivalent to privacy.
Confidentiality measures are designed to prevent sensitive information from
unauthorized access attempts.
Confidentiality
involves maintaining the consistency,
accuracy, and trustworthiness of data over its entire lifecycle. Data must not be changed in transit, and steps must be taken to ensure data cannot be altered by unauthorized people
Integrity
means information should be
consistently and readily accessible for
authorized parties. This involves properly
maintaining hardware and technical
infrastructure and systems that hold and
display the information.
Availability
A circumstance or event whereby an entity
gains access to data for which the entity is not authorized.
Unauthorized Disclosure (threat consequence)
A circumstance or event that interrupts or
prevents the correct operation of system services and functions.
Disruption (threat consequence)
A circumstance or event that may result in an authorized entity receiving false data and believing it to be true.
Deception (threat consequence)
A circumstance or event that results in control of system services or functions by an unauthorized entity.
Usurpation (threat consequence)
Sensitive data are directly released to an unauthorized entity.
Exposure (threat action (attack))
An unauthorized entity directly accesses sensitive data traveling between authorized sources and destinations.
Interception (threat action attack)
A threat action whereby an unauthorized entity indirectly accesses sensitive data by reasoning from characteristics or byproducts of communications.
Inference (threat action attack)
An unauthorized entity gains access to sensitive data by circumventing a system’s security protections.
Intrusion (threat action attack)
prevents or interrupts system operation by disabling a system component.
Incapacitation (threat action attack)
undesirably alters system operation by adversely modifying system functions or data.
Corruption (threat action attack)
a threat action that interrupts the delivery of system services by hindering system operation.
Obstruction (threat action attack)
an unauthorized entity gains access to a system or performs a malicious act by posing as an authorized entity.
Masquerade (threat action attack)