Key I-SEC Concepts Flashcards
Access
A subject or object’s ability to:
-use
-manipulate
-modify
or affect another subject or object.
Asset
The organizational resource that is being protected.
Attack -
An act that is an intentional or unintentional attempt to cause damage, or compromise the information and/or the systems that support it.
Control, Safeguard, or Countermeasure
Security mechanisms, policies, or procedures that can successfully counter an attack(s), reduce risk, resolve vulnerabilities; improve the security within an organization.
Exploit
To take advantage of weaknesses or vulnerability in a system.
Exposure
A single instance of being open to damage
Hack
Good: to use computers or systems for enjoyment;
Bad: to illegally gain access to a computer or system.
Object
A passive entity in the information system that receives or contains information
Security Blueprint
The plan for the implementation of new security measures in the organization
Security Model
A collection of specific security rules that represents the implementation of a security policy.
Security Posture or Security Profile
A general label for the combination of all policies, procedures, technologies, and programs that make up the total security effort currently in place.
Subject
An active entity that interacts with an information system andcauses information to move through the system for a specific end purpose
Threats
A category of objects, persons, or other entities that represents apotential danger to an asset.
Threat Agent
A specific instance or component of a more general threat.
Vulnerability
Weaknesses or faults in a system or protection mechanism that expose information to attack or damage
