Reading 1 Flashcards
(26 cards)
Computer system
hardware,software,data that have value and deserve security protection
Assets
Protection of the items you value
Value of an asset depends on what?
User own interpretation of the assets
Vulnerability
weakness that could be exploited to cause harm.
Threat
to a computing system is a set of circumstances that has the potential to cause harm or loss.
Attack
human who exploits a vulnerabilityu
We consider potential harm to assets by what two ways?
We can look at what bad things happens to assets.
We can look at who or what can cause or allow bad things to happen.
Availability
Ability of a system to ensure that an asset can be used by any authorized parties.
Integrity
Ability of a system to ensure that an asset is modified only by authorized parties.
Confidentiality
Ability of a system to ensure that an asset is viewed only by authorized parties.
CIa triad
stands for confidentiality, availability, and integrity basis for all cyber security.
Security triad
CIA triad plus accountability
Authentuication
Ability of a system to confirm the identity of a sender.
Accountability
ability of a system to confirm that a sender cannot convincingly deny having sent something.
Subject
Person process or program
Object
data item
Access mode
The kind of access
Policy
Authorization
Access control
computer security controls all accesses by all subject to all protected objects in all mode of access.
Prevent
Blocking attack or closing the vulnerabiltiies
Deter
Making the attack harder but not impossible.
Deflect
Making it another target more attractive.
Physical controls
sto por block an attack by using something tangible.
Procedural controls
use command agreement to stop attack
