Section 1 Overview to Security Flashcards
Act of protecting data and information from unauthorized access, unlawful modification and disruption, disclosure, corruption, and destruction.
Information Security
Act of protecting the systems that hold and process our critical data.
Information Security Systems
Confidentiality, Integrity, Availability
CIA Trad
Information has not been disclosed to unauthorized people.
Confidentiality
Information has not been modified or altered without proper authorization.
Integrity
Information is able to be stored, accessed, or protected at all times.
Availability
When a person’s identity is established with proof and confirmed by all systems. Example: Logging in
Authentication
- Something you know
- Something you have
- Something you are
- Something you do
- Somewhere you are
Five methods of Authentication
Occurs when a user is given access to a certain piece of data or certain areas of a building.
Authorization
Tracking of data, computer usage, and network resources. (Information is stored in a log file)
Accounting
Occurs when you have proof that someone has taken an action.
Non-Repudiation
Short-hand term for malicious software.
Malware
Occurs when a computers crashes or an individual application fails.
System Failure
Occurs when access to a computer resources and data happens without the consent of the owner.
Unauthorized Access
Act of manipulating users into revealing confidential information or performing other detrimental actions.
Social Engineering
Alarm systems, locks, surveillance, cameras, identification cars, and security guards.
Physical Controls
Smart cords, encryption, access control list (ACL’s), intrusion detection systems, and network authentication.
Technical Controls
Policies, procedures, security awareness training, contingency, planning, and disaster recovery plans. (Sometimes called Managerial Controls)
Administrative Controls