Security Definitions Flashcards
What is Information Security
Protection of info and resources from unauthorized access, attacks, thefts. or data
What is Risk
Concept that indicates exposure to the chance of damage or loss
What is a Threat
event or action that could potentially cause damage to asset
What is a Vulnerability
Condition that leaves system open to harm
What are Intrusions
attacker accesses computer system without the authorization to do so
What are Attacks
exploit vulnerability in application or physical computer system without authorization to do so
What are Controls
Countermeasures that you need to put in place to avoid, mitigate, or counteract security risks
What is Non-Repudiation
party remains associated with data they created or transferred
What is Identification
Ensuring the entity requesting access is true
What is Authentication
method of validating particular entity credentials
What is Authorization
determining rights and privileges of entity
What is Access Control
Determining and assigning privileges to various resources, objects or data
What is Accounting
Tracking/ recording system activities
What is Auditing
examining logs of what was recorded
What is Implicit Deny
not explicitly allowed is denied
What is Least Privilege
user and software only access what they need
What is Privilege Bracketing
given at beginning and taken away at end
What is Separation of Duties
no one person has to much power of responsibility
What is Job Rotation
no one stays in one job to long
What is Mandatory Vacation
opportunity to review employee’s activities
What are Time of Day Restrictions
What times users are allowed access
What are Orphaned Accounts
user accounts remain active after employee has left
What is Privilege Management
administration of user and group access control
What is Cryptography
science of hiding info