UNIT 9 Flashcards
the protection of computer systems and information from harm, theft, and
unauthorized use. Computer hardware is typically protected by the same means used to protect
other valuable or sensitive equipment, namely, serial numbers, doors and locks, and alarms. The
protection of information and system access, on the other hand, is achieved through other tactics,
some of them quite complex.
Computer security
deals with the protection of computer systems
and information from harm, theft, and unauthorized use.
Computer security
is the practice of defending computers, servers, mobile devices, electronic systems,
networks, and data from malicious attacks. It’s also known as information technology security or
electronic information security.
Cyber security
CYBER SECURITY
is the practice of securing a computer network from intruders, whether
targeted attackers or opportunistic malware.
Network security
CYBER SECURITY
focuses on keeping software and devices free of threats. A
compromised application could provide access to the data its designed to protect. Successful security begins in the design stage, well before a program or device is deployed.
Application security
CYBER SECURITY
protects the integrity and privacy of data, both in storage and in
transit
Information security
CYBER SECURITY
includes the processes and decisions for handling and protecting data
assets. The permissions users have when accessing a network and the procedures that
determine how and where data may be stored or shared all fall under this umbrella.
Operational security
CYBER SECURITY
_____ and business continuity define how an organization responds to a cybersecurity incident or any other event that causes the loss of operations or data. Disaster
recovery policies dictate how the organization restores its operations and information to
return to the same operating capacity as before the event. Business continuity is the plan
the organization falls back on while trying to operate without certain resources.
Disaster recovery
CYBER SECURITY
addresses the most unpredictable cyber-security factor: people.
Anyone can accidentally introduce a virus to an otherwise secure system by failing to follow
good security practices. Teaching users to delete suspicious email attachments, not plug in
unidentified USB drives, and various other important lessons is vital for the security of any
organization
End-user education
CIA THREE MAIN PRINCIPLES
is ensuring that information is available only to the intended audience – An
organization obtains or creates a piece of sensitive data that will be used in the course of
its business operations. Because the data is sensitive, that data should only be able to be
seen by the people in the organization that need to see it in order to do their jobs. It should
be protected from access by unauthorized individuals.
Confidentiality
CIA THREE MAIN PRINCIPLES
is protecting information from being modified by unauthorized parties – Integrity
involves maintaining the accuracy, consistency and trustworthiness of data. Data must not
be changed whilst at rest or in transit by unauthorized individuals (which would demonstrate a breach of confidentiality). Integrity of data is commonly ensured by
implementing security measures such as file permissions and access control models.
Version controls can also be utilized to avoid changes to data made accidentally by
authorized individuals
Integrity
CIA THREE MAIN PRINCIPLES
is protecting information from being modified by unauthorized parties – When
the individual that needs that piece of data to perform a job duty is ready to utilize it, it
must be readily accessible (i.e. online) in a timely and reliable manner so the job task can
be completed on time and the company can continue its processing. Availability means
that authorized individuals are able to access their data whenever they want.
Availability
Good Security Practices for Individuals
Software may include bugs as discussed in the previous modules. To limit the
vulnerabilities, make sure that the instructions for install of a software is followed, the
acquisition of the software is legitimate. Anti-virus and anti-malware should also be
installed and kept up to date.
Install anti-virus and anti-malware software
Good Security Practices for Individuals
Reusing passwords or having the same password for multiple accounts, websites, and
other systems will become more vulnerable. Do not save passwords on websites and
devices that are unsecure. Remember to change your passwords on a schedule to keep
them fresh
Use a strong password
Good Security Practices for Individuals
Yes, the business centers and cybercafes that offer the use of a computer system is
convenient, but not secure. Since anyone can use them for anything, they have probably
been exposed to viruses, worms, trojans, keyloggers, and other nasty malware. Should you
use them at all? When using a public area computer, be sure to completely log off when
you are finished using it.
Log off public computers