Questions and Answers
What is the primary goal of authentication?
To determine the rightful user of a system
What is the primary focus of computer security?
Surviving malice and intentional attacks
What is the main concern in authentication over a network?
Message viewing by a third party
What is the goal of confidentiality in information security?
Signup and view all the answers
What is the role of cryptography in security protocols?
Signup and view all the answers
What is the term for attacks that aim to reduce access to information?
Signup and view all the answers
What is the purpose of authorization?
Signup and view all the answers
What is the result of a successful DoS attack on a company's website?
Signup and view all the answers
What is the requirement that ensures systems work promptly and service is not denied to authorized users?
Signup and view all the answers
What is the primary goal of an adversary in computer security?
Signup and view all the answers
What is the Stallings model component that ensures privacy preservation?
Signup and view all the answers
What is the term for preventing unauthorized writing of information?
Signup and view all the answers
What is the class of threats that involves the denial of service?
Signup and view all the answers
What is the term for intercepting confidential data?
Signup and view all the answers
What is the term for the protection of an automated information system?
Signup and view all the answers
What is the term for a network of compromised machines used for malicious activities?
Signup and view all the answers
Study Notes
Introduction to Information Security
- Computer security deals with computing in the presence of an adversary, unlike reliability, robustness, and fault tolerance, which deal with random failures.
- Adversaries are everywhere, and security is about surviving malice, not just mischance.
What is Computer Security?
- Protection afforded to an automated information system to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources.
- Includes hardware, software, firmware, information/data, and telecommunications.
Information Security Concepts
- Confidentiality: prevents unauthorized reading of information.
- Integrity: ensures unauthorized writing is prohibited.
- Availability: ensures data is accessible and usable upon demand.
- Authentication: determines the rightful user of a system through methods like passwords, smart cards, and cryptography.
- Authorization: places restrictions on the actions of authenticated users and allows only authorized users to have privileges over other users.
Stallings Model of Network Security Services
- Authentication: identifying users.
- Authorization: checking permission.
- Auditing: tracking users' actions.
- Confidentiality: privacy preservation.
- Integrity: avoids accidental or malicious data changes/deletions.
- Availability: keeps the system online for legitimate users.
Threats to Information Security
- A threat is a potential violation of security that attackers carry out or instigate others to do.
- Four classes of threats:
- Disruption: denial of service.
- Disclosure: release of potentially confidential data.
- Deception: acceptance of false data.
- Usurpation: unauthorized assumption of control.
Additional Threats
- Snooping or eavesdropping: interception of confidential information.
- Modification or alteration: changing data.
- Masquerading or spoofing: forging data about origin.
- Other threats include phishing, identity fraud, and spamming.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
