Podcast
Questions and Answers
What is the primary focus of computer security?
What is the primary focus of computer security?
What is the term used to describe the ability to access computer-related assets only by authorized parties?
What is the term used to describe the ability to access computer-related assets only by authorized parties?
What is meant by the modification of assets in the context of computer security?
What is meant by the modification of assets in the context of computer security?
What is the term used to describe the prevention of access to computer-related assets?
What is the term used to describe the prevention of access to computer-related assets?
Signup and view all the answers
What is the term used to describe the combination of confidentiality, integrity, and availability?
What is the term used to describe the combination of confidentiality, integrity, and availability?
Signup and view all the answers
What determines the value of an asset in computer security?
What determines the value of an asset in computer security?
Signup and view all the answers
What is the primary goal of computer security in relation to assets?
What is the primary goal of computer security in relation to assets?
Signup and view all the answers
What is the term used to describe the ability to access computer-related assets at appropriate times?
What is the term used to describe the ability to access computer-related assets at appropriate times?
Signup and view all the answers
What is a vulnerability in a security system?
What is a vulnerability in a security system?
Signup and view all the answers
What is a threat to a computing system?
What is a threat to a computing system?
Signup and view all the answers
What is an attacker?
What is an attacker?
Signup and view all the answers
What is a control in a security system?
What is a control in a security system?
Signup and view all the answers
What is an example of a nonhuman threat?
What is an example of a nonhuman threat?
Signup and view all the answers
What is an example of a nonmalicious harm?
What is an example of a nonmalicious harm?
Signup and view all the answers
What is an example of a malicious attack?
What is an example of a malicious attack?
Signup and view all the answers
What is an example of a random attack?
What is an example of a random attack?
Signup and view all the answers
What is the reason why a malicious attacker performs an attack?
What is the reason why a malicious attacker performs an attack?
Signup and view all the answers
What is one way to exploit a hardware vulnerability?
What is one way to exploit a hardware vulnerability?
Signup and view all the answers
What is an example of a software alteration vulnerability?
What is an example of a software alteration vulnerability?
Signup and view all the answers
Why is hardware security usually the concern of a small staff?
Why is hardware security usually the concern of a small staff?
Signup and view all the answers
What is an example of machinicide?
What is an example of machinicide?
Signup and view all the answers
What is a method used by an attacker to succeed?
What is a method used by an attacker to succeed?
Signup and view all the answers
What can enhance the security of hardware components?
What can enhance the security of hardware components?
Signup and view all the answers
What is an example of software deletion?
What is an example of software deletion?
Signup and view all the answers
What kind of harm could a company experience from electronic espionage?
What kind of harm could a company experience from electronic espionage?
Signup and view all the answers
What is the main concern in preserving confidentiality, integrity, and availability of data?
What is the main concern in preserving confidentiality, integrity, and availability of data?
Signup and view all the answers
What is a key aspect of a program with high quality?
What is a key aspect of a program with high quality?
Signup and view all the answers
Who might want to attack a program that displays the current time and temperature of a city?
Who might want to attack a program that displays the current time and temperature of a city?
Signup and view all the answers
What type of harm might an attacker want to cause to a program that allows consumers to order products from the web?
What type of harm might an attacker want to cause to a program that allows consumers to order products from the web?
Signup and view all the answers
What is a potential vulnerability in a program that accepts and tabulates votes in an election?
What is a potential vulnerability in a program that accepts and tabulates votes in an election?
Signup and view all the answers
Who might want to attack a program that allows a surgeon to assist in an operation remotely?
Who might want to attack a program that allows a surgeon to assist in an operation remotely?
Signup and view all the answers
What type of control could be instituted to limit the vulnerability of a program that secretly leaks a list of employees' salaries?
What type of control could be instituted to limit the vulnerability of a program that secretly leaks a list of employees' salaries?
Signup and view all the answers
What is the primary reason for controlling access to software?
What is the primary reason for controlling access to software?
Signup and view all the answers
What is a type of software modification that causes it to fail or perform an unintended task?
What is a type of software modification that causes it to fail or perform an unintended task?
Signup and view all the answers
What is a program that overtly does one thing while covertly doing another?
What is a program that overtly does one thing while covertly doing another?
Signup and view all the answers
What is a specific type of Trojan horse that can spread its infection from one computer to another?
What is a specific type of Trojan horse that can spread its infection from one computer to another?
Signup and view all the answers
What is a program that has a secret entry point?
What is a program that has a secret entry point?
Signup and view all the answers
What is an unauthorized copying of software?
What is an unauthorized copying of software?
Signup and view all the answers
Who is responsible for software security?
Who is responsible for software security?
Signup and view all the answers
What is a code that makes information accessible to unauthorized people or programs?
What is a code that makes information accessible to unauthorized people or programs?
Signup and view all the answers
Study Notes
Computer Security
- Computer security is the protection of computer-related assets, including hardware, software, data, people, processes, or combinations of these.
- Assets can be valued based on factors such as personal, time-dependent, replicable, or cost of loss.
Computer Security Goals
- The three important aspects of computer security are confidentiality, integrity, and availability.
- Confidentiality ensures that assets are accessed only by authorized parties.
- Integrity means that assets can be modified only by authorized parties or only in authorized ways.
- Availability means that assets are accessible to authorized parties at appropriate times.
Vulnerabilities, Threats, Attacks, and Controls
- A vulnerability is a weakness in the security system that might be exploited to cause loss or harm.
- A threat is a set of circumstances that has the potential to cause loss or harm.
- An attacker is a human who exploits a vulnerability to perpetrate an attack on the system.
- A control is an action, device, procedure, or technique that removes or reduces a vulnerability.
- Harm is the negative consequence of an actualized threat.
Types of Threats
- Nonhuman threats include natural disasters, loss of electrical power, component failure, or attack by a wild boar.
- Human threats can be nonmalicious (accidental) or malicious (intentional).
- Malicious attacks can be random or directed.
Attacker Requirements
- A malicious attacker must have three things to succeed: method (skills, knowledge, tools), opportunity (time and access), and motive (reason to want to perform the attack).
Vulnerabilities of Computing Systems
Hardware Vulnerabilities
- Visible attack: adding, changing, removing, intercepting, or flooding devices with traffic.
- Physical attack: drenching with water, burning, freezing, gassing, or electrocuting with power surges.
- Machinicide: intentionally harming computer hardware or software.
- Simple physical measures like locks and guards can enhance hardware security.
Software Vulnerabilities
- Software alteration: exploiting software vulnerability, such as truncating fractional interest on an account.
- Software deletion: accidentally erasing a file or replacing a good copy of a program with a bad one.
- Software modification: causing software to fail or perform an unintended task, including logic bombs, Trojan horses, viruses, trapdoors, and information leaks.
Harm from Electronic Espionage or Unauthorized Viewing of Confidential Materials
- Examples of harm include theft of trade secrets, loss of competitive advantage, and legal liabilities.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Related Documents
Description
Learn about the protection of computer-related assets and the three important aspects of computer security: confidentiality, integrity, and availability.
