Security + Chapter 1 Flashcards

Questions and Answers

What is information security?

Protection of available information or information resources. Necessary for a responsible individual or organization to secure confidential information. Minimize business risks and other consequences of losing crucial data.

What to protect?

Data and resources.

What is the goal of security regarding prevention?

Protect personal information, company information, and intellectual property.

What is the goal of security regarding detection?

Detection is discovering attempts to access unauthorized data or identifying lost information.

What is the goal of security regarding recovery?

To employ a process to recover vital data from lost files or devices.

What are vulnerabilities?

Conditions that leave a system open to attack.

What is a threat?

An event or action that could violate a security requirement, policy, or procedure.

What is an attack?

A technique used to exploit a vulnerability without authorization.

What is an intrusion?

Accessing a computer system without authorization.

What are risks?

Exposure to the chance of damage or loss.

What are controls?

Countermeasures to avoid, mitigate, or counteract security risks.

What are prevention controls?

Controls that prevent threats or attacks from exposing vulnerabilities.

What are detection controls?

Controls that discover if a threat or vulnerability has entered a system.

What are correction controls?

Controls that mitigate the consequences of threats or attacks.

What is involved in the Security Management process - Identification?

Detecting problems and determining protection methods.

What is involved in the Security Management process - Implementation?

Installing control mechanisms to prevent problems.

What is involved in the Security Management process - Monitoring?

Detecting and solving security issues post-implementation.

Flashcards

Information Security

Protecting information and resources to ensure confidentiality and minimize risks.

Data

Information assets of individuals or organizations.

Resources

Virtual and physical components of a system, such as files and devices.

Prevention (Security Goal)

Preventing unauthorized access and protecting valuable information.

Detection (Security Goal)

Identifying unauthorized access attempts or data losses.

Recovery (Security Goal)

Restoring crucial data from system failures or device crashes.

Vulnerabilities

Situations exposing systems to attacks due to flaws or weaknesses.

Threat

Potential events that could breach security protocols.

Attack

Techniques to exploit application vulnerabilities without authorization.

Intrusion

Unauthorized access to computer systems.

Risk

Exposure to potential damage or loss in IT systems.

Controls

Countermeasures to mitigate security risks from threats or attacks.

Prevention Controls

Controls aimed at stopping threats from exploiting system vulnerabilities.

Detection Controls

Tools which help identify when threats have entered a system.

Correction Controls

Steps aimed at mitigating the damage caused by a threat.

Identification (Security Management)

Detecting issues and finding protective measures.

Implementation (Security Management)

Installing controls to protect systems, like user authentication.

Study Notes

Information Security

• Protects information and information resources to ensure confidentiality and minimize risks.
• Essential for individuals and organizations to safeguard crucial data against loss.

What to Protect

• Data: Refers to the information assets of individuals or organizations.
• Resources: Include both virtual (files, memory locations, network connections) and physical components (devices) of a system.

Goals of Security: Prevention

• Protect personal, company, and intellectual property information.
• Breaches in any sector can lead to significant recovery efforts and losses.

Goals of Security: Detection

• Involves identifying unauthorized access attempts or data losses.

Goals of Security: Recovery

• Implements processes to recover crucial data from system crashes or storage device failures.
• Recovery can also apply to physical resources.

Vulnerabilities

• Situations that expose systems to attacks; can stem from various sources, including:
  • Misconfigurations in hardware or software.
  • Software bugs and design flaws.
  • Poor physical security measures.
  • Weak passwords and unchecked user inputs.

What is a Threat

• Defined as any potential event or action that could breach security protocols.
• Threats include unauthorized access, service interruptions, damage to hardware, and facility breaches.

What is an Attack

• Techniques used to exploit vulnerabilities in applications without authorization.
• Types of attacks consist of physical security breaches, network-based (including wireless), software exploitation, social engineering, and web application attacks.

What are Intrusions

• Occur when unauthorized access to computer systems takes place.
• Types of intrusions encompass physical intrusions, host-based, and network-based intrusions.

What are Risks

• Involves exposure to potential damage or loss, notably in IT systems.
• Ignoring risks can lead to catastrophic operational outages.

What are Controls

• Countermeasures to mitigate security risks from threats or attacks.
• Controls are solutions that support information security strategies, classified as prevention, detection, and correction.

Prevention Controls

• Aim to prevent threats from exploiting vulnerabilities in systems.

Detection Controls

• Help identify if threats or vulnerabilities have entered a computer system.

Correction Controls

• Mitigate the impact of threats or attacks on computer systems.

Security Management Process: Identification

• Involves detecting issues and determining protective measures.
• Log security breach details and select identification techniques like Network Intrusion Detection Systems (NIDS).

Security Management Process: Implementation

• Entails installing controls to protect systems.
• Involves authenticating users and implementing security measures like intrusion detection (IDS) and prevention systems (IPS).

Security Management Process: Monitoring

• Detects and resolves issues post-implementation of security controls.
• Involves testing the effectiveness of controls against further attacks.