Security + Chapter 1 Flashcards

Questions and Answers

What is information security?

Protection of available information or information resources. Necessary for a responsible individual or organization to secure confidential information. Minimize business risks and other consequences of losing crucial data.

What to protect?

Data and resources.

What is the goal of security regarding prevention?

Protect personal information, company information, and intellectual property.

What is the goal of security regarding detection?

Detection is discovering attempts to access unauthorized data or identifying lost information.

What is the goal of security regarding recovery?

To employ a process to recover vital data from lost files or devices.

What are vulnerabilities?

Conditions that leave a system open to attack.

What is a threat?

An event or action that could violate a security requirement, policy, or procedure.

What is an attack?

A technique used to exploit a vulnerability without authorization.

What is an intrusion?

Accessing a computer system without authorization.

What are risks?

Exposure to the chance of damage or loss.

What are controls?

Countermeasures to avoid, mitigate, or counteract security risks.

What are prevention controls?

Controls that prevent threats or attacks from exposing vulnerabilities.

What are detection controls?

Controls that discover if a threat or vulnerability has entered a system.

What are correction controls?

Controls that mitigate the consequences of threats or attacks.

What is involved in the Security Management process - Identification?

Detecting problems and determining protection methods.

What is involved in the Security Management process - Implementation?

Installing control mechanisms to prevent problems.

What is involved in the Security Management process - Monitoring?

Detecting and solving security issues post-implementation.

Flashcards are hidden until you start studying

Study Notes

Information Security

• Protects information and information resources to ensure confidentiality and minimize risks.
• Essential for individuals and organizations to safeguard crucial data against loss.

What to Protect

• Data: Refers to the information assets of individuals or organizations.
• Resources: Include both virtual (files, memory locations, network connections) and physical components (devices) of a system.

Goals of Security: Prevention

• Protect personal, company, and intellectual property information.
• Breaches in any sector can lead to significant recovery efforts and losses.

Goals of Security: Detection

• Involves identifying unauthorized access attempts or data losses.

Goals of Security: Recovery

• Implements processes to recover crucial data from system crashes or storage device failures.
• Recovery can also apply to physical resources.

Vulnerabilities

• Situations that expose systems to attacks; can stem from various sources, including:
  • Misconfigurations in hardware or software.
  • Software bugs and design flaws.
  • Poor physical security measures.
  • Weak passwords and unchecked user inputs.

What is a Threat

• Defined as any potential event or action that could breach security protocols.
• Threats include unauthorized access, service interruptions, damage to hardware, and facility breaches.

What is an Attack

• Techniques used to exploit vulnerabilities in applications without authorization.
• Types of attacks consist of physical security breaches, network-based (including wireless), software exploitation, social engineering, and web application attacks.

What are Intrusions

• Occur when unauthorized access to computer systems takes place.
• Types of intrusions encompass physical intrusions, host-based, and network-based intrusions.

What are Risks

• Involves exposure to potential damage or loss, notably in IT systems.
• Ignoring risks can lead to catastrophic operational outages.

What are Controls

• Countermeasures to mitigate security risks from threats or attacks.
• Controls are solutions that support information security strategies, classified as prevention, detection, and correction.

Prevention Controls

• Aim to prevent threats from exploiting vulnerabilities in systems.

Detection Controls

• Help identify if threats or vulnerabilities have entered a computer system.

Correction Controls

• Mitigate the impact of threats or attacks on computer systems.

Security Management Process: Identification

• Involves detecting issues and determining protective measures.
• Log security breach details and select identification techniques like Network Intrusion Detection Systems (NIDS).

Security Management Process: Implementation

• Entails installing controls to protect systems.
• Involves authenticating users and implementing security measures like intrusion detection (IDS) and prevention systems (IPS).

Security Management Process: Monitoring

• Detects and resolves issues post-implementation of security controls.
• Involves testing the effectiveness of controls against further attacks.