17 Questions
What are active attacks?
Attempts to alter system resources
What are inside attacks?
Initiated by an entity inside the security perimeter
What is a countermeasure in computer security?
Any means taken to deal with a security attack, and it can prevent or detect and recover from the effects of an attack
What is computer security?
The protection of automated information systems to achieve the objectives of preserving confidentiality, integrity, and availability.
What is the difference between confidentiality and privacy?
Confidentiality refers to the assurance that private or confidential information is not disclosed to unauthorized individuals, while privacy ensures individual control over collected information.
What is the purpose of availability in computer security?
To ensure that systems work promptly, and service is not denied to authorized users.
What is the difference between active attacks and passive attacks?
Active attacks attempt to alter system resources, while passive attacks attempt to learn or use information from the system without affecting resources.
What is a countermeasure in computer security?
Any means taken to deal with a security attack, and it can prevent or detect and recover from the effects of an attack.
What is an asset in computer security?
The set of components within a perimeter.
What is the MITRE ATT&CK framework?
A structured approach that describes how attacks can be conducted and how countermeasures can be put in place.
What is the definition of computer security according to the NIST Computer Security Handbook?
The protection of automated information systems to achieve the objectives of preserving confidentiality, integrity, and availability
What is the difference between confidentiality and privacy in computer security?
Confidentiality refers to the assurance that private or confidential information is not disclosed to unauthorized individuals, while privacy ensures individual control over collected information
What does integrity cover in computer security?
Data and system integrity, which assure that information and programs are changed only in an authorized manner and that a system performs its intended function free from manipulation
What does availability ensure in computer security?
That systems work promptly, and service is not denied to authorized users
What is the difference between active and passive attacks in computer security?
Active attacks attempt to alter system resources, while passive attacks attempt to learn or use information from the system without affecting resources
What is the difference between inside and outside attacks in computer security?
Inside attacks are initiated by an entity inside the security perimeter, while outside attacks are initiated by unauthorized or illegitimate users outside the perimeter
What is a countermeasure in computer security?
Any means taken to deal with a security attack, and it can prevent or detect and recover from the effects of an attack
Study Notes
Understanding Computer Security: Key Concepts and Terms
- The NIST Computer Security Handbook defines computer security as the protection of automated information systems to achieve the objectives of preserving confidentiality, integrity, and availability.
- Confidentiality refers to the assurance that private or confidential information is not disclosed to unauthorized individuals, while privacy ensures individual control over collected information.
- Integrity covers data and system integrity, which assure that information and programs are changed only in an authorized manner and that a system performs its intended function free from manipulation.
- Availability ensures that systems work promptly, and service is not denied to authorized users.
- Computer security is a process that involves hardware, software, and people, and it focuses on balancing protection of confidentiality, integrity, and availability while maintaining efficient policy implementation.
- Cyber attacks are aimed at making one or more security pillars ineffective, and they can target users or carriers of an asset, causing direct damage.
- Active attacks attempt to alter system resources, while passive attacks attempt to learn or use information from the system without affecting resources.
- Inside attacks are initiated by an entity inside the security perimeter, while outside attacks are initiated by unauthorized or illegitimate users outside the perimeter.
- A countermeasure is any means taken to deal with a security attack, and it can prevent or detect and recover from the effects of an attack.
- An asset is the set of components within a perimeter, while an attack surface refers to the surface that can be potentially used by attackers, including hardware, software, and network components.
- Early computer security problems included moths found in a Navy computer and tone-producing "blue boxes" used to make free phone calls, which were later replaced by Cap'n Crunch cereal box whistles.
- Understanding computer security requires a structured approach, such as the MITRE ATT&CK framework, that describes how attacks can be conducted and how countermeasures can be put in place.
Understanding Computer Security: Key Concepts and Terms
- The NIST Computer Security Handbook defines computer security as the protection of automated information systems to achieve the objectives of preserving confidentiality, integrity, and availability.
- Confidentiality refers to the assurance that private or confidential information is not disclosed to unauthorized individuals, while privacy ensures individual control over collected information.
- Integrity covers data and system integrity, which assure that information and programs are changed only in an authorized manner and that a system performs its intended function free from manipulation.
- Availability ensures that systems work promptly, and service is not denied to authorized users.
- Computer security is a process that involves hardware, software, and people, and it focuses on balancing protection of confidentiality, integrity, and availability while maintaining efficient policy implementation.
- Cyber attacks are aimed at making one or more security pillars ineffective, and they can target users or carriers of an asset, causing direct damage.
- Active attacks attempt to alter system resources, while passive attacks attempt to learn or use information from the system without affecting resources.
- Inside attacks are initiated by an entity inside the security perimeter, while outside attacks are initiated by unauthorized or illegitimate users outside the perimeter.
- A countermeasure is any means taken to deal with a security attack, and it can prevent or detect and recover from the effects of an attack.
- An asset is the set of components within a perimeter, while an attack surface refers to the surface that can be potentially used by attackers, including hardware, software, and network components.
- Early computer security problems included moths found in a Navy computer and tone-producing "blue boxes" used to make free phone calls, which were later replaced by Cap'n Crunch cereal box whistles.
- Understanding computer security requires a structured approach, such as the MITRE ATT&CK framework, that describes how attacks can be conducted and how countermeasures can be put in place.
Test your knowledge of computer security with this quiz! Discover the key concepts and terms that are crucial to understanding computer security, such as confidentiality, integrity, and availability. Learn about the different types of cyber attacks, including passive and active attacks, inside and outside attacks, and discover how to implement countermeasures to prevent or recover from security attacks. This quiz will also take you through the history of early computer security problems and the tools used to exploit vulnerabilities. Take the quiz now to see how well you
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free