Introduction Flashcards
Explain the terms method , opportunity and motive ?
• Method: The skills knowledge and tools that enable the attack • Opportunity: The time, access and circumstances that allow for the attack • Motive: The reason why the perpetrator wants to commit the attack
Who are the types of people involved in computer security?
Amateurs Crackers Criminals Regular users
Who are amateurs ?
Accidental access to unauthorized resources and execution of unauthorized operations (no harm to regular users
Who are crackers?
Active attempts to access sensitive resources and to discover system vulnerabilities (minor inconveniences to regular users)
Who are criminals?
Active attempts to utilize weaknesses in protection system in order to steal or destroy resources (serious problems to regular users
what is an attack ?
A human exploitation of a vulnerability.
what is a Vulnerability ?
A weakness in the security system
what is a Control?
A protective measure. An action, device
or measure taken that removes, reduces or
neutralizes a vulnerability.
what is a threat?
a set of circumstances that has the
potential to cause loss or harm.
what is a risk?
Probabilities that some threat or problem
will occur due to system vulnerabilities
What are the categories of attacks
Attacks on hardware , Attacks on software , Attacks on data
what are the categories of threats
Interruption : A resource is lost,unavailable
or unusable
Interception : Unauthorized access to some
computer resource
Modification : Illegal or accidental change
(tampering) with a resource
Fabrication : Creation of illegal or
incorrect resources
what are the principals of computer security
Confidentiality .
Integrity
Availability
Functionality
What are the protection methods that are available
Encryption
Policies
Physical controls
SW & HW Controls
