Exam 1 Extra Study Flashcards
CVE
Common Vulnerabilities + Exposures
Security
To be free from danger is the goal , the process that achieves that freedom
Information Security
The tasks of securing information in a digital format:
Manipulated by a microprocessor
Preserved on a storage device
Transmitted over a network
Asset
Item that has value
Threat
Type of action that has the potential to cause harm
Threat Actor
A person or element with power to carry out a threat
Vulnerability
Flaw or weakness that allows a threat agent to bypass security
Threat Vector
The means by which an attack can occur
Risk
A situation that involves exposure to some type of danger
Risk response techniques:
Accept – risk is acknowledged but no steps are taken to address it
Transfer – transfer risk to a third party
Avoid – identifying risk but making the decision to not engage in the activity
Mitigate – attempt to address risk by making the risk less serious
Cyberterrorism
Any premeditated, politically motivated attack against information, computer systems, computer programs, and data
5 Fundamental Security Principles
Layering
Limiting
Diversity
Obscurity
Simplicity - Simple from inside / Complex from outside
Malware
Malicious software
Malware Attacks
Circulation - spreading rapidly to other systems in order to impact a large number of users
Infection - how it embeds itself into a system
Concealment - avoid detection by concealing its presence from scanners
Payload capabilities - what actions the malware performs
Circulation
Viruses / Worms
