IAS chap 1 Flashcards
Pasadong Midterm cutiee (37 cards)
fIs the protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information.
Is about protecting sensitive information from being stolen, misused, or damaged.
A set of security procedures and tools that broadly protect sensitive enterprise information
It refers to the processes and tools designed and deployed to protect sensitive business information
Information Security
The first operating system to integrate security into its core functions
MULTICS
Is the assurance that someone cannot deny the validity of something.
Assurance that the sender is provided with proof of a data delivery and recipient is provided with proof of the sender’s identity, so that neither can later deny having processed the data.
Non-repudiation
It means protection.
______ is “the quality or state of being secure–to be free from danger.”
It refers to the methods, tools and personnel used to defend an organization’s digital assets.
Security
To protect the physical items, objects, or areas of an organization from unauthorized access and misuse.
Physical security
To protect the individual or group of individuals who are authorized to access the organization and its operations.
Personal security
To protect the details of a particular operation or series of activities.
Operations security
To protect an organization’s communications media, technology, and content.
Communications security
To protect networking components, connections, and contents.
Network security
Free from mistake or error and having the value that the end-user expects.
Accuracy
The quality or state of being genuine or original, rather than a reproduction or fabrication.
Authenticity
The quality or state of preventing disclosure or exposure to unauthorized individuals or systems.
Confidentiality
The quality or state of being whole, complete, and uncorrupted.
Means keeping information accurate, complete, and trustworthy.
Integrity
The quality or state of having value for some purpose or end.
Utility
The quality or state of having ownership or control of some object or item.
Possession
Is the entire set of software, hardware, data, people, procedures, and networks that enable the use of information resources in the organization.
Is like the brain and nervous system of an organization. It includes everything needed to store, process, and share information—computers, software, data, people, rules, and networks.
Information Software
Physical technology that houses and executes the software, stores and transports the data, and provides interfaces for the entry and removal of information from the system.
Hardware
Often the most asset
Main target of intentional attacks
Data
They have always been a threat to information security.
Social engineering.
Must be well trained and informed.
People
Are written instructions for accomplishing a specific task.
Procedures
A method of establishing security policies and/or practices that begins as a grassroots effort in which systems administrators attempt to improve the security of their systems.
Bottom-up approach
A methodology of establishing security policies and/or practices that is initiated by upper management.
Top-down approach
A formal approach to solving a problem based on a structured sequence of procedures.
Methodology
The ______ contains different phases depending on the methodology deployed, but generally the phases address the investigation, analysis, design, implementation, and maintenance of an information system.
SDLC
