Flashcards in INFORMATION ASSURANCE 107 Deck (18):
Information Assurance; Information operations that protect and defend data and IS by ensuring availability, integrity, authentication, confidentiality and non-repudiation.
Authority to Operate; usually over one year
Interim Authority to Operate; Usually 6 months
5 attributes of IA
Confidentiality, Integrity, Availability, Non-repudiation, Authentication
Information or IS have been or may have been accessed, used, copied, or disclosed by someone who was not authorized to have access to the information.
Protection against unauthorized modification or destruction of information.
Information the computing systems used to process the information and the security controls used to protect the information are all available and functioning correctly when the information is needed.
Implies that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction.
Security measure designed to establish the validity of a transmission, message, or originator, or means of verifying an individual’s authorization to receive specific categories of information.
9 categories of computer incidents
User Level Intrusion, Denial of Service, Malicious Logic, Unsuccessful Activity Attempt, Non-Compliance Activity, Reconnaissance, Investigating, Explained Anomaly.
Information Assurance Vulnerability Alert
Information Assurance Vulnerability Bulletin
Information Assurance Vulnerability Technical
Communications Tasking Order
Navy Telecommunications Directive
A collection of updates fixes and/or patches
Difference between vulnerability and threat
Vulnerability: refers to the susceptibility of a person, group, society, or system to physical or emotional injury or attack.
Threat: An act of coercion wherein an act is proposed to elicit a negative response.