Chapter 1 Review Questions and E5
1. what is the difference between a threat agent and a threat?
Threat: a category of objects, persons, or other entities that presents a danger to an asset Threat agent: the specific instance or component of a threat
2. what is the difference between vulnerability and exposure?
Vulnerability: a weakness or fault in a system or protection mechanism that opens it to attack or damage. Exposure: a condition or state of being exposed. It exists when a vulnerability known to an attacker is present.
3. how is infrastructure protection (assuring the security of utility services) related to information security?
Information security is the protection of information and it is
…show more content…
Faults are a precise interaction of hardware and software that can be fixed given enough time.
15. who is ultimately responsible for the security of information in the organization?
The Cheif Information Security Officer (CISO)
16. what is the relationship between the MULTICS project in the early development of computer security?
It was the first and operating system created with security as its primary goal. Shortly after the restructuring of MULTICS, several key engineers started working on UNIX which did not require the same level of security.
17. how has computer security evolved into modern information security?
In the early days before ARPANET machines were only physically secured. After ARPANET it was realised that this was just one componen.
18. what was important Rand Report R-609?
RR609 was the first widly recognized published document to identify the role of management and policy issues in computer security.
19. who decides how and when data in an organzation will be used or controlled? who is responsible for seeing that these wishes are carried out?
Control and use of data in the Data owners are responsible for how and when data will be used, Data users are working with the data in their daily jobs.
20. who should lead the security team? should the approach to security be more managerial or technical?
A project manager with information security technical
So what exactly is vulnerability? Vulnerability is the state of being capable of being physically or mentally wounded. Everyone has many times where they are vulnerable, but one that stands out for me is when I share my writing.
A computer is secure if you can depend on it and its software to behave as you expect I this assignment I will writer about how Linux provides security to you information. The major technical areas of computer security are usually represented by CIA confidentiality, integrity, and authentication or availability. It means that information cannot access by unauthorized people.
Vulnerability is defined as susceptibility or increased risk for health problems (DeChesnay, 2008). A group of individuals are considered at higher risk for illness when their physical, emotional, psychological, or social health, is compromised (Aday, 2001). There are many leading causes for why a population is considered at higher risk; socioeconomic, age, gender, demographics, personal, and cultural backgrounds are some of the key factors (Aday, 2001; Sebation, 1996). Individuals can become vulnerable at any time because of change in life circumstances, placing them at higher risk. One group
Hazards are activities or events that cause loss of life, injury, property damage, social and economic disruption, or environmental degradation. These hazards can be natural or manmade, such as earthquakes, hurricanes, tornadoes, floods, wildfires, and terrorist attacks. Vulnerabilities can be described as the potential for hazards. Vulnerabilities can be such things as geographical locations, a community up north has a lower vulnerability for hurricanes, as compared to Florida communities. Risk is described as the level of protection a community or area will have if they are involved in a hazard, and the certain groups
To start off with I chose to go with our banking or financial industry. The banking industry is constantly getting attacked by various methods on a daily basis. I chose this industry because I happen to know someone who works in the security sector at Wells Fargo Bank, he was a good person to get information on what he sees on a daily or weekly basis. This paper is the opinion of myself and with gathered information from various resources.
As it applies to an IT environment, a vulnerability assessment is used to identify existing vulnerabilities giving the environment owner an awareness of what needs to be fixed (Who needs a Vulnerability Assessment, 2017). The assessment needs to be viewed for what it is, a onetime occurrence that in no way highlights all vulnerabilities. Multiple assessments of vulnerability must be conducted over time to ensure that as many possible avenues of weakness are explored, identified, and marked for improvement. As new systems are added, programs changed, or other changes to the system are made vulnerabilities might be created.
Which of the following has the ultimate and final responsibility for network security in an organization?
Vulnerability is often one-dimensionally viewed as the degree to which mishaps, pain and shame are allowed to enter into one’s life. However it is also the birthplace of creativity and basis for a feeling of self-worthiness. Thereby vulnerability creates authenticity. There are various different definitions of vulnerability according to the field in which the term is used. The most commonly found dictionary definition states that “Vulnerability refers to the susceptibility of a person, group, society or system to physical or emotional injury or attack. The term can also refer to a person who let
Visualize an ancient castle with a large rock wall around the perimeter. The wall seems to be impossible to breech except for a small water grate near the left side of the main door. That water grate is the castle’s vulnerability. In emergency management, vulnerabilities are weak points that have been identified within a community that may affect the community’s ability to cope with certain disasters. These vulnerabilities can generally be identified once a community has conducted a hazard vulnerability assessment.
The vulnerability is defined in terms of two distinctive elements. The individual vulnerability is a denoted as a shortcoming within the systems context. The collective vulnerability is an aggregate of the individuals and normally denoted as vulnerable populations. The vulnerability can be defined in terms of the individual's circumstances, life scenarios, illness, or events occurring in one's life. Hence it is evident that any individual can be vulnerable at any given time. The concepts of vulnerable population are related to the aggregate public health perception that inherits the vulnerability through status. It can be explained that a certain group of individual faces risk at a given time in comparison with the other group. The vulnerable populations are also explained in terms
Vulnerability may be defined as “The extent to which a community, structure, services or geographic area is
2).a particular quality, habit, or disposition regarded as adversely affecting a person or group of people.
A threat agent is a specific component that represents a danger to an organization’s assets. And a threat is an object, person or entity that represents a constant danger.
1. How can a security framework assist in the design and implementation of a security infrastructure?
Answer: Information Security is the practice of defending (guiding) information by considering the CIA Triad Principles which are Confidentiality (Authorize access), Integrity (Accuracy and Completeness) and Availability.