Information Security Chap 1 Review Questions and Exercise 5
Chapter 1 Review Questions and E5
1. what is the difference between a threat agent and a threat?
Threat: a category of objects, persons, or other entities that presents a danger to an asset Threat agent: the specific instance or component of a threat
2. what is the difference between vulnerability and exposure?
Vulnerability: a weakness or fault in a system or protection mechanism that opens it to attack or damage. Exposure: a condition or state of being exposed. It exists when a vulnerability known to an attacker is present.
3. how is infrastructure protection (assuring the security of utility services) related to information security?
Information security is the protection of information and it is critical elements, including the systems and hardware that used, store, and transmit that information, Thus, assuring the security of utility services are critical elements in information system.
4. what type of security was dominant in the early years of computing?
The type of security was dominant in the early years of computing security was entirely physical security. And MULTICS was first noteworthy operating system to integrate security in to its core system.
5. what are the three components of the C.I.A triangle? what are they used for?
1. confidentiality: protect information from disclosure or exposure to unauthorized individuals or systems 2. integrity: when information is whole, complete and uncorrupted 3. availiability: allows authorized users to access information without intereference or obstruction and to receive it in the required format C.I.A. : the industry standard for computer security since the development of the mainframe
6. if the C.I.A. triangle is incomplete, why is it so commonly used in security?
The CIA triangle is still used because it addresses the major concerns with the vulnerability of information systems. It contains three major
1. what is the difference between a threat agent and a threat?
Threat: a category of objects, persons, or other entities that presents a danger to an asset Threat agent: the specific instance or component of a threat
2. what is the difference between vulnerability and exposure?
Vulnerability: a weakness or fault in a system or protection mechanism that opens it to attack or damage. Exposure: a condition or state of being exposed. It exists when a vulnerability known to an attacker is present.
3. how is infrastructure protection (assuring the security of utility services) related to information security?
Information security is the protection of information and it is critical elements, including the systems and hardware that used, store, and transmit that information, Thus, assuring the security of utility services are critical elements in information system.
4. what type of security was dominant in the early years of computing?
The type of security was dominant in the early years of computing security was entirely physical security. And MULTICS was first noteworthy operating system to integrate security in to its core system.
5. what are the three components of the C.I.A triangle? what are they used for?
1. confidentiality: protect information from disclosure or exposure to unauthorized individuals or systems 2. integrity: when information is whole, complete and uncorrupted 3. availiability: allows authorized users to access information without intereference or obstruction and to receive it in the required format C.I.A. : the industry standard for computer security since the development of the mainframe
6. if the C.I.A. triangle is incomplete, why is it so commonly used in security?
The CIA triangle is still used because it addresses the major concerns with the vulnerability of information systems. It contains three major