Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
32 Cards in this Set
- Front
- Back
ARPANET
|
The predecessor to the Internet.
|
|
MULTICS
|
An early OS that computer security concepts were first tested on. It had security built in - Ken Thompson & Dennis Richie came from this project.
|
|
Info Security Concept - Access
|
The ability to use and modify a computer system.
|
|
Info Security Concept - Asset
|
A resource that is being protected.
|
|
Info Security Concept - Attack
|
Intentional or unintentional compromise or damage of data.
|
|
Info Security Concept - Control
|
Factors that can counter security vulnerabilities (e.g. procedures, policies, mechanisms).
|
|
Info Security Concept - Exploit
|
A known process to take advantage of a vulnerability or the act of using that process.
|
|
Info Security Concept - Exposure
|
A known exploit that is present on a computer systems.
|
|
Info Security Concept - Loss
|
Confidential information that is attacked and disclosed suffers a loss.
|
|
Info Security Concept - Protection Profile
|
Encompassing control, policy, education, training and awareness, and technology that an organization implements.
|
|
Info Security Concept - Risk
|
The probability that something unwanted will happen.
|
|
Info Security Concept - Subjects and Objects
|
A computer can either be a subject in an attack - performing the attack - or an object - on the receiving end of the attack.
|
|
Info Security Concept - Threat
|
A collective of objects or persons that threaten an asset.
|
|
Info Security Concept - Threat Agent
|
A specific instance of a threat - a single virus.
|
|
Info Security Concept - Vulnerability
|
A known hole in a software package that can be used in an exploit.
|
|
Information Characteristics - Availability
|
That ability for authorized users to access information unobstructed and in the correct format.
|
|
Information Characteristics - Accuracy
|
When information is free from errors and is in the format that the end users expect.
|
|
Information Characteristics - Authenticity
|
When information is in its original state, not tampered with.
|
|
Information Characteristics - Confidentiality
|
When information is protected from unauthorized users.
|
|
Information Characteristics - Integrity
|
Information that is whole, uncorrupted, and authentic.
|
|
Information Characteristics - Utility
|
Information that can serve a purpose and is useful. The data must be in a format that the end users can use.
|
|
Information Characteristics - Possession
|
Ownership or control over information. The possession of information doesn't imply accessibility.
|
|
Six Components of an Information System
|
Software, Hardware, Data, Networks, Policies/Procedures, and People
|
|
Systems Development Life Cycle (SDLC)
|
A methodology that is used to develop an information system.
|
|
Methodology
|
A structured, multi-step process that is used to develop a system.
|
|
SDLC - Investigation
|
The first step in the SDLC. Investigate feasibility and cost, and outline project scope and goals.
|
|
SDLC - Analysis
|
The second step in the SDLC. Assess current system against new system, develop system requirements, study integration with old system.
|
|
SDLC - Logical Design
|
The third step in the SDLC. Assess business needs against preliminary plan , select apps/data support/structures, create multiple solutions.
|
|
SDLC - Physical Design
|
The fourth step in the SDLC. Select technologies to support step 3 solutions, select best solution, decide to make or buy components.
|
|
SDLC - Implementation
|
The fifth step in the SDLC. Develop/Buy software, document system, train users.
|
|
SDLC - Maintenance and Change
|
The sixth step in the SDLC. Support/Modify system during life cycle, test against business needs, patch and upgrade as necessary.
|
|
Security Systems Development Life Cycle (SecSDLC)
|
The methodology used to create Information Systems with security built in.
|