Security Fundamentals Chapter One

1. What is the difference between a threat agent and a threat?

A threat is a general collective that pose a danger while a threat agent is a singular specific person or thing that poses a danger.

2. What is the difference between vulnerability and exposure?

Vulnerability is a weakness while exposure is that act of being exposed. Vulnerability can lead to exposure.

3. How is infrastructure protection (assuring the security of utility services) related to information security?

They both share the same overall goal, to ensure data is available when, where, and how it is needed, with minimal delays or obstacles.

4. What type of security was dominant in the early years of computing?

Information security was a straightforward process composed predominantly of physical security and simple document classification schemes.

5. What are the 3 components of the C.I.A. triangle? What are they used for?

Confidentiality, integrity, and availability. Confidentiality is used to protect information from getting into the wrong hands. Integrity means that information is uncorrupt, or not damaged and is in its original state. Availability means that information is accessible.

6. If the C.I.A. triangle is incomplete, why is it so commonly used in security?

Its three founding characteristics are the foundation for which the other characteristics have evolved, creating an expanded model which are more critical.

7. Describe the critical characteristics of information. How are they used in study of computer security?

Availability- ease of access

Accuracy- information has no errors and has value that the end user expects

Authenticity- original info. Not a reproduction or copy

Confidentiality- information that is protected from unauthorized use

Integrity- undamaged, uncorrupt information

Utility- the information has value for some purpose

Possession- one controls the information

8. Identify the 6 components of an information system. Which are most directly...