This website uses cookies to ensure you have the best experience. Learn more

Chapter 1 Introduction To Information Security: Principles Of Information Security

979 words - 4 pages

Chapter 1-Introduction to Information Security:

1. What is the difference between a threat and a threat agent?

A threat is a constant danger to an asset, whereas a threat agent is the facilitator
of an attack.

2. What is the difference between vulnerability and exposure?

Vulnerability: is a fault within the system, such as software package flaws, unlocked doors or an unprotected system port. It leaves things open to an attack or damage.

Exposure: is a single instance when a system is open to damage. Vulnerabilities can in turn be the cause of exposure.

3. How is infrastructure protection (assuring the security of utility services) related to information security?

The ...view middle of the document...

Integrity: whole and uncorrupted, integrity of the info is threatened when the info is exposed to corruption, damage, destruction or other of its authentic state.

Utility: has a value for some purpose.

Possession: Ownership

8. Identify the five components of an information system. Which are most directly affected by the study of computer security? Which are most commonly associated with its study?

Software: component of IS comprises applications, operating systems and assorted command utilities.
- most difficult component to secure

Hardware: Physical technology that houses and executes the software, stores and transport the data and provides interfaces for the entry and removal od the info form the system.
- Physical security polices that deal with hardware a physical assets and with the protection of physical assets from harm and theft.

Data: Data stared, processed and transmitted by a computer system must be protected
- often the most valuable asset processed by the organization and is the main target of internal attacks.
- By the use of database mgmt. systems data and the application can be protected.
People: Have always been a threat to info security (often overlooked)

Procedures: written instruction for accomplishing an specific task.

9. In the history of the study of computer security, what system is the father of almost all modern multiuser systems?

Mainframe computer systems

10. What paper is the foundation of all subsequent studies of computer security?

Rand Report R-609

11. Why is the top down approach to information security superior to the bottom up approach?

Bottom up lacks a number of critical features such as participant support and organizational staying power, whereas top down has strong upper management support, dedicated funding, clear planning and the opportunity to influence organizations culture.

12. Why is a methodology important in the implementation of information security? How does a methodology improve the process?

A formal methodology ensures a rigorous process and avoids missing steps.

13. Which...

Other Papers Like Chapter 1-Introduction to Information Security: Principles of Information Security

Principles Of Information Security Essay

307 words - 2 pages 1. What is risk management? Why is the identification of risks, by listing assets and their vulnerabilities, so important to the risk management process? Risk management is the process of identifying risk, as represented by vulnerabilities, to an organization’s information assets and infrastructure, and taking steps to reduce this risk to an acceptable level. Each of the three elements in the C.I.A. triangle, introduced in Chapter 1, is an

Introduction to Information Security Student Essay

1249 words - 5 pages IT414 - Principles of Information Security Sherwin R. Pineda Introduction to Information Security Do not figure on opponents not attacking; worry about your own lack of preparation. Learning Outcomes 嗗Define information security 嗗Recount the history of computer security, and explain how it evolved into information security 嗗Define key terms and critical concepts of information security Introduction 嗗The History of Information

Principles of Information-Systems Security

923 words - 4 pages objectives of the information security plan. For instance, technologies can be used to monitor and track who is accessing specific documents and content, and how frequently. Some machine-readable security labels can be applied in a manner that they are unrecognizable to the human eye. Giving account for all items to be secured is just one of the many levels of having a strong security system. To conclude I wish to remind you that there isn’t a

Chapter 1—Introduction to Accounting Information Systems

3566 words - 15 pages Chapter 1—Introduction to Accounting Information Systems TRUE/FALSE 1. The three themes of the text are operating systems, e-business, and internal control. ANS: F 2. In an assurance service the accountant will provide the original information used for decision making. ANS: F 3. Financial care for the elderly has been identified by the AICPA as a potential assurance service. ANS: T 4. Wireless technologies was

: Ab #1 Fundamentals of Information Systems Security

661 words - 3 pages Assessment Worksheet 15 1 Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) Using Zenmap GUI (Nmap) LAb #1 – ASSESSMENT WORKSHEET Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) Course Name and Number: Fundamentals of Information Security Lab due date: Overview Hackers typically follow a five-step approach to seek out and destroy targeted hosts. The first step in performing an attack is to plan the

Information Security

988 words - 4 pages Human differences Human beings are prone to certain characteristics that tend to affect their relation to information security. Information security refers to the ability of an individual to ensure that information is free from any kind of access by unwarranted individuals. There are several human inadequacies that affect the level of information security. However, this discussion is going to concentrate on three major human characteristics

Information Security

3941 words - 16 pages . The following diagram is the structure of information security management of Canon. The possible risks include the following: 1. Network attack: including eavesdropping, DOS attack, and trespassing. 2. Website phishing: attackers using a fake canon website to steal customers’ information. 3. Access privilege intrusion: attackers gaining unauthorized high privilege. 4. Application privilege intrusion: applications running with

Information Security

1990 words - 8 pages Running Head: INFORMATION TECHNOLOGY Information Security Introduction Information security is understood to be the way wherein which information is being secured within the organization. It is a must to check it upon that thing are likely to be understood at its best. It is a must to identify that organization should make it sure that all the confidential information is being protected and is safe from any kind of attack. The

Information Security - 1620 words

1620 words - 7 pages 1. Why is information security a management problem? What can management do that technology cannot? Management is responsible for implementing information security to protect the ability of the organization to function. They must set policy and operate the organization in a manner that complies with the laws that govern the use of technology. Technology alone cannot solve information security issues. Management must make policy choices and

Principles of Security 5th Edition Chapter 1 Review Questions

844 words - 4 pages make a system weak and open to attacks without protection. 3. How is infrastructure protection (assuring the security of utility services) related to information security? If the infrastructure of a network is exposed and accessible to anyone this leaves the network vulnerable to damage both to hardware and software. The infrastructure must be protected to allow only authorized user to have access to the network. 4. What type of

Pricinples of Information Security, Chapter 3 Review Questions

1536 words - 7 pages this statute varies from fines to imprisonment up to 20 years, or both. The severity of the penalty depends on the value of the information obtained and whether the offense is judged to have been committed: 1. For purposes of commercial advantage 2. For private financial gain 3. In furtherance of a criminal act 5. Which law was specifically created to deal with encryption policy in the United States? The Security and Freedom through

Related Essays

Principles Of Information Security Chapter 1

4922 words - 20 pages Principles of Information Security, 4th Edition 1 Chapter 1 1 Review Questions 1. What is the difference between a threat agent and a threat? A threat agent is the facilitator of an attack, whereas a threat is a category of objects, persons, or other entities that represents a potential danger to an asset. Threats are always present. Some threats manifest themselves in accidental occurrences and others are purposeful

Principles Of Information Security Chapter 3 Review

1301 words - 6 pages 1996 amended the Computer Fraud and Abuse Act of 1986. It modified several sections of the CFA Act, and increased the penalties for selected crime. 5. Which law was specifically created to deal with encryption policy in the United States? The Security and Freedom through Encryption Act of 1999. 6. What is privacy in an information security context? Privacy is not absolute freedom from observation, but rather it is a more precise “State of

Principles Of Information Security Essay

3241 words - 13 pages the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. Brief Table of Contents PREFACE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix CHAPTER 1 Introduction to Information Security

Principles Of Information Security Essay

3291 words - 14 pages additional content at any time if subsequent rights restrictions require it. Brief Table of Contents PREFACE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix CHAPTER 1 Introduction to Information Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 CHAPTER 2 The Need for Security