Securities Case
Essay by Treytg2012 • November 19, 2012 • Study Guide • 464 Words (2 Pages) • 1,674 Views
1) What is the difference between a threat agent and a threat? A threat agent is like software, mail ware, viruses, stolen passwords or what not, A threat are physical theft of equipment, espionage against the products of the systems, and sabotage.
2) What is the difference between vulnerability and exposure? Vulnerability is having lack of security, not able to contain, nor protect against. Exposure is having sensitive information released without knowledge of.
3) How has the definition of "hack" evolved over the last 30 years? The primary difference between hacking 30 years ago and now is the medium for hacking. Hacking 30 years ago was all about phone lines and phones. The term "phreaking" was the equivalent of hacking. Hacking then moved to computers. Now with security upgrades and higher stakes with laws preventing serious hackers from being active, hacking has become predominantly so called "script kiddies" who use command line scripts to do things like launch ddos attacks, activate bot nets, and capture cookie traffic on local networks in coffee shops
4) What type of security was dominant in the early years of computing? Physical The (ARPA), the ARPANET
5) What are the three components of the C.I.A. triangle? What are they used for? The three components of the C.I.A. triangle are confidentiality, integrity, and availability. It's used to protect information and its related systems
6) If the C.I.A triangle is incomplete, why is it so commonly used in security? It's used because it's still the and has been the industry standard since the development of the mainframe
7) Describe the critical characteristics of information. How are they used in the study of computer security?
8) Identify the five components of an information system. Which are the most directly affected by the study of computer security? Which are the most commonly associated with its study?
9) In the history of the study of computer security, what system is the father of almost all modern multiuser systems?
10) What paper is the foundation of all subsequent studies of computer security?
11) How is the top-down approach to information security superior to the bottom-up approach?
12) Why is a methodology important in the implementation of information security? How does a methodology improve the process?
13) Who is involved in the security development life cycle? Who leads the process?
14) How does the practice of information security qualify as both an art and a science? How does security as a social science influence its practice?
15) Who is ultimately responsible for the security
...
...