Information Security ch. 5

Risk

probability of a threat exploiting vulnerability

CIA triad

the three main principles of IT security

Risk management

Process of identifying, assessing, and reducing risk to an acceptable level

Exposure

the estimated cost, loss, or damage that can result if a threat exploits a vurnerability

Audit

a

the process of generating, recording, and reviewing a chronological record of a system events to ascertain their accuracy.

Malware

Malware

r

malicious software, such as a virus, worm, or Trojan horse.

Spyware

Stealth software that gathers information about a user or a user’s online activity

Threat

Threat is something or someone that may result in harm to an asset.

Vulnerability

weaknesses that threatens the confidentiality, integrity, or availability of an asset.

Zombie

r

An infected computer that is controlled remotely via the internet by an unauthorized user, such as a spammer, fraudster, or hacker.

p

DDOS

: an attack in which a system is bombarded with so many requests

Back up

: a duplicate copy of data programs kept in a secured location.

PKI

a system to identify and authenticate the sender or receiver of an internet message or transaction

Firewall

r

a method (hardware or software) of guarding a private network from a public network (internet) by analyzing data packets entering or exiting it.