1. What is the difference between a threat agent and a threat?
A threat agent is a specific instance or a component of a threat. A threat is a category of objects, persons, or other entities that presents a danger to an asset.
2. What is the difference between vulnerability and exposure?
Vulnerability is a weakness or fault in a system or protection mechanism that opens it to attack or damage. Exposure is the condition or state of being exposed.
3. What are the three components of the CIA triangle? What are they used for?
The three components of the CIA triangle are confidentiality, integrity, and availability. Confidentiality is used to protect information from ...view middle of the document...
If a characteristic change, the value of information also changes. There are seven critical characteristics which are:
Availability - enable authorized users to access information without interference or obstruction and receives it in the required format.
Accuracy - information that is free from errors and it has the value that the end user expects
Authenticity - quality or state of being genuine or original, not a reproduction or fabrication. Information is authentic when it is in the same state in which it was created, placed, stored, or transferred.
Confidentiality - information that is protected from disclosure or exposure to unauthorized individuals or systems. It ensures that only those with the rights and privileges to access information.
Integrity - information that is a whole, complete, and uncorrupted.
Utility - quality or state of having value for some purpose or end. Information has value when it can serve a purpose.
Possession - quality or state of ownership or control.
5. Identify the six components of an information system. Which are most directly affected by the study of computer security? Which are most commonly associated with its study?
The six components of an information system are: software, hardware, data, people, procedures, and networks. All six components are equally affected by the study of computer security because a simple mistake can lead to a vulnerability or exposure. Hardware and software are most commonly associated with the study because software carries the lifeblood of information and hardware shields and executes the software.