1. What is the difference between a threat agent and a threat? A threat agent is the facilitator of an attack however; a threat is a constant danger to an asset. 2. What is the difference between vulnerability and exposure? The differences are: vulnerability is a fault within the system, such as software package flaws, unlocked doors or an unprotected system port. It leaves things open to an attack or damage. Exposure is a single instance when a system is open to damage. Vulnerabilities can in turn be the cause of exposure. 3. How is infrastructure protection (assuring the security of utility services) related to information security?
Information security is the protection of information and it is critical elements, including the systems and hardware that used, store, and transmit that information, Thus, assuring the security of utility services are critical elements in information system. 4. What type of security was dominant in the early years of computing? The type of security was dominant in the early years of computing security was entirely physical security. And MULTICS was first noteworthy operating system to integrate security in to its core system. 5. What are the three components of the C.I.A. triangle? What are they used for? The three components of the C.I.A triangle are:
Confidentiality: Information’s should only be accessible to its intended recipients. Integrity: Information arrive the same as it was sent. Availability: Information should be available to those authorized to use it. 6. If the C.I.A. triangle is incomplete, why is it so commonly used in security? The CIA triangle is still used because it addresses the major concerns with the vulnerability of information systems. It contains three major characteristic confidentiality, integrity and availability which are important even today. 7. Describe the critical characteristics of information. How are they used in the study of computer security?
The critical characteristics of information...
Please join StudyMode to read the full document