Understanding the Threat
- Protecting information assets is a significant challenge for IT Security Professionals
- To protect information assets IT Security Professionals must use:
- Administrative Controls
- Physical Controls
- Technical ControlsReasons for Security Issues
o Each network & computing technology has inherent security problems.
• Configuration Weaknesses
o Even the most secure technology can be misconfigured exposing security problems.
• Policy Weaknesses
o A poorly defined, implemented or managed security policy can make the best security infrastructure open for abuse.
o A threat is any potential danger to information or systems
o A vulnerability is a software, hardware or procedural weakness that may provide an attacker a way to access information or systems.
o An attack is a technique used to exploit a vulnerability.