Understanding the Threat
- Protecting information assets is a significant challenge for IT Security Professionals
- To protect information assets IT Security Professionals must use:
- Administrative Controls
- Physical Controls
- Technical ControlsReasons for Security Issues
o Each network & computing technology has inherent security problems.
• Configuration Weaknesses
o Even the most secure technology can be misconfigured exposing security problems.
• Policy Weaknesses
o A poorly defined, implemented or managed security policy can make the best security infrastructure open for abuse.
Security Definitions
• Threats
o A threat is any potential danger to information or systems
• Vulnerabilities
o A vulnerability is a software, hardware or procedural weakness that may provide an attacker a way to access information or systems.
• Attacks
o An attack is a technique used to exploit a vulnerability.
Posts
No comments:
Post a Comment