ITIS 3200 - Module 1: Introduction to Information Security

confidentiality, integrity, and availability (CIA)

Three basic security protections that must be extended over the information.

Confidentiality

Procedures that ensure only authorized parties can view the information.

Integrity

Procedures that ensure that the information is correct and no unauthorized person or malicious software has altered the data.

Availability

Procedures that ensure data is accessible to only authorized users and not to unapproved individuals.

authentication, authorization, and accounting (AAA)

Providing a framework to control access to computer resources.

Authorization

Granting permission to take an action.

accounting

To create and preserve a record of who accessed the enterprise network, what resources they accessed, and when they disconnected from the network.

authentication

Act of verifying that credentials are authentic and not fabricated.

Managerial

Controls that use administrative methods.

Physical

Controls that implement security in a defined structure and location.

Operational

Controls that are implemented and executed by people.

Technical

Controls that are incorporated as part of hardware, software, or firmware.

control

Safeguard employed within an enterprise to protect the CIA of information. Also called a countermeasure.

deterrent control

Controls that attempt to discourage security violations before they occur.

corrective control

Controls intended to mitigate or lessen the damage caused by the incident.

detective control

Controls designed to identify any threat that has reached the system.

preventive control

Controls used to prevent the threat from coming in contact with the vulnerability.

compensating control

Controls that provide an alternative to normal controls that for some reason cannot be used.

directive control

Controls designed to ensure that a particular outcome is achieved.

level of sophistication/capability

Attribute of threat actors of a high level of power and complexity.

resources/funding

Attribute of threat actors of an extensive network of resources.

attributes of actors

Characteristic features of the different groups of threat actors.

threat actor

Individual or entity who is responsible for attacks.

internal/external

Attribute of threat actors of origination from within the enterprise or outside it.

shadow IT

Process of bypassing corporate approval for technology purchases.

data exfiltration

Threat actor’s motivation of unauthorized copying of data.

unskilled attackers

Individuals who want to perform attacks yet lack the technical knowledge to carry them out.

service disruption

Threat actor’s motivation of obstructing the normal business electronic processes.

ethical

Threat actor’s motivation of sound moral principles.

insider threat

Employees, contractors, and business partners who pose a threat from the position of a trusted entity.

revenge

Threat actor’s motivation of avenging by retaliation.

Organized crime

Close-knit group of highly centralized enterprises set up for the purpose of engaging in illegal activities.

blackmail

Threat actor’s motivation of extortion or coercion by threat.

financial gain

Threat actor’s motivation of earning revenue.

philosophical/political beliefs

Threat actor’s motivation of ideology for the sake of principles.

hacktivists

Threat actors who are strongly motivated by philosophical or political beliefs.

nation-state actors

Threat actors who are employed by their own government to carry out attacks.

espionage

Threat actor’s motivation of spying.

disruption/chaos

Threat actor’s motivation to produce extreme confusion.

war

Threat actor’s motivation of armed hostile combat.

attack surface

Digital platform that threat actors target for their exploits.

Vulnerable software

Software that contains one or more security vulnerabilities.

client-based software

Software applications installed on a computer connected to a network.

agentless software

Software in which no additional processes are required to run in the background.

Removable devices

Media devices like a USB flash drive.

Unsupported systems and applications

Computer systems and applications no longer supported by the organization that are often ignored and do not receive security updates.

Image-based

Attacks that focus on an image or copy of all a computer’s contents.

File-based

Attacks that focus on infecting individual files on a computer.

Unsecure networks

Wired and wireless networks that lack security.

Open service ports

Unnecessary ports that are not disabled.

Instant messaging (IM)

Technology that allows users to send real-time messages through a software application over the Internet and is not restricted to a cell phone.

Short Message Service (SMS)

Messaging that uses a cellular network and is typically sent by a cell phone.

message-based

Communication tools that are popular threat vectors by attackers.

Default credentials

Preselected options for authentication.

supply chain

Network that moves a product from its creation to the end-user.

vendors

Entities in a supply chain who purchase products for resale.

hardware provider

Type of supply chain for distributing computer hardware.

suppliers

First step in a supply chain that provides raw materials.

software provider

Type of supply chain for distributing computer software.

OS-based vulnerabilities

Vulnerabilities found within operating systems.

service providers

Businesses that furnish solutions or services to users and organizations.

managed service providers (MSPs)

IT service providers who manage networks, computers, cloud resources, and information security for small-to-medium enterprises.

malicious update

Attack in which a software update is infected with malware and distributed.

applications

Software programs.

Firmware

Software embedded into hardware.

zero-day

Vulnerability for which there are no days of advanced warning.

legacy platform

Older hardware platform for which there is a more modern version available but for a variety of reasons has not been updated or replaced.

end-of-life (EOL)

End of a product’s manufacturing lifespan.

misconfigurations

Erroneous technology settings.

attack surface (threat vector)

Digital platform that threat actors target for their exploits.

deterrent controls

Controls that attempt to discourage security violations before they occur.

compensating controls

Controls that provide an alternative to normal controls that for some reason cannot be used.

managerial controls

Controls that use administrative methods.

corrective controls

Controls intended to mitigate or lessen the damage caused by the incident.

detective controls

Controls designed to identify any threat that has reached the system.

directive controls

Controls designed to ensure that a particular outcome is achieved.

physical controls

Controls that implement security in a defined structure and location.

operational controls

Controls that are implemented and executed by people.

preventive controls

Controls used to prevent the threat from coming in contact with the vulnerability.

technical controls

Controls that are incorporated as part of hardware, software, or firmware.