basic security flashcards

0.0(0)
Studied by 0 people
call kaiCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/27

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 3:01 PM on 4/10/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai

No analytics yet

Send a link to your students to track their progress

28 Terms

1
New cards

threat

circumstance/event that can adversely affect an organisation

2
New cards

threat model

collection of threats deemed important for a certain environment

3
New cards

asset

valued resource

4
New cards

risk

extent to which an asset is threatened

5
New cards

adversary/threat agent/attacker

entity trying to circumvent security infrastructure

6
New cards

vulnerability

system artefact that exposes the system to a threat

7
New cards

outcomes of vulnerabilities

system becomes corrupted, leaky, or unavailable

8
New cards

types of vulnerability (basic)

technological, security policy, configuration

9
New cards

countermeasure

security control to reduce likelihood of a threat, or consequences of a realised one

10
New cards

security policy

set of criteria to provide security services

11
New cards

participants

expected system entities

12
New cards

trust

degree to which an entity is expected to behave

13
New cards

trust model

model of who is trusted to do what for a particular environment

14
New cards

trust boundary

point in a system where the level of trust changes

15
New cards

attack

process to realise a threat

16
New cards

passive vs active attack

passive - learn/make use of info without affecting system resources
active - alter system resources/affect operation

17
New cards

attack surface

set of reachable/exploitable vulnerabilities of a system

18
New cards

attack/threat vector

the specific means by which an attack is enacted

19
New cards

types of threat consequence (basic)

unauthorised disclosure, deception, disruption, usurpation

20
New cards

how does differential privacy work

adds statistical noise to the output. for a function f we output f(x) + Y

21
New cards

Advanced Persistent Threat

attack that infiltrates a system and is long-term and cautious

22
New cards

Confidentiality

data conf - private info not disclosed to unauthorised parties
privacy - people control the info collected about them and who it’s disclosed to

23
New cards

Integrity

data - info only changed in an authorised fashion
system - system does its intended purpose without unauthorised manipulation

24
New cards

Availability

service responds reliably and not denied to authorised individuals

25
New cards

Non-Repudiation

assurance that an individual can’t deny a previous commitment

26
New cards

why is non-repudiation sometimes considered separately from integrity?

mechanisms to ensure it are different from those for data integrity

27
New cards

Authenticity

that a message is genuine and can be validated/trusted

28
New cards

Accountability

makes sure actions can be uniquely traced to the actor