The Need for Information Assurance and Security (Week 2)

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/42

flashcard set

Earn XP

Description and Tags

reviewer

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

43 Terms

1
New cards

IAS helps to protect businesses' sensitive information from unauthorized access, use, disclosure, disruption, modification, or destruction. This information could include customer data, financial information, intellectual property, and other confidential information

BUSINESS NECESSITY FOR IAS
Information Sensitivity

2
New cards

Many industries and sectors are subject to specific laws, regulations, and standards that mandate how sensitive information should be handled, protected, and secured. Non-compliance can lead to legal penalties, reputational damage, and loss of trust

BUSINESS NECESSITY FOR IAS
Compliance with Regulations

3
New cards

__________ is a fundamental concept in the realm of information assurance and security. It involves taking proactive measures to minimize the potential negative impacts of threats and vulnerabilities on an organization's information assets.

BUSINESS NECESSITY FOR IAS
Risk Reduction

4
New cards

IAS can help businesses to improve their operations by reducing downtime, improving efficiency, and increasing productivity.

BUSINESS NECESSITY FOR IAS
Enhancement of Business Operations

5
New cards

Businesses that implement strong IAS can gain a ________________ by protecting their information assets and demonstrating their commitment to security

BUSINESS NECESSITY FOR IAS
Gaining Competitive Advantage

6
New cards

Involves implementing safeguards such as encryption, firewalls, monitoring tools, and user training to mitigate risks like unauthorized access, malware, or data breaches

BUSINESS NECESSITY FOR IAS
Protection Against Cyber Threats

7
New cards

Ensuring privacy protection is essential to maintaining individuals' rights and trust, as well as complying with privacy regulations.This involves safeguarding personal information from unauthorized access and misuse, thereby fostering a secure environment for data handling.

BUSINESS NECESSITY FOR IAS
Preservation of Privacy

8
New cards

Data breaches can lead to significant financial, legal, and reputational damage. Robust security measures help prevent unauthorized access to databases and sensitive information.

BUSINESS NECESSITY FOR IAS
Mitigation of Data Breaches

9
New cards

Organizations invest heavily in research, development, and innovation. Information security protects intellectual property, trade secrets, and proprietary information from theft and unauthorized access.

BUSINESS NECESSITY FOR IAS
Safeguarding Intellectual Property

10
New cards

Involves maintaining essential functions during and after a disaster or disruption, ensuring that operations can continue with minimal impact.

BUSINESS NECESSITY FOR IAS
Ensuring Business Continuity

11
New cards

Invaluable assets that organizations can build and maintain through effective information assurance and security practices. They foster customer loyalty and confidence, essential for long-term success.

BUSINESS NECESSITY FOR IAS
Trust and Reputation

12
New cards

Refers to the interconnectedness of people, organizations, devices, and systems across the world through various communication networks and technologies

BUSINESS NECESSITY FOR IAS
Global Connectivity

13
New cards

Refers to the delivery of computing services, such as storage, processing power, and applications, over the internet. Also known as telecommuting or teleworking, it involves employees technologies. working outside the traditional office environment, often enabled by cloud

BUSINESS NECESSITY FOR IAS
Cloud Computing and Remote Work

14
New cards

In Information Access Systems (IAS) it occur when unauthorized access, misuse, or mismanagement of data leads to direct or indirect monetary consequences

BUSINESS NECESSITY FOR IAS
Preventing Financial Losses

15
New cards

Requires a comprehensive approach that involves government agencies, law enforcement, intelligence organizations, military forces, and private sector partners. It's a dynamic and evolving effort that adapts to emerging threats and technologies

BUSINESS NECESSITY FOR IAS
Protecting National Security

16
New cards

Involve informing individuals about the importance of security measures, risks, and best practices in protecting information assets. The goal is to reduce the likelihood of security incidents and foster a security-conscious culture.

BUSINESS NECESSITY FOR IAS
Education and Awareness

17
New cards

MITIGATION: Implement security awareness training for employees and naïve end users.

IDENTIFYING RISKS AND THREATS TO IAS
Human error
THREATS: Human error is the most common cause of security breaches. This can include mistakes made by employees, contractors, or customers.

18
New cards

MITIGATION: Implement security controls, such as firewalls, intrusion detection systems, and antivirus software

IDENTIFYING RISKS AND THREATS TO IAS
Malicious Attacks

THREATS: Malicious attacks are intentional attempts to gain unauthorized access to information systems or to disrupt operations

19
New cards

MITIGATION: Keep software up to date with the latest security patches.

IDENTIFYING RISKS AND THREATS TO IAS
Technical vulnerabilities
THREATS: Technical vulnerabilities are weaknesses in software, hardware, or firmware that can be exploited by attackers

20
New cards

MITAGATION: Implement data protection policies, security controls and risk-reduction plan to mitigate the risks.

IDENTIFYING RISKS AND THREATS TO IAS
Business risks
THREATS: These risks can be caused by a variety of factors, such as financial losses, regulatory compliance issues, or reputational damage

21
New cards

MITAGATION: Enact and implement laws and policies, and cyber security measures governing national information and other related assets.

IDENTIFYING RISKS AND THREATS TO IAS
National risks
THREATS: National risks impact national interests as well as governmental hierarchy.

22
New cards

Weaknesses in the physical security of an organization that can be exploited by attackers to gain unauthorized access to sensitive information or systems

IDENTIFYING RISKS AND THREATS TO IAS
Physical Security Vulnerabilities

23
New cards

Security risks that arise from malicious or unintentional actions by individuals who have authorized access to an organization's systems and data. Insider threats can be costly and disruptive, and they can damage an organization's resources.

IDENTIFYING RISKS AND THREATS TO IAS
Insider Threats

24
New cards

Can be installed on a computer through a variety of means, such as clicking on a malicious link, opening an infected attachment, or downloading a file from an untrusted source

IDENTIFYING RISKS AND THREATS TO IAS
Malware

25
New cards

Attaches itself to a legitimate program or file and spreads when the infected program is executed. It can corrupt or delete files and spread to other systems.

IDENTIFYING RISKS AND THREATS TO IAS
Virus

26
New cards

Cybercriminals use deceptive tactics to manipulate individuals into revealing sensitive information or performing actions that compromise security.

IDENTIFYING RISKS AND THREATS TO IAS
Phishing and Social Engineering

27
New cards

An incident in which sensitive, confidential, or protected data is exposed to an unauthorized individual or entity. Unauthorized access to sensitive data, either through cyberattacks or human error, can result in data leaks and financial losses.

IDENTIFYING RISKS AND THREATS TO IAS
Data Breaches

28
New cards

Sophisticated attackers target specific organizations over a prolonged period, aiming to gain unauthorized access and exfiltrate sensitive data.

IDENTIFYING RISKS AND THREATS TO IAS
Advanced Persistent Threats (APTs)

29
New cards

An attempt to make a computer system or network unavailable to its intended users

IDENTIFYING RISKS AND THREATS TO IAS
Denial of Service (DoS) Attacks

30
New cards

Failing to regularly update and patch software and systems can leave vulnerabilities that attackers exploit

IDENTIFYING RISKS AND THREATS TO IAS
Unpatched Software

31
New cards

Often rely on easily guessed passwords or other easily compromised factors, such as security questions. Inadequate password policies and lack of multi-factor authentication can lead to unauthorized access

IDENTIFYING RISKS AND THREATS TO IAS
Weak Authentication

32
New cards

These are weaknesses in the design or implementation of mobile devices that can be exploited by attackers to gain unauthorized access to the device or its data

IDENTIFYING RISKS AND THREATS TO IAS
Mobile Device Vulnerabilities

33
New cards

Weaknesses in the design or implementation of IoT devices that can be exploited by attackers to gain unauthorized access to the device or its data.

IDENTIFYING RISKS AND THREATS TO IAS
IoT Vulnerabilities

34
New cards

The potential for harm that can come from using social media platforms

IDENTIFYING RISKS AND THREATS TO IAS
Social media risks

35
New cards

Software developers need to understand the _____________ for IAS activities in order to develop effective solutions.

CHALLENGES FACED BY SOFTWARE DEVELOPERS
Understanding the business

36
New cards

IAS technologies are constantly evolving, so software developers need to _______________ in order to develop effective solutions.

CHALLENGES FACED BY SOFTWARE DEVELOPERS
Staying up-to-date on the latest technologies

37
New cards

IAS solutions need to meet a variety of __________. Software developers need to be aware of these requirements and develop solutions that meet them

CHALLENGES FACED BY SOFTWARE DEVELOPERS
Meeting compliance requirements

38
New cards

IAS solutions can introduce new risks to an organization, such as security breaches and compliance violations. Software developers need to ______ by employing appropriate security controls in the software

CHALLENGES FACED BY SOFTWARE DEVELOPERS
Managing risks

39
New cards

IAS activities can be complex and require a deep understanding of the underlying technologies

CHALLENGES FACED BY ADMINS
Complexity

40
New cards

IAS activities often involve sensitive data, which requires strong _____ measures to protect it from unauthorized access.

CHALLENGES FACED BY ADMINS
Security

41
New cards

IAS activities need to have ______ to meet the needs of a growing business.

CHALLENGES FACED BY ADMINS
Scalability

42
New cards

IAS activities need to comply with a variety of laws and regulations.

CHALLENGES FACED BY ADMINS
Compliance

43
New cards

IAS activities can be costly to implement and maintain

CHALLENGES FACED BY ADMINS
Costs