Security Terminology

Accept

Anything that is valuable to organization (that is to be protected)
Can include Property, People, and information/data that have value to the company
Proprietary information or trade secrets and the reputation of the company
Company records, client information, proprietary software and so on

Vulnerability

⦁ Weakness which allows attacker to reduce the security assurance
⦁ Vulnerability can be found in

Protocols
OS
Application
System Design

Security Terminology (Cont.)

Threat

⦁ Event which causes damage to systems, exploiting a vulnerbility
⦁ Physical (Fire, water, Earthquake)
⦁ Malicious code (cirus, Trojan, Malware)
⦁ Phishing & social Engineering

RISK
⦁ The Probability of a threat or event to happen
⦁ Potential to unauthorized access to asset
⦁ Potential to compromise of asset
⦁ Potential to destruction/damage of asset

Primary Goal of Network Security

Network security objectives usually involve three basic concepts:
⦁ Confidentially
⦁ Integrity
⦁ Availability
⦁ Also knnow as the CIA triad, is a model of designed to guide policies for the information security within an organization

Confidentiality
⦁ Only the authorized individuals/ system can view sensitive or classified information
⦁ Unauthorized individuals should not have any type of access to the data
⦁ Protect that data is to encrypt it before sending it.

Integrity
⦁ Changes made to data are done only by authorized individuals/ system
⦁ Corruption of data is failure to maintain data integrity
⦁ include file permissions and user access controls

Scalability
⦁ If the network or its data is not available to authorized users
⦁ Because of a Network issue or Denial-of-services (DoS) attack
⦁ The impact may be significant to companies and users who reply on that network as a business tool
⦁ The failure of a system, to included data, applications, devices and networks
⦁ Generally equates to loss of revenue

Network Security Basic

Leave a Comment Cancel Reply