IAS2

Cards (14)

  • Information Assurance - The practice of assuring information and managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes.
  • Five Pillars of Information Assurance
    1. Availability
    2. Integrity
    3. Authentication
    4. Confidentiality
    5. Non-Repudiation
  • Information Security - Is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
  • CIA TRIAD
    1. Confidentiality
    2. Integrity
    3. Availabilty
  • Common Security Risks
    1. Physical Security Risks
    2. Insider Threats
    3. Cybersecurity Risks
    4. Social Engineering Attacks
  • PHYSICAL SECURITY RISKS
    1. Tailgating
    2. Theft of Documents
    3. Unaccounted visitors
    4. Stolen Identification
  • Cybersecurity risk - is the probability of exposure or loss resulting from a cyber-attack or data breach on your organization
  • Stolen Identification - An access control system only works if everyone uses their own identification
  • Unaccounted visitors - If you don’t know who is or was in your workplace at a specific time, it is impossible to keep a high level of physical security.
  • Theft of Documents - Offices are likely to have papers and documents lying around in many places, from desks to printer stations.
  • Tailgating - is when an unauthorized person follows an authorized person into a secure area.
  • Insider threats - refer to the risks posed by individuals within an organization who misuse their access privileges to compromise security.
  • Social engineering attacks - exploit human psychology to manipulate individuals into revealing sensitive information or performing actions against their best interests.
  • Physical security risks - involve potential threats to the physical assets of an organization, such as theft, vandalism, or unauthorized access.