IT 321

Created by

Nick

Cards (70)

Confidentiality - preserving authorized restrictions and disclosure
Integrity - guarding against improper information
Availability - timely and reliable access
Personally Identifiable Information - information used to identify a person
1960 - password protection
1970 - creeper to reaper
Ray Tomlinson - the man who invented email
1980 - internet goes mad
Morris worm - bug that copies itself
1990 - rise of firewalls
2000 - proper punishment
2010 - era of major breaches
Edward Snowden - leaked NSA, spying on the public
2013 - Yahoo, fined $35M
2017 - Wannacry - first ransomware
Data Leakage - gain access to sensitive data
Malware and Spyware - third party apps
Compromised Passwords - reusing same password on different accounts
Outdated OS - leads to security vulnerability
Social Engineering and Phishing - sends fake emails
Encryption Gaps - end to end encryption
Information Assurance - safeguards the integrity of data used by individuals
Assurance - degree of confidence needs of system
March 2021 - chinese hackers broke into Microsoft exchange server and stole 250,000 emails
IT Pearl Labor - 2020, solarwinds
Reduce information risk - goal of information assurance
Risk Management - identify vulnerabilities and potential impact
Encryption at rest and in transit - end to end encryption
Data Integrity - auditing data collection
Strategy - develop governance, risk and compliance
Design - design GRC programs and models
Implementation - implement process, controls and technology
Operations - mitigate exposures through continuos enforcement of policies
Non - repudation - someone can't deny the validity
Authentication - process of determining declares itself to
Information Security - covers tools that organizations used to protect information
Cybersecurity - addresses technology related threats
Information Security Policy - set of rules using IT assets
Unsecure - lead to compromises
Social Media Attacks - spreading malware via social media