Threats to Information Security

avatar
Created by
Zach Tecson

Cards (6)

  • Weaknesses or gaps in a security program that can be exploited by threats to gain unauthorized access to an asset.
    Vulnerability
  • can be anything that can take advantage of a vulnerability to breach security and negatively alter, erase, harm object or objects of interest.
    Threat
  • Anything that can exploit a vulnerability, intentionally or accidentally, and obtain, damage, or destroy an asset.
    Threat
  • Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. Also, the potential for a threat-source to successfully exploit a particular information system vulnerability.
    Threat
  • An intentional or unintentional act that can cause damage to or otherwise compromise information and/or the systems that support it.
    Attack
  • Attacks can be active or passive, intentional or unintentional, and direct or indirect. A direct attack is a hacker using a personal computer to break into a system. An indirect attack is a hacker compromising a system and using it to attack other systems