Information Security Essay

865 Words4 Pages
1. What is the difference between a threat agent and a threat?
A threat agent is the facilitator of an attack however; a threat is a constant danger to an asset.
2. What is the difference between vulnerability and exposure?
The differences are: vulnerability is a fault within the system, such as software package flaws, unlocked doors or an unprotected system port. It leaves things open to an attack or damage. Exposure is a single instance when a system is open to damage. Vulnerabilities can in turn be the cause of exposure.
3. How is infrastructure protection (assuring the security of utility services) related to information security? Information security is the protection of information and it is critical elements, including the
…show more content…
8. Identify the six components of an information system. Which are most directly affected by the study of computer security? Which are most commonly associated with its study? The six components are: Software, Hardware, Data, People, Procedures, and network. If there is a flaw or oversight in any of category it could lead to exposure and or vulnerabilities. The components most associated with the study of information security are: hardware and software when it views as science also people when it view as social science.
9. What system is the father of almost all modern multiuser systems? Mainframe computer systems
10. Which paper is the foundation of all subsequent studies of computer security? The foundation of all subsequent studies of computer security is the Rand Report R-609.
11. Why is the top-down approach to information security superior to the bottom-up approach? Top down has strong upper management support, dedicated funding, clear planning and the opportunity to influence organizations culture, whereas Bottom up lacks a number of critical features such as participant support and organizational staying power.
12. Why is a methodology important in the implementation of information security? How does a methodology improve the process? A formal methodology ensures a rigorous process and avoids missing steps.
13. Which members of an organization are

More about Information Security Essay

Get Access