10 terms

CIA Triad

Information security seeks to protect three specific elements, or principles; confidentiality, integrity, and availability.
STUDY
PLAY
confidentiality
fundamental principle of keeping information and communications private and protection them from unauthorized access. KEEPING SECRETS
integrity
the property of keeping organization information accurate without error and without unauthorized modifications. KEEPING INFORMATION ACCURATE
availability
the fundamental principles of ensuring that systems operate continuously and that unauthorized persons can access data that they need.SYSTEM OPERATE AUTHORIZED PERSONS CAN ACCESS DATA
non-repudiation
goal of ensuring that the party that sent a transmission or created data remains associated with that data. you should be able to independently verify the identity of a message sender and the sender should be responsible for the message and its data.
threat
any event or action that could potentially result in the violation of a security policy or procedure.
vulnerabilities
is any condition that leaves a system open to attack
risk
is a concept that indicate exposure to the change of damage or loss. it signifies the likelihood of a hazard or dangerous threat occurring. in information security, risk is often associated with loss of system, power or network and other physical losses.
Confidentiality systems
User accounts, file permissions, access control lists, data encryption, privacy policies...
Integrity systems
File hashes and checksums, digital signatures, encryption, and so forth
Availability systems
Backups, server clusters, cloud computing, RAID drives, failover network links, backup power supplies, and so forth