Security
Essay by 24 • November 16, 2010 • 792 Words (4 Pages) • 6,069 Views
2. What is the difference between vulnerability and exposure?
Vulnerability is a weakness or a fault within the system, such as software package flaws, unlocked doors, or an unprotected system port. Vulnerability leaves things open to an attack or damage. Exposure on the other hand, is a single instance when the system is open to damage. Vulnerabilities (weaknesses) can in turn be the cause of exposure (system open for attack).
4. What type of security was dominant in the early years of computing?
Security, in its earliest years, consisted of mainly physical security, the need to safeguard the equipment itself. During the next decade, when ARPANET grew in use, more advanced security was needed. This led to the creation of MULTICS, an operating system with security being its main concern. From MULTICS spawned the UNIX operating system which did not require the same in-depth levels of security. In the early 1970's the password function was implemented as one of the first security measures. As computers and networking became more wide spread, during the 1990's, some security measures were implemented though they were seen as a low priority. Because of the lack of security in the start, we now have many of the problems that exist today.
6. If the C.I.A. triangle is incomplete, why is it so commonly used in security?
The C.I.A. triangle is the industry standard for computer security. It has existed since the development of the mainframe. Because it is the industry standard it is still used today because it's characteristics; confidentiality, integrity, and availability are still just as important in today's society. However, it no longer addresses the full breadth of security concerns faced today, so it instead serves as a foundation for a more advanced system, known as the expanded C.I.A. triangle.
8. Identify the five components of an information system. Which are most directly impacted by the study of computer security? Which are most commonly associated with its study?
There are actually six components of an information system. They are: software, hardware, data, people, procedures, and networks. All six of these components
are impacted by the study of computer security. A flaw or an oversight in any
one of the areas could lead to vulnerabilities or exposure. The components most associated with the study of information security are, when viewed as a science, hardware and software and when viewed as a social science, people.
10. What paper is the foundation of all subsequent studies of computer security?
The Rand Report R-609, sponsored by the Department of Defense, is today referred to as "the paper that started the study of computer security". It was the first widely recognized published document to address the issues of information systems security and
...
...