Criado por Bhagya Prasad
aproximadamente 11 anos atrás
|
||
Computer Security deals withPREVENTION - taking measures to prevent asset from being damagedDETECTION - taking measures to detect who, how and where caused the damage to the assetREACTION - taking measures to recover from the damaged assetIn general it also includes:CONFIDENTIALITY - prevent unauthorized disclosure of informationINTEGRITY - prevent unauthorized modification of informationAVAILABILITY - prevent unauthorized withholding of information/resourceauthentication, authorization, accountability,
CONFIDENTIALITY prevent unauthorized disclosure of informationprevent unauthorized reading of informationsecrecy - protection of personal informationprivacy - protection of company's information
INTEGRITY prevent unauthorized modification of informationprevent unauthorized writing of informationClark & Wilson (Internal Consistency) - No user even if authorized should be allowed to modify assets/account records of a company is lost or corruptedOrange Book (External Consistency) computerized data is same as the source document has not been exposed to accidental or malicious alteration or destruction
AVAILIBILITY prevent unauthorized witholding of information/resourceDenial of Servicethe prevention of authorised access of resources or the delaying of time-critical operations Distributed DDoS attack
Definitions
Quer criar suas próprias Notas gratuitas com a GoConqr? Saiba mais.