Scribd Logo
Upload

Welcome to Scribd!

  • Worksheet On Information Security

    Uploaded by

    Grace O. Yanson
    12 views2 pages
    1. The document discusses key information security terminology like integrity, confidentiality, availability, assets, threats, threat agents, vulnerabilities, threat vectors, threat likelihood, and risk. 2. An example of an asset is Joe's scooter, and a threat is someone stealing it. A threat agent is a thief exploiting the vulnerability of a hole in the apartment fence to carry out the threat via that threat vector. 3. The document tests the reader's understanding by having them identify examples of these terms and suggesting options for Joe to address the risk of his scooter being stolen given the threat.

    Original Description:

    This is a worksheet for the topic Information security.

    Original Title

    Worksheet on Information Security

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    1. The document discusses key information security terminology like integrity, confidentiality, availability, assets, threats, threat agents, vulnerabilities, threat vectors, threat likelihood, and risk. 2. An example of an asset is Joe's scooter, and a threat is someone stealing it. A threat agent is a thief exploiting the vulnerability of a hole in the apartment fence to carry out the threat via that threat vector. 3. The document tests the reader's understanding by having them identify examples of these terms and suggesting options for Joe to address the risk of his scooter being stolen given the threat.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views2 pages

    Worksheet On Information Security

    Uploaded by

    Grace O. Yanson
    1. The document discusses key information security terminology like integrity, confidentiality, availability, assets, threats, threat agents, vulnerabilities, threat vectors, threat likelihood, and risk. 2. An example of an asset is Joe's scooter, and a threat is someone stealing it. A threat agent is a thief exploiting the vulnerability of a hole in the apartment fence to carry out the threat via that threat vector. 3. The document tests the reader's understanding by having them identify examples of these terms and suggesting options for Joe to address the risk of his scooter being stolen given the threat.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    WORKSHEET # 4: INFORMATION SECURITY TERMINOLOGY

    NAME: SCORE: / 40
    DATE:

    Read carefully the following scenario to assist you in the understanding information security terms and how they are used. Also, there are questions integrated in the reading,
    answer them concisely. (2 points each)

    Information security involves both the goals and processes. It is defined as that which protects the integrity, confidentiality and availability of information on the
    devices that store, manipulate and transmit the information through products, people and procedures. Analyse the differences of the integrity, confidentiality and availability
    Write I for Integrity, C for confidentiality and A for availability on the following examples:

    ____ 1. In the context of computer systems, it refers to methods of ensuring that data is real, accurate and safeguarded from unauthorized user modification.

    ____ 2. In the context of computer systems, it allows authorized users to access sensitive and protected data. Specific mechanisms ensure confidentiality and
    safeguard data from harmful intruders.

    ____ 3. In the context of a computer system, it refers to the ability of a user to access information or resources in a specified location and in the correct format.

    Suppose that Joe wants to purchase a new motorized scooter to ride from his apartment to school and work. However, because several scooters have been stolen
    near his apartment he is concerned about its protection. Although he parks the scooter in the gated parking lot in front of his apartment, a hole in the fence surrounding the
    apartment complex makes it possible for someone to access the parking lot without permission.

    Joe’s new scooter is an asset, which is defined as an item that has value. What Joe is trying to protect her scooter from is a threat, which is a type of action that has
    the potential to cause harm. Information security threats are events or actions that represent a danger to information assets. The following are examples of information
    asset (a.) information about on-board projects such as requirements, plans and design that contribute to company’s competitive advantage (b.) video that is used to generate
    brand awareness (c.) data about customers and prospective customers. Identify the two elements of information asset:

    4. ______________________________________________________________________________________________________

    5. ______________________________________________________________________________________________________

    A threat by itself does not mean that security has been compromised rather, it simple means that the potential for creating a loss is real. A threat agent is a person or
    element that has the power to carry out a threat. For Joe the threat agent is a thief. In information security, a threat agent could be a person attempting to break into a secure
    computer network. It could also be a force of nature such as hurricane that could destroy computer equipment and thus destroy information, or it could be a malicious software
    that attacks the computer network. What are the three types of threat agent?

    6. ______________________________________________________________________________________________________

    7. ______________________________________________________________________________________________________

    8. ______________________________________________________________________________________________________

    Joe wants to protect her scooter and is concerned about a hole in the fencing around his apartment. The hole in the fencing is a vulnerability, which is flaw or
    weaknesses that allows a threat agent to bypass security. If a thief can get to Joe’s scooter because of the hole in the fence. Then the thief is taking advantage of the
    vulnerability. This is known as exploiting the vulnerability through a threat vector, or the means by which an attack can occur. Cite two (2) examples of computer attack.
    9. ______________________________________________________________________________________________________

    10. ______________________________________________________________________________________________________

    11. ______________________________________________________________________________________________________

    Joe must make a decision: “What is the probability (threat likelihood) that the threat will come to reality and his scooter stolen?” This can be understood in terms of
    risk. A risk is a situation that involves exposure to some type of danger *4. Cite toptions that Joe could take regarding the risk of his scooter being stolen.

    12. ______________________________________________________________________________________________________

    13. ______________________________________________________________________________________________________

    Summary of the Information security terms.

    Information Security Component Example in Joe’s Scenario Example in information security


    Asset Scooter 14.
    Threat Steal scooter 15.
    Threat agent Thief 16.
    Vulnerability Hole in fence 17.
    Threat vector Climb through the hole in fence 18.
    Threat likelihood Probability of scooter stolen 19.
    Risk Not purchase scooter 20.

    Prepared by:

    Ms. Grace O. Yanson / 02/18/2020

    You might also like