Incident Response Terms in Cyber Security

Threat: Definition: A potential for harm to information or systems. Example: Malware, hacking attempts, or social engineering attacks. ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Vulnerability: Definition: A weakness in a system or process that could be exploited. Example: Unpatched software, misconfigured settings, or weak passwords. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Asset: Definition: Any information or resource that needs protection (e.g., data, hardware, software). Example: Customer databases, servers, intellectual property. ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Exposure: Definition: The extent to which an asset is vulnerable to threats. Example: An unsecured server accessible from the internet. -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Breach: Definition: Unauthorized access to or disclosure of information. Example: Data breach where sensitive information is accessed without authorization. --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Exploit: Definition: Taking advantage of a vulnerability to gain unauthorized access or cause harm. Example: Using a software flaw to execute malicious code on a system. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Incident: Definition: Any event that could potentially compromise security. Example: A security alert triggered by suspicious network activity. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Intrusion: Definition: Unauthorized access to a system or network. Example: A hacker gaining unauthorized entry into a company's network.
Security Controls:
These controls safeguard information and systems through different approaches: Physical Controls: Limit physical access to systems and data (e.g., security badges, locked doors). Logical Controls: Implement software-based measures to restrict access and protect information (e.g., passwords, firewalls, encryption). Administrative Controls: Policies, procedures, and guidelines for secure behavior and system usage (e.g., password policies, data security protocols). 4. Security Controls by Type:
 Controls can also be categorized based on their primary function: Preventive Controls: Aim to stop security incidents from happening in the first place (e.g., firewalls, strong passwords). Detective Controls: Help identify security incidents that have already occurred (e.g., intrusion detection systems, log monitoring). Corrective Controls: Aim to recover from security incidents and minimize damage (e.g., data backups, incident response procedures).

Comments

Post a Comment

Popular posts from this blog

Computer Architecture vs Computer Organization

Computer Architecture: Definition: Computer architecture is the conceptual design and fundamental operational structure of a computer system. It defines the way in which the various hardware and software components work together to form a complete computer system. Focus: It primarily deals with high-level design decisions, such as the instruction set architecture (ISA), the organization of memory, and the design of the CPU. It is concerned with the interface between the hardware and the software. Example: An example of a computer architecture decision is the choice of a specific instruction set (e.g., x86, ARM) and the design of the system's memory hierarchy. Goal: The primary goal of computer architecture is to provide a framework for building efficient and effective computer systems that meet the performance, power, and cost requirements of various applications. Computer Organization: Definition: Computer organization is more specific and deals with the low-level details of t
Read more