Incident Response Terms in Cyber Security

Threat: Definition: A potential for harm to information or systems. Example: Malware, hacking attempts, or social engineering attacks. ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Vulnerability: Definition: A weakness in a system or process that could be exploited. Example: Unpatched software, misconfigured settings, or weak passwords. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Asset: Definition: Any information or resource that needs protection (e.g., data, hardware, software). Example: Customer databases, servers, intellectual property. ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Exposure: Definition: The extent to which an asset is vulnerable to threats. Example: An unsecured server accessible from the internet. -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Breach: Definition: Unauthorized access to or disclosure of information. Example: Data breach where sensitive information is accessed without authorization. --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Exploit: Definition: Taking advantage of a vulnerability to gain unauthorized access or cause harm. Example: Using a software flaw to execute malicious code on a system. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Incident: Definition: Any event that could potentially compromise security. Example: A security alert triggered by suspicious network activity. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Intrusion: Definition: Unauthorized access to a system or network. Example: A hacker gaining unauthorized entry into a company's network.
Security Controls:
These controls safeguard information and systems through different approaches: Physical Controls: Limit physical access to systems and data (e.g., security badges, locked doors). Logical Controls: Implement software-based measures to restrict access and protect information (e.g., passwords, firewalls, encryption). Administrative Controls: Policies, procedures, and guidelines for secure behavior and system usage (e.g., password policies, data security protocols). 4. Security Controls by Type:
 Controls can also be categorized based on their primary function: Preventive Controls: Aim to stop security incidents from happening in the first place (e.g., firewalls, strong passwords). Detective Controls: Help identify security incidents that have already occurred (e.g., intrusion detection systems, log monitoring). Corrective Controls: Aim to recover from security incidents and minimize damage (e.g., data backups, incident response procedures).

Comments

Post a Comment

Popular posts from this blog

Computer Architecture vs Computer Organization

Computer Architecture: Definition: Computer architecture is the conceptual design and fundamental operational structure of a computer system. It defines the way in which the various hardware and software components work together to form a complete computer system. Focus: It primarily deals with high-level design decisions, such as the instruction set architecture (ISA), the organization of memory, and the design of the CPU. It is concerned with the interface between the hardware and the software. Example: An example of a computer architecture decision is the choice of a specific instruction set (e.g., x86, ARM) and the design of the system's memory hierarchy. Goal: The primary goal of computer architecture is to provide a framework for building efficient and effective computer systems that meet the performance, power, and cost requirements of various applications. Computer Organization: Definition: Computer organization is more specific and deals with the low-level details of t...
Read more

Memory Mapping (Good fit, bad fit, worst fit) and their Comparison

Memory mapping refers to the technique of managing computer memory by dividing it into fixed-sized blocks and mapping logical addresses to physical addresses. When discussing memory allocation strategies like good fit, bad fit, and worst fit, we are typically referring to how free memory blocks are selected to satisfy a memory allocation request. These strategies are commonly used in memory management systems to optimize the use of available memory. Here's a brief overview of each: Best Fit: Good Fit: Best fit involves selecting the smallest available block of memory that is large enough to satisfy a memory request. This is considered a "good fit" because it minimizes wasted memory by choosing the block that best matches the size of the requested memory. However, it may lead to fragmentation over time, as small gaps between allocated blocks can accumulate. First Fit: Good Fit: First fit involves allocating the first available block of memory that is large enough to sat...
Read more