A. The key security concepts involve the Confidentiality, Integrity, and Availability? Explain the differences among them and mention one practical example to each one? Are there any other concepts to involve to make the security concepts more rigorous? Explain how?
B. List the five most Computer Security Challenges?
C. Explain the difference between vulnerabilities, threats and attacks?
Answer of question A.
The key concept that confidenability,integrity and availability is called as CIA triad the main goal is needed to achieve information security
1.confidentiality
This is the protection of information from unauthorized access.this emphasizes the need of information protection.confidenability requires measure to ensure that the only authorized people are allowed to access the information.for example when the information is record of people personal activities like in case involving personal and financial information of the any customer of companies like google, amezon and like other big companies.and to guarentee confidiability under this need to controlled to prevent unauthorized access
2.integrity -the main goal of integrity where information is kept accurate and consistent unless authorized changes are made.the integrity maintained when the information remains unchanged during storage.for example banks are more concerned about the integrity of financial record.with confidiability having only second priority. Some depositer leves atm receipt unchecked and hanging around while withdrawing cash.this show confidiability does not highest priority instated the goal of integrity is information security in banking systems..
Availability-goal of availability is the situation where information is available when and where is rightly needed.it maintained when all component of the information.for system working properly.the problem contain that it impossible to access information so availability is linked to information security because to protect system components and to ensure the data is available.for example government generated online press release are involved.press generally for public cons8.the information should available for public.so confidiability is not of concern integrity is second priority to guarentee availability of information in press release govt ensure there website have minimal.backup are also used to ensure ability of public information.from the example you will get clear the diference.
Answer of b.
1.advanced thread
those thread that go the way around to pentatr system and server that stays for longer time without getting noticed by anybody.they are designed for specially for highly sensitive information fails to protect themselves from advanced thread attack.
2.Evaluation of ransomware
This type can be also get classified as one type of apt attack.where the malware can penetrates inside the system and it start to encrypt all your files slowly.for example in case of bitcoin because when all files on system get locked and it hard to track once payment is made a decryption key is provided by hacker,using all the data can decrypted back.where hacker can contain very bad mindset they take all demanded money.
3.serverless app
Serverless app is an application which depend on third party cloud and you can say also backend services such as Google cloud information or lambada.this app invites cyber attackers to spread threats on system easily because this application locally or off server on there devices.they are do nathing to keep the attackers away from data.this application doesn't help if an attacker gains access to data.
4.lot thread
It contain the internet of things.in this system irritates physical devices which can be accessible through internet. This connect physical devices containing the unique identifier and ability to transfer data over without any network .they were designed it it not considered in mind about in cyber security's .so every organization needs to work in cybersecurity professionals to ensure of there password policies and user verification.
5.AI expansion
It is area of computer science which is the creation of intelligence machine that to do work like human.some of activites are related to ai include speech recognition,learnings planning.the key benefit with ai is ability to protect and defend and environment when malicious attack begin.ai takes immediate action against the malicious attackers when thread impact on business.
Answer of questions c.
Vulnerability, thread and attacks are terms that are related to
cyber security. But organizations get there meaning confused.
Thread-thread is a like organization it defending itself
against.that has potential to cause damage where attack os
attempted to cause damage.thread to the information system doesn't
mean information damaged .
Valuability-this intentionally attacks on on computing resources and network persist for a number of reason.it could be weakness in the technology or in security policy.it must be addressed to migrate any thread that could advantage of valuability.
Attacks-an attack contain a action that exploits a valuability or enacts thread.for example attack include sending malicious input to an application.the attack can be contain intentionally.attacks on the information that might tobe damage.a security attack takes action against a target with intention that doing harm
Get Answers For Free
Most questions answered within 1 hours.