Information Security Essay

†¢What is the difference between a threat agent and a threat? Threat and Threat agent is on page 11. †¢What is the difference between vulnerability and exposure? Exposure page 10. Vunerability page 11. †¢How has the definition of â€Å"hack† evolved over the last 30 years? †¢What type of security was dominant in the early years of computing? Secure physical locations, hardware, and software from threats. Means of badges, keys, and facial recognition by security guards. †¢What are the three components of the C.I.A. triangle? What are they used for? Confidentiality, integrity, availability. Confidentiality page 13. Integrity page 13(bottom) and 14. Availability page 12. †¢Among the five components of an information systems, which are most directly affected by the study of computer security? People I believe †¢What paper is the foundation of all subsequent studies of computer security? It began with Rand Report R-609, sponsored by the Department of Defense, which attempted to define multiple controls and mechanisms necessary for the protection of a multilevel computer system. Page 5 and 6 for more on rand. †¢Who is involved in the security development life cycle? Who leads the process? Senior executive: Champion leads the process. Page 30 shows all of them. †¢Who is ultimately responsible for the security of information in the organization? Chief information security officer page 29 at bottom †¢What is the relationship between the MULTICS project and early development of computer security? †¢What was important about Rand Report R-609? †¢Who decides how and when data in an organization will be used or controlled? Who is responsible for seeing these wishes are carried out? †¢Who should lead a security team? Should the approach to security be more managerial or technical?