expand for answer

Attack

Attempt to gain unauthorized access to an information system’s services, resources, or information, or the attempt to compromise an information system’s integrity, availability, or confidentiality. The exploitation of a vulnerability by a threat agent.


Similar items:
Possibility that a particular threat will adversely impact an information system by exploiting a particular vulnerability. The likelihood that any specific threat will exploit a specific vulnerability to cause harm to an asset. Risk is an assessment of probability, possibility, or chance. Risk = threat - vulnerability. The probability that a particular security threat will exploit a particular vulnerability.
[view]
A program used to detect weaknesses within an organization. Vulnerability scans and vulnerability assessments are two common elements of a vulnerability management program. Vulnerability scans are technical scans performed regularly, and vulnerability assessments are normally combined with a risk assessment.
[view]
Security commensurate with the risk and magnitude of harm resulting from the loss, misuse, or unauthorized access to or modification of information. This includes assuring that information systems operate effectively and provide appropriate confidentiality, integrity, and availability, through the use of costeffective management, personnel, operational, and technical controls. (OMB Circular A130)Security commensurate with the risk and magnitude of the harm resulting from the loss, misuse, or unauthorized access to or modification of information. This includes assuring that systems and applications operate effectively and provide appropriate confidentiality, integrity, and availability, through the use of costeffective management, acquisition, development, installation, operational, and technical controls.
[view]
Either (1) intent and method targeted at the intentional exploitation of a vulnerability or (2) the situation and method that may accidentally trigger a vulnerability.
[view]
An information security "exposure" is a system configuration issue or a mistake in software that allows access to information or capabilities that can be used by a hacker as a steppingstone into a system or network. The condition of being exposed to asset loss because of a threat. Exposure involves being susceptible to the exploitation of a vulnerability by a threat agent or event. The potential loss to an area due to the occurrence of an adverse event.
[view]


There are no comments yet.

Authentication required

You must log in to post a comment.

Log in