Question Describe information security threats with its solutions Security Threats, Attacks, and Vulnerabilities
Information is the key asset in most organizations. Companies gain a competitive advantage by knowing how to use that information. The threat comes from others who would like to acquire the information or limit business opportunities by interfering with normal business processes. The object of security is to protect valuable or sensitive organizational information while making it readily available. Attackers trying to harm a system or disrupt normal business operations exploit vulnerabilities by using various techniques, methods, and tools. System administrators need to understand the various aspects of security to develop measures and policies to protect assets and limit their vulnerabilities. Attackers generally have motives or goals—for example, to disrupt normal business operations or steal information. To achieve these motives or goals, they use various methods, tools, and techniques to exploit vulnerabilities in a computer system or security policy and controls. Goal + Method + Vulnerabilities = Attack. These aspects will be discussed in more detail later in this section. Security Threats
Figure 1 introduces a layout that can be used to break up security threats into different areas. [pic]
Computer security means to protect information. It deals with the prevention and detection of unauthorized actions by users of a computer. Lately it has been extended to include privacy, confidentiality, and integrity |threats | |Features/description | |Prevention /solutions | | | |1.Natural Disasters | |Nobody can stop nature from taking its course. Earthquakes, hurricanes, floods, lightning, and fire can cause severe damage to computer systems. Information can be | |lost, downtime or loss of productivity can occur, and damage to hardware can disrupt other essential services. Few safeguards can be implemented against natural | |disasters. | |The best approach is to have disaster recovery plans and contingency plans in place. Other threats such as riots, wars, and terrorist attacks could be included here. | |Although they are human-caused threats, they are classified as disastrous | | | |2. Human Threats | |Malicious threats consist of inside attacks by disgruntled or malicious employees and outside attacks by non-employees just looking to harm and disrupt an | |organization. | |The most dangerous attackers are usually insiders (or former...