Vulnerability is a weakness or a fault within the system, such as software package flaws, unlocked doors, or an unprotected system port. Vulnerability leaves things open to an attack or damage. Exposure on the other hand, is a single instance when the system is open to damage. Vulnerabilities (weaknesses) can in turn be the cause of exposure (system open for attack).
4. What type of security was dominant in the early years of computing?
Security, in its earliest years, consisted of mainly physical security, the need to safeguard the equipment itself. During the next decade, when ARPANET grew in use, more advanced security was needed. This led to the creation of MULTICS, an operating system with security being its main concern. From MULTICS spawned the UNIX operating system which did not require the same in-depth levels of security. In the early 1970's the password function was implemented as one of the first security measures. As computers and networking became more wide spread, during the 1990's, some security measures were implemented though they were seen as a low priority. Because of the lack of security in the start, we now have many of the problems that exist today.
6. If the C.I.A. triangle is incomplete, why is it so commonly used in security?
The C.I.A. triangle is the industry standard for computer security. It has existed since the development of the mainframe. Because it is the industry standard it is still used today because it's characteristics; confidentiality, integrity, and availability are still just as important in today's society. However, it no longer addresses the full breadth of security concerns faced today, so it instead serves as a foundation for a more advanced system, known as the expanded C.I.A. triangle.
8. Identify the five components of an information system. Which are most directly impacted by the study of computer security? Which are...