Computer Security - Exam II

  1. logical security
    physical security
    premises security
    three elements of information system (IS) security
  2. logical security
    protects computer-based data from software-based and communication-based threats
  3. physical security (infrastructure security)
    protects the information systems that contain data and the people who use, operate, and maintain the systems and prevent any type of physical access or intrusion
  4. premises security (corporate or facilities security)
    protects the people and property within an entire area, facility, or building(s), and is usually required by laws
  5. information system hardware
    includes data processing and storage equipment, transmission and networking facilities, and offline storage media
  6. physical facility
    the buildings and other structurs housing the system and network components
  7. supportingĀ  facilities
    facilities that underpin the operation of the information system - includes electrical power, communication services, and environmental controls (heat, humidity, etc.)
  8. personnel
    humans involved in the control, maintenance, and use of the information systems
  9. environmental threats
    technical threats
    human-caused threats
    three categories of threats
  10. tornado
    ice storm/blizzard
    categories of natural disasters
  11. natural disasters
    inappropriate temperature and humidity
    fire and smoke
    water damage
    chemical, radiological, and biological hazards
    types of environmental threats
  12. environmental threats
    category that encompasses conditions in the environment that can damage or interrupt the service of information systems and the data they contain
  13. technical threats
    category that encompases threats related to electrical power and electromanetic emission
  14. electrical power - under/overvoltage, noise
    electromagnetic interference
    types of technical threats
  15. undervoltage
    condition that occurs when the IS equipment receives less voltage than is required for normal operation - ex: dip in power supply, brownouts (prolonged), & outages
  16. overvoltage
    surge of voltageĀ - damage is a function of intensity and duration
  17. noise
    spurius signals that can endure through the filtering circuitry of the power supply and interfere with signals inside electronic devices, causing logical errors
  18. electromagnetic interference
    electrical noise that can cause intermittent problems with the computer you are using - or high-intensity emissions from nearby commercial radio stations & microwave relay antennas
  19. unauthorized physical access, theft, vandalism, misuse
    categories of human-caused physical threats
  20. unauthorized physical access
    those without the proper authorizationĀ are allowed access to certain portions of a building or complex, and can lead to other threats
  21. theft - also includes theft of equipment & theft of data by copying
    security threat that includes eavesdropping and wiretapping
  22. vandalism
    threat that includes destruction of equipment and data
  23. misuse
    threat that includes improper use of resources by those who are authorized to use them, as well as use of resources by individuals not aurhorized to use the resources at all
  24. Personal Identity Verification
  25. access control subsystem
    includes components responsible for determining a particular PIV cardholder's access to a physical or logical resource
  26. PIV frond end subsystem
    supports up to three-factor authentication:

    • some confidence - use of card reader & PIN
    • high confidence - adds biometric comparison of fingerprint
    • very high confidence - adds official observer
  27. Card Holder Unique Identifier
  28. CHUID (Card Holder Unique Identifier)
    takes authentication to a new level and includes an expiration date and optional digital signature in addition to the typical card number/facility code encoded on most access control cards
  29. biometric authentication (BIO)
    authentication implemented by using a fingerprint or iris data object sent from the PIV card to the PACS
  30. Physical Access Control System
  31. attended biometric authentication (BIO-A)
    authentication mechanism that uses BIO authentication but also uses an attendant to supervise the use of the PIV card and submission of the PIN and the sample biometric by the cardholder
  32. PIV authentication key (PKI)
    two-factor authentication that requires the cardholder to enter a PIN to unlock the card in order to successfully authenticate
  33. card authentication key (CAK)
    an optional key that may be present on any PIV card used to authenticate the card and therefore its possessor - may be used on contactless or contact interface, and does not require PIN entry
  34. visual (VIS)
    cardholder unique identifier (CHUID)
    biometric (BIO)
    attended biometric (BIO-A)
    PIV authentication key (PKI)
    card authentication key (CAK)
    authentication mechanisms
  35. visual (VIS)
    authentication done by a human guard - checking to see that the PIV card looks genuine and compares cardholder's facial features to those on the card, checks expiration, etc.
  36. 1.unrestricted
    2. controlled
    3. limited
    4. exclusion
    degrees of security and control for protected areas
  37. untrestricted
    an area of a facility that has no security interest
  38. controlled
    that portion of a restricted area usually near or surrounding a limited or exclusion area - restricted to personnel with a need for access
  39. limited
    restricted area within close proximity of a security interest
  40. exclusion
    a restricted area containing a security interest
Card Set
Computer Security - Exam II
Physical and Infrastructure Security