Vulnerability
--> Vulnerability is weakness in the system that can be used to compromise its security.
--> It can be hardware or software or human weakness that can be exploited.
--> It may be service running on the system,unpatched operating system or applications, Open Ports on Firewall, Unrestricted physical access to enter into server room.
Threat
--> Threat is the potential danger associated with getting benefit from vulnerability.
--> Threat Agent is the one who takes the advantage of Vulnerability. It can be the hacker or company or employee who can access into the network via open ports.
Risk
--> Risk is likelihood of a threat agent getting benefit from vulnerability and corresponding business impact.
--> If a firewall is having so many ports open, then there is higher chance of risk the hacker can use it to enter into the network.
Counter Measure
--> Counter Measure is a safe guard that protects from vulnerability.
--> It can be hardware device or software or configuration or procedure.
--> Examples of Counter Measure include Firewalls,IPS,Strong Password, Policy,Encryption and Security Awareness Training.
Reference : CISSP All in one Guide by Shon Harris
--> Vulnerability is weakness in the system that can be used to compromise its security.
--> It can be hardware or software or human weakness that can be exploited.
--> It may be service running on the system,unpatched operating system or applications, Open Ports on Firewall, Unrestricted physical access to enter into server room.
Threat
--> Threat is the potential danger associated with getting benefit from vulnerability.
--> Threat Agent is the one who takes the advantage of Vulnerability. It can be the hacker or company or employee who can access into the network via open ports.
Risk
--> Risk is likelihood of a threat agent getting benefit from vulnerability and corresponding business impact.
--> If a firewall is having so many ports open, then there is higher chance of risk the hacker can use it to enter into the network.
Counter Measure
--> Counter Measure is a safe guard that protects from vulnerability.
--> It can be hardware device or software or configuration or procedure.
--> Examples of Counter Measure include Firewalls,IPS,Strong Password, Policy,Encryption and Security Awareness Training.
Reference : CISSP All in one Guide by Shon Harris
0 comments:
Post a Comment