ISYS 210 Study Guide - Adware, Spyware, Database Administrator

A security threat is a problem with the security of an information system or the data therein and sources include human error and mistakes, malicious human activity, and natural events and disasters. Security problems include unauthorized data disclosure, incorrect data modification, faulty service, denial of service, and loss of infrastructure. A phishing attack is one where a person pretends to be a legitimate company and sends an email requesting confidential data, such as account numbers, social security numbers, or account passwords. Technical safeguards involve the hardware and software components of an information system and include identification and authorization, encryption, firewalls, malware protection, and application design. Data safeguards involve the data component of an information system and include data rights and responsibilities, passwords, encryption, backup and recovery, and physical security. Human safeguards involve the procedures and people components of an information system and include hiring, training, education, procedure design, administration, assessment, compliance, and accountability.