ICT 351 Study Guide - Spring 2019, Comprehensive Final Exam Notes - Malware, Internet, Spyware

For risk to happen you need both: A big portion about security is trying to minimize the risk of an attack. A set of external circumstances that can exploit a vulnerability. Ex: the existence of a particular vulnerability combined with a threat constitute a risk to the system. A weakness in the system that can be exploited by attackers to bypass the standard security mechanism. Risk: only when a threat and vulnerability coexist. Tracing back to the source(s) of the attack. A software patch is a device that fixes vulnerability. As soon as a patch is available, you want to apply it as soon as possible. The larger the time frame, the higher the opportunity for hackers. Users take too long to apply the patch. Difficulties in defending against attacks (know 2 for quiz) Delays in fixing software flaws and vulnerabilities. To identify and deal with potential threats, several actions may be performed: