Posts

information security-4

Image

Information Security-3

Image
CVE
Common Vulnerabilities and Exposures (CVE) is a dictionary-type list of standardized names for vulnerabilities and other information related to security exposures. CVE aims to standardize the names for all publicly known vulnerabilities and security exposures.


https://cve.mitre.org/

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.

https://nvd.nist.gov/

Informaton Security-2

Image
Cost benefit analysis in information security Traditionally, the decision of which risks to address and which to accept was done using a cost-benefit analysis, a process of assigning cost to each possible loss, determining the cost of defending against it, determining the probability that the loss will occur, and then determining if the cost of defending against .
Threats are events or conditions that exist within the operational environment and attack the safety performance of the crew. The two forms of threat described in the model are: (a) Latent Threat – Not obvious to the flight crew and generally hidden within the system Realized Threat - A vulnerability is that quality of a resource or its environment that allows the threat to be realized. An armed bank robber is an example of a threat. R=CxTxV=

Information Security

CVE

Common Vulnerabilities and Exposures (CVE) is a dictionary-type list of standardized names for vulnerabilities and other information related to security exposures. CVE aims to standardize the names for all publicly known vulnerabilities and security exposure

PhishTank is a collaborative clearing house for data and information about phishing on the Internet. Also, PhishTank provides an open API for developers

https://www.phishtank.com/


CIAThe CIA Triad is a well-known, venerable model for the development of security policies used in identifying problem areas, along with necessary solutions in the arena of information security.
Confidentiality It's crucial in today's world for people to protect their sensitive, private information from unauthorized access. Protecting confidentiality is dependent on being able to define and enforce certain access levels for information. In some cases, doing this involves separating information into various collections that are organized by who n…