Wednesday, May 31, 2006

Essential Terminology

  • Threat – An action or event that might prejudice security. A threat is a potential violation of security.
  • Vulnerability – Existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event compromising the security of the system.
  • Target of Evaluation – An IT system, product, or component that is identified/subjected as requiring security evaluation.
  • Attack – An assault on system security that derives from an intelligent threat. An attack is any action that violates security.
  • Exploit – A defined way to breach the security of an IT system through vulnerability.

No comments:

Post a Comment