1. What is the difference between vulnerability and exposure? A Vulnerability is a weakness or fault in a system or protection that exposes information to attack such as a flaw while an exposure is a vulnerability that is known to an attacker. 2. What type of security was dominant in the early years of computing?
During Second World War, the mainframe was created to aid communication code breaking by fighting countries. At that time, the most important protection is to maintain data confidentiality, some devices had multiple levels of security to protect confidentiality, and physical security and simple document classification schemes are also important for fighting countries.
In 1960s, alongside with many more mainframe computers were brought to do more complex tasks, ARPA was born and was developed to be ARPANET later, which is the origin of internet.
But ARPA led several security issues and need to be improved, such as securing the data, limiting random and unauthorized access to that data, involving personnel from multiple levels of the organization in information security.
Multiplexed Information and Computing Service (MULTICS) was the first operating system to integrate security into its core functions.
In 1990s, LAN became popular, so authentication and email encryption appeared.
2000s to present, information security is important to national defense. Government and companies are aware of the need to defend the computerized control systems of utilities and other critical infrastructure. And legislation about information security occurred. 3. What are the three components of the C.I.A. Triangle? What are they used for?
Confidentiality: information has confidentiality when it is protected from disclosure or exposure to unauthorized individuals or systems.
Integrity: prevents from damaging, destruction the information from its authentic state