Learning Security+ Issue 6
- Malware is malicious software designed to infiltrate computers systems.
- Unauthorized Access is access to resources & data without consent.
- System Failure is when computer systems or applications crash.
- Social Engineering is manipulating users into performing detrimental actions, like revealing confidential information, etc.
In the previous issue, we learned about threat actors. Now, we’ll get a broad overview of some of the key methods they use that threaten security. There are many categories, but we’ll cover only the broad ones in this issue.
There broad categories of threats we’ll cover are:
The term malware is short-hand for malicious software. This software is designed to infiltrate computer systems without consent and possibly cause damage. There are seven categories of malware to know for the exam. These will be discussed in detail in the next issue.
Whenever someone accesses data or resources without consent, it’s unauthorized access. This can be as simple as a friend snooping through your computer without you knowing or something more serious, like a hacker iniltrating your system at the office.
A system failure is when either computers or application crash. This results in a denial of service that can be temporary and short-lived or something more serious that may take a lot of time and resources to fix.
This threat is when someone manipulates users into performing detrimental actions. One example of social engineering would be gaining the trust of someone and getting them to connect a USB drive to their computer in order to infect it.
Again, this was just a broad overview, but you can see that there are many security threats that pros need to prepare for. Some are quite direct, like unauthorized access while others can be very indirect, like social engineering.
Next up, we’ll discuss the core methods used to mitigate these, and other, security threats.