In: Computer Science
1.Describe the difference between direct and indirect attacks.
2.Describe the balance between information security and access.
3.Explain the difference between a policy and a standard.
4.Go to http://www.NIST.govand find the Incident Response template. Fill in the information on the template.
1. Direct Attack: In this type of attack, the computer is object of an attack. Here, the attacker uses his computer to attack another computer.
Indirect Attack: In this type of attack, the computer is subject of an attack. Here, the system is compromised and used to attack another system by the attacker.
Therefore, a system can be both object of an attack and subject of an attack. It can be the object of an attack first and then it can be compromised and used to attack another system. Thus it becomes subject of an attack.
3. Policies:
Standards: