Computer & Network Security: CIA Triad

Questions and Answers

In the context of computer security, what does 'integrity' primarily aim to protect?

• Preserving authorized restrictions on information access and disclosure.
• Guarding against improper information modification or destruction. (correct)
• Ensuring timely and reliable access to and use of information.
• Verifying the identity of a user or system.

Which of the following scenarios represents a breach of confidentiality?

• A hacker gains unauthorized access to a database containing sensitive customer information. (correct)
• A server experiences a power outage, making it temporarily unavailable.
• Malware modifies system files, causing the operating system to become unstable.
• A system administrator accidentally deletes a critical database, causing data loss.

An organization implements multi-factor authentication (MFA) for accessing a restricted resource. Which security design principle does this primarily support?

• Separation of privilege. (correct)
• Economy of mechanism.
• Least common mechanism.
• Fail-safe default.

Which of the following is an example of an active attack?

Injecting malicious code into a web server to deface a website. (B)

A company discovers that a disgruntled employee has been copying sensitive files to a USB drive and removing them from the premises. This is an example of what type of attack?

Inside attack. (D)

Which security principle emphasizes that security mechanisms should not be overly complex or difficult to use?

Psychological acceptability. (D)

A system design incorporates multiple layers of security controls, where each layer provides a different type of protection. Which security design principle does this exemplify?

Layering. (D)

What is the primary goal of 'complete mediation' in security design?

To ensure that every access request is checked against the access control policy. (D)

In the context of attack surfaces, what does the 'human attack surface' primarily refer to?

Vulnerabilities created by personnel or outsiders through social engineering or other means. (D)

Which of the following is an example of 'usurpation' as a threat to computer systems?

An attacker gaining unauthorized root access to a server and disabling security functions. (A)

Flashcards

Availability

Ensures information is accessible and usable upon demand.

Authenticity

Verifies the identity of users and the trustworthiness of data sources.

Accountability

Holds entities accountable for their actions within a system; actions can be traced back to the responsible party.

Attack Tree

A hierarchical data structure representing techniques for exploiting vulnerabilities.

Attack Surface

Reachable and exploitable vulnerabilities in a system.

Confidentiality

Protecting information from unauthorized access and disclosure.

Integrity

Guarding against improper information modification or destruction.

Layering

Using multiple, overlapping security measures to protect a system.

Separation of Privilege

Requires multiple privilege attributes to access restricted resources.

Least Privilege

Operate using the least set of privileges necessary, only assign permissions needed to perform functions.

Study Notes

Overview of Computer and Network Security

• Computer security involves measures and controls to ensure confidentiality, integrity, and availability of information.
• These apply to hardware, software, firmware, data, and telecommunications.

Key Objectives (CIA Triad)

• Confidentiality: Restricting information access and disclosure to authorized users.
  • Data confidentiality ensures private or sensitive information isn't disclosed to unauthorized individuals.
  • Privacy ensures that individuals control what information related to them is collected and stored and by whom.
• Integrity: Guarding against improper modification or destruction.
  • Data integrity: Ensuring information and programs aren't changed or destroyed.
  • System Integrity: Ensuring a system performs its intended function in an unimpaired way.
• Availability: Ensuring timely and reliable access to information.
• **Authenticity: Verified and trusted
• Accountability: Actions can be traced to an entity uniquely

Security Breach Impacts

• Low Impact: Limited adverse effect on operations, assets, or individuals.
• Moderate Impact: Serious adverse effect.
• High Impact: Severe or catastrophic adverse effect.

Challenges of Computer Security

• Computer security is complex, requires considering potential attacks on all features.
• Security mechanisms must be appropriately placed physically and logically.
• Attackers need only one weakness, while designers must eliminate all.
• Security requires constant monitoring; system managers may not see benefits until failure occurs.
• Users and administrators may view security as impeding efficiency.

Vulnerabilities of Computer Systems

• Corrupted: System/network functions incorrectly or gives wrong answers.
• Leaky: Providing access to restricted areas.
• Unavailable: System or network is slow or impractical.

Types of Attacks

• Active Attack: Alters system resources or operations.
• Passive Attack: Learns or uses system information.
• Inside Attack: Initiated by entity inside security perimeter from authorized user.
• Outside Attack: Initiated outside security perimeter by unauthorized user.

Threats and Attacks Examples

• Unauthorized Disclosure:
  • Exposure: Intentional release of credit card numbers.
  • Interception: Access to LAN traffic.
  • Inference: Observe patterns in network traffic.
  • Intrusion: Unauthorized access to data.
• Deception:
  • Masquerade: Posing as an authorized user.
  • Falsification: Replacing grades on a school system.
  • Repudiation: A user denies sending or receiving something.
• Disruption:
  • Incapacitation: Trojan horses, viruses, etc.
  • Corruption: User placing backdoor logic in the system.
  • Obstruction: Interfering with communication.
• Usurpation::
  • Misappropriation: Theft of service.
  • Misuse: Disabling security functions.
• Examples of threats to computers
  • Hardware damage
  • Damage or alteration of software
  • Unauthorized access of data
• Communication lines and networks:
  • passive attacks, such as monitoring transmissions and traffic
  • active attacks, such as replay, masquerade, modification of messages and denial of service

Security Functional Requirements

• Access Control
• Awareness and Training
• Audit and Accountability
• Certification, Accreditation, and Security Assessments
• Configuration Management
• Contingency Planning
• Identification and Authentication
• Incident Response
• Maintenance
• Media Protection
• Physical and Environmental Protection
• Planning
• Personnel Security
• Risk Assessment
• Systems and Services Acquisition
• System and Communications Protection
• System and Information Integrity
• These requirements can be divided into those requiring computer security technical measures, and those that require management measures

Fundamental Security Design Principles

• Economy of Mechanism: Security measures should be simple for fewer exploitable flaws.
• Fail-safe Default: Default to lack of access.
• Complete Mediation: Check access control upon every file access.
• Open Design: Security mechanism design should be open rather than secret.
• Separation of Privilege: Multiple attributes are needed for restricted resource access (e.g., MFA).
• Least Privilege: Use the least necessary set of privileges.
• Least Common Mechanism: Minimize functions shared by different users.
• Psychological Acceptability: Security should not interfere with work.
• Isolation: Public access systems, processes, and security mechanisms should be isolated.
• Encapsulation: Isolation based on object-oriented functionality.
• Modularity: Develop security functions as separate modules and use modular architecture.
• Layering: Use multiple, overlapping protection approaches.
• Least Astonishment: Program/interface should respond intuitively.

Attack Surfaces and Attack Trees

• Attack Surface: Reachable and exploitable vulnerabilities in a system.
  • Network attack surface involves vulnerabilities over network or Internet.
  • Software attack surface involves vulnerabilities in application, utility, or OS.
  • Human attack surface involves vulnerabilities created by personnel or outsiders.
• Attack Tree: Hierarchical data structure representing techniques for exploiting vulnerabilities.

Computer Security Strategy

• Specification/Policy: What the security scheme does:
  • Describes desired system behavior.
  • Includes rules and practices for protecting resources.
  • Considers the value of assets, vulnerabilities, and potential threats.
• Trade-offs:
  • Ease of Use vs. Security, such as network security reducing transmission capacity.
  • Cost of Security vs. Cost of Failure/Recovery: Value of assets/damage from security violation and risk.
• Implementation / Mechanisms identifies how the security strategy works.

Actions and Assurance

• Four courses of action:
  • Prevention: Transmission of encrypted data.
  • Detection: Detect the presence of unauthorized individuals.
  • Response: Halt a denial of service attack.
  • Recovery: Use backup systems.
• Correctness/Assurance: Determines "does it work?".
  • Assurance is the degree of confidence that system design meets requirements
  • Evaluation means examining the system with respect to criteria through testing.

Standards Organizations

• National Institute of Standards and Technology (NIST) is the U.S. government standards organization.
• Internet Society (ISOC) is a worldwide professional membership society for Internet standards.
• ITU-T is the International Telecommunication Union, part of the United Nations.
• International Organization for Standardization (ISO) is a worldwide nongovernmental organization.