Computer Security Basics

Questions and Answers

Which of the following is a primary purpose of social engineering in computer security?

• Manipulating human psychology (correct)
• Creating security policies
• Enhancing encryption methods
• Bypassing technical security measures

What is the main function of a security policy in a computer security context?

• To encrypt sensitive data during transmission
• To identify potential security threats
• To define what is allowed and enforce security mechanisms (correct)
• To analyze network traffic in real-time

What is the primary focus of computer security?

• Monitoring user behavior
• Preventing software installation
• Securing a single connected machine (correct)
• Protecting communication between computers

Which of the following is NOT considered a computer security threat?

User data encryption (A)

Caesar's Cipher is an example of what type of cryptographic technique?

Substitution cipher (C)

What does the concept of 'availability' in computer security refer to?

Maintaining the system's operational status and accessibility (A)

Which of the following is considered an insider threat?

An employee intentionally leaking sensitive information (C)

What is the role of checksums in data transmission?

To perform data integrity checks (D)

Which of the following mechanisms helps prevent break-ins to a system?

Firewalls to block unauthorized access (A)

What is considered a common cause of security vulnerabilities in software?

Buggy code with unvalidated input (B)

Which of the following best describes 'spoofing' in the context of computer security?

Unauthorized access by pretending to be another user (A)

What is a critical reason a computer network might remain insecure after configuration changes?

Failure to properly configure devices (D)

Which option describes network security effectively?

Safeguarding communication and all its participants (A)

Which mechanism is essential for verifying the truth of claimed data?

Authentication (A)

How can malicious emails impact a computer system?

They can contain viruses and worms (B)

Which of the following actions does NOT contribute to computer security?

Ignoring software updates and patches (A)

What is the primary function of authorization in computer security?

To grant or refuse resource access (C)

Which mechanism is specifically designed to protect against unauthorized access from external sources?

Firewalls (A)

What does a Virtual Private Network (VPN) primarily provide?

A secure tunnel for data transmission (A)

What is the role of Internet Protocol Security (IPSec)?

To provide a secure framework for communications over IP networks (C)

Which security mechanism helps establish encrypted links between web servers and browsers?

SSL (Secure Sockets Layer) (C)

What is the purpose of an Intrusion Detection System (IDS)?

To monitor networks for malicious activities or policy violations (D)

Which of the following is NOT a characteristic of a firewall?

Establishing encrypted links (D)

What is the main advantage of using virus scanners?

To detect and prevent malware infections (D)

Flashcards

Computer Security

Protecting a single computer from unauthorized access, attacks, information theft, and misuse.

Network Security

Protecting communication networks and all the devices connected to them from unauthorized access, attacks, and data breaches.

Breaking into my computer

Unauthorized access to a computer system, often with the intent to steal information, cause damage, or disrupt operations. Examples include hackers, viruses, and worms.

Attacking my computer

Actions designed to disrupt the normal operation of a computer system, often by overwhelming it with requests or traffic. Examples include denial-of-service attacks.

Stealing an information

The unauthorized acquisition of sensitive information from a computer system. This could involve passwords, financial data, or personal files.

Using my computer to attack others

Using a compromised computer to launch attacks on other systems. This could include spreading viruses, sending spam, or launching denial-of-service attacks on websites.

Damaging my computer or data

Actions that cause physical or functional damage to a computer system or the data it stores. Examples include deleting files or installing malicious software.

Taking up the resources with irrelevant messages

Overburdening a computer system with irrelevant messages, consuming valuable resources, and hindering its performance. Examples include spam mail, malicious emails, and denial-of-service attacks.

Authorization

A security mechanism that verifies a user's access rights to resources after they've been authenticated.

Firewall

A software or hardware barrier that controls network traffic, blocking unauthorized access while allowing outgoing connections.

VPN (Virtual Private Network)

A secure connection that encrypts data sent over the internet, protecting it from eavesdroppers.

IPsec (Internet Protocol Security)

A set of standards for encrypting data sent over the internet, ensuring secure communication.

SSL (Secure Sockets Layer)

A security protocol that creates an encrypted connection between a web server and a browser, protecting sensitive data.

Virus Scanner

Software that scans your computer for malicious programs like viruses and malware, preventing them from infecting your system.

Intrusion Detection System (IDS)

A system that monitors a network for suspicious activity and alerts you to potential security threats.

Access Control

A security framework that involves establishing a set of rules for managing access to resources and enforcing compliance.

Caesar's Cipher

A simple substitution cipher where each letter is replaced with a letter three positions later in the alphabet.

Social Engineering

Exploiting human psychology to gain access to systems or data, often through deception or trickery.

Insider Threat

Threat originating from an individual within an organization, like an employee or contractor, who intentionally or unintentionally compromises security.

Security Policy

A set of rules defining what actions are allowed, how a system should behave, and how security mechanisms should operate.

Security Mechanism

A mechanism that enforces a security policy. It interprets the policy and takes actions like blocking access or detecting threats.

Encryption

Transforming data into an unreadable form, protecting it from unauthorized access.

Checksum

A process used to verify the integrity of data by calculating a unique numerical representation (hash). If the hash is different after transmission, it indicates data corruption.

Authentication

Verifying the identity of a user or entity to ensure they are who they claim to be.

Study Notes

Computer Security Overview

• Computer security encompasses protecting computing transactions from unauthorized access, attacks, data theft, damage to resources, and misuse.
• Key areas of concern include network security and computer security.

What's Ahead?

• Understanding basic computer security concepts
• Identifying common security threats
• Understanding the role of policy in computer security
• Identifying computer security mechanisms

What Does Security Mean?

• Security means preventing unauthorized access, attacks, and data theft on computer systems and networks. This includes preventing damage to computer resources and data without explicit permission.

Computer vs. Network Security

• Computer security protects a single machine, while network security safeguards communication and all participating entities within a network.

Computer Security Threats

• Breaking into a computer: Hacking, worms, and viruses.
• Attacking a computer: Denial-of-service attacks, viruses, and worms.
• Stealing information: Data breaches and various forms of hacking and malicious software.
• Using a computer to attack others: Spam, phishing, and email/malware-based attacks.

Damaging Computer Systems

• Tampering and altering data through various means, often employing cryptography for detection. Duplicating data for recovery from damage.

Taking up Resources

• Denial-of-service attacks; spam mail that fills space; malicious mail containing viruses and worms.

Aspects of Computer Security

• Confidentiality: Data secrecy from unauthorized users.
• Integrity: Data accuracy and preventing modifications.
• Availability: System accessibility and functionality.

Why We Aren't Secure (Causes of Vulnerabilities)

• Buggy code: Unvalidated input, cross-site scripting, buffer overflow, flawed injection methods.
• Protocol design failures: Weaknesses in protocols governing data handling, leading to vulnerabilities.
• Weak cryptography: Poor cryptographic procedures offering inadequate authentication, integrity protection, and non-repudiation.
• Social engineering: Exploiting human psychology for gaining unauthorized system access.
• Insider threats: Security vulnerabilities arising from within an organization, often through employee or officer actions.
• Poor configuration: System flaws arising from inadequate adaptation to new tasks and user requests.
• Incorrect policy specification: Misaligned or flawed policies with security implications.
• Stolen keys/identities: Unauthorized access due to compromised credentials or identities.
• Misplaced incentives: System breach opportunities caused by misleading user incentives, a technique called spoofing, or similar challenges. Examples include email, URL, caller ID spoofing to gain unauthorized access.

The Role of Policy

• Policies define allowed system actions and mechanisms for enforcement. Policies are interpreted and enforced by software/tools like firewalls and intrusion detection systems (IDS), as well as access control lists. Correct and secure implementation is crucial.

Some Security Mechanisms

• Encryption: Encoding data to conceal its contents, using cryptographic keys and algorithms.
• Checksums: Data integrity checks (hashes) used to detect unauthorized modifications. This involves sending encoded checksums along with the message/data to help verify integrity.
• Authentication: Verifying the identity of a user or system entity.
• Authorization: Determining the privileges/access levels for authenticated entities regarding system resources and data/functionality permissions.
• Firewalls: Blocking unauthorized network access.
• VPNs (Virtual Private Networks): Securing data transmissions across public networks.
• Intrusion Detection Systems (IDS): Systems that monitor network or system activities for malicious actions.
• Virus scanners: Software scanning systems and their content for harmful programs.

Today's Security Deployment

• Firewalls: Blocking unauthorized access from exterior and maintaining secure communications channels.
• VPNs: Creating secure tunnels for internet connections ensuring data protections.
• IPSec: A framework for secure communications over IP networks using cryptography.
• SSL (Secure Sockets Layer): A protocol establishing encrypted channels for web communication.
• IDS (Intrusion Detection Systems): Monitoring networks and individual systems for malicious actions and policy violations. Protecting against data intrusions and vulnerabilities.