Computer Security Chapter 1: Introduction

Questions and Answers

What characterizes a passive attack in a security context?

It targets system vulnerabilities directly.

It learns or makes use of information without affecting system resources. (correct)

It involves modifying system data to create chaos.

It actively disrupts system operations.

Which of the following best defines a countermeasure?

A metric for evaluating security effectiveness.

A set of guidelines for user behavior.

A method to increase the system's speed.

An action, device, or procedure to reduce threats or vulnerabilities. (correct)

What is a vulnerability in the context of system security?

A flaw or weakness that can be exploited to violate security policy. (correct)

An extreme threat that compromises data integrity.

A robust defense against potential threats.

An authorization mechanism for user access.

Which aspect does a security policy specifically address?

The rules and practices for protecting sensitive resources.

Which determination is NOT typically made by security administrators?

How much budget is allocated for security.

What is the primary purpose of a system as defined in the content?

To interrelate elements for a common purpose or goal

Which of the following is NOT a type of system mentioned?

Virtual systems

What three main aspects does security ensure according to NIST?

Confidentiality, Integrity, and Availability

Which of the following best describes a physical system?

An arrangement of existing entities

What is a characteristic of abstract systems as described in the content?

They are composed of interdependent ideas or constructs

Why is it important to understand security goals in computing?

To safeguard information system assets from risks

Which option describes the relationship between elements in a system?

Elements interact to achieve a collective goal

What role do controls play in the context of security?

They are measures that help achieve security principles like integrity

What is considered a potential security threat in computing?

Exploitation of a vulnerability

What does risk entail concerning computing assets?

Potential damage without consent

How is trust defined in the context of risk?

Likelihood of people acting as expected

What is the primary focus of Information Security?

Maintaining confidentiality, integrity, and availability of data

Which term is primarily concerned with management and assurance of risks related to information?

Information Assurance

What could be a serious problem resulting from a security threat?

Expectation of loss

How do Computer Security and Information Security differ?

Information Security is concerned with data irrespective of its form.

What is the main challenge of trusting internet servers?

Potential exposure to vulnerabilities

What does trust between two individuals indicate?

Familiarity with each other’s actions

Which of the following areas is included within Computer Security?

Network Security

What can the lack of trust in a computer system lead to?

Skepticism about its expected performance

Which statement accurately describes CyberSecurity?

It encompasses measures to protect networks and information systems from cyber threats.

What aspect does the term 'acceptable risk' refer to in information security?

The level of risk that an organization is willing to accept.

Which of the following best describes the level of confidence in a computer system?

Confidence in expected behavior

Which of the following correctly distinguishes between Computer Security and Information Security?

Information Security encompasses risks while Computer Security does not.

Which of the following is NOT considered a part of information system assets?

Personnel management

What type of servers are considered the most trusted according to the content?

Internal servers

Which type of users is categorized as less trusted due to the potential for abuse?

Internal users

Why are Internet servers classified as the least trusted?

They are often accessed by unverifiable users.

Which of the following is a characteristic of hackers as described in the content?

They often report vulnerabilities in software.

What is a primary difference between hackers and crackers?

Hackers do not engage in malicious activities.

Which type of malware replicates itself through email and network facilities?

Virus

What term is used for individuals who use pre-written scripts to exploit systems, often lacking advanced skills?

Script kiddie

What distinguishes a Trojan horse from other types of malware?

It disguises itself as useful software without replicating.

What is the primary reason that internal servers are considered the most trusted?

They are under known management and control.

What typically characterizes less trusted users within a network?

They may exploit privileges for malicious purposes.

Which category does the Internet servers fall into regarding trust levels?

Least trusted

What does the term 'risk' refer to in the context of computing assets?

Any cause that may damage computing assets unexpectedly.

What is the purpose of the Secure Sockets Layer (SSL)?

To encrypt data transmitted over a network.

How is 'trust' described in the context of network security?

The degree of faith in user behavior.

What is a significant concern regarding remote, unauthenticated users?

They do not have established identities or credentials.

What is likely to be a consequence of a vulnerability being exploited?

Loss of data integrity and potential security breaches.

Study Notes

Chapter 1: Introduction

• Introduction to the study of computer security.
• Topics covered include: what secure means, risks in computing, security goals (confidentiality, integrity, availability), and contradictory goals.

System Definition

• A system is a conceptual framework used to interrelate elements.
• Defined as a set of interconnected elements that collectively work towards a shared purpose or goal.
• Systems can be abstract (interrelated ideas) or physical (tangible entities, like computing systems).

Security Definition (NIST)

• Security is defined as measures and controls that ensure confidentiality, integrity, and availability of information system assets.
• 'Is the protection as well as maintenance of the level of acceptable risk'.
• Related Terminologies include: Computer Security, Information Security, Information Assurance, and Cybersecurity. These are viewed as somewhat distinct but also overlapping.

Computing System Security

• Computer Security: focuses on the availability and correct operation of a computer system, regardless of the specific data stored.
• Network Security: is part of computer security and involves the security of the components and connections in a computer network.
• Examples are: hubs, switches, routers, modems and gateways
• Data Security: addresses the security of data (where it is stored, who uses it, how it is protected)
• This also discusses the concept of data as being stored, processed, and disseminated.

Additional Security Aspects

• Application Security: protecting software and applications from vulnerabilities and attacks.
• Endpoint Security: focuses on security for individual devices.
• Security Incident Response: procedures for handling security incidents.
• Security Awareness and Training: educating users about security threats.

Risk Concept

• Risk is anything that can damage computing assets without consent or knowledge.
• This includes potential security threats and vulnerabilities.
• Causes for it include a lack or failure of trust.

Trust

• Trust is the likelihood that people will act as expected.
• Trust can exist between individuals, but not between a user and an unknown server, therefore trust should not be assumed.
• The level of confidence in a computer system or its components to behave as expected.
• Trust is critical; but can be difficult to establish between users and unknown entities.

Types of Trust (and less Trust)

• Most trusted: internal servers, domain controllers, and storage devices attached to the network.
• Less trusted: internal users and remote, authenticated users (because of the minority who misuse their access).
• Least trusted: Internet servers and remote, unauthenticated users (as they are often unknown/outside the system and can’t be fully trusted).

Systems Weaknesses

• External Weaknesses include: malware, spyware, hackers (individuals skilled in gaining access without explicit authorization), crackers (individuals seeking to exploit security vulnerabilities), and script kiddies (those who use tools/scripts without extensive skill/technical expertise).
• Internal Weaknesses include: authenticated users, unauthorized programs, and unpatched software.

Common Security Mistake

• Incorrectly assuming that attacks only originate from outside the organization.

Security Objectives (Goals)

• Confidentiality: ensuring no data is disclosed accidentally or intentionally.
• Integrity: preventing unauthorized modifications to the data.
• Availability: guaranteeing that systems and services are accessible to authorized users when needed.

CIA triad

• Acronym for the security goals of Confidentiality, Integrity, and Availability. - These concepts are often mentioned together in computer security discussions.

Description

This quiz covers the introductory concepts of computer security, including definitions of security, systems, and the fundamentals of risks in computing. It delves into the goals of security such as confidentiality, integrity, and availability, along with the relationships between different security terminologies. Test your understanding of these key principles in computer security!