Computer Security Chapter 1

Questions and Answers

What is the primary focus of computer security?

To enhance user experience in software applications.

To protect the assets of a computer or computer system. (correct)

To maximize profits from computer systems.

To increase the speed of computer operations.

Which classification does not belong among the measures to protect computer assets?

Detection

Obsolescence (correct)

Prevention

Reaction

What is an example of a preventive measure in the physical world?

Noticing that an item is missing.

Installing a surveillance camera.

Using locks on doors and window bars. (correct)

Calling the police after a theft.

In the case of credit card fraud, what is a detection measure?

Regularly checking credit card statements. (B)

Which of the following statements about reaction measures in cyber security is true?

You can ask for a new credit card number if fraud occurs. (B)

What is a vulnerability in a computing system?

A weakness in the system that may be exploited (C)

Which statement best describes a threat to a computing system?

Circumstances that have the potential to cause loss or harm (C)

How can the risk associated with a vulnerability be controlled?

By blocking threats through control mechanisms (D)

In the example of the man and the rising water, what does the water represent?

A threat posing risk to the man (B)

What is the relationship between a vulnerability and a threat?

A threat exploits vulnerabilities to cause harm (B)

What is the primary focus of Confidentiality in the CIA Triad?

Allowing only authorized parties to access assets (D)

What encompasses the authorization in the context of asset access?

The permission for a person, process, or program to access an object (A)

In the CIA Triad, what does Integrity refer to?

Modification of assets allowed only by authorized parties (D)

Which of the following is an example of access modes defined under Confidentiality?

Printing a document (B)

What role do subjects play in the context of the CIA Triad?

They access data items (B)

What does Availability ensure in the context of the CIA Triad?

Authorized users can access assets without delays when needed (D)

Which statement best encapsulates the concept of Integrity?

Only authorized parties can change data in specific ways (D)

What does preserving the integrity of an item imply?

The item is only modified by authorized people (A), The item is precise and accurate (C)

Which aspect of integrity involves managing changes to resources?

Authorized actions (D)

What does availability refer to in the context of assets?

Assets being accessible to authorized parties at appropriate times (C)

In what context is the term 'denial of service' used?

Availability of data and services (C)

Which of the following is NOT a component of the AAA framework?

Access Control (D)

What is the primary purpose of authentication within the AAA framework?

To identify who the user is (B)

What should happen to resources in order to ensure proper protection?

They should be separated and protected (C)

Which property does NOT directly relate to the concept of integrity?

The item is always present in perfect form (A)

Which of the following statements about error detection is accurate?

It helps protect the integrity of resources (A)

What defines the usability of assets in terms of availability?

They must meet service's needs effectively (A)

Computer security is the protection of assets of a computer system.

True (A)

There are five classifications of protection in computer security.

False (B)

Detection measures can help identify when an asset has been damaged.

True (A)

In the case of credit card fraud, reaction measures do not include asking for a new credit card number.

False (B)

Prevention measures in computer security can include using encryption.

True (A)

Confidentiality ensures that assets are accessible to any party.

False (B)

Integrity allows assets to be modified by any party without restrictions.

False (B)

Availability guarantees that assets are accessible to authorized parties when needed.

True (A)

The CIA Triad consists of Confidentiality, Integrity, and Authenticity.

False (B)

In the context of asset access, an access mode can include read, write, or execute.

True (A)

Modification of assets under Integrity includes actions like deleting and creating.

True (A)

Access to assets can be granted to anyone based on personal preference.

False (B)

A vulnerability in a system is a strength that prevents exploitation.

False (B)

A threat to a computing system is a set of circumstances that has the potential to cause loss or harm.

True (A)

Manipulating user identities can help secure a system against threats.

True (A)

The water in the example represents security threats.

True (A)

Controlling a vulnerability helps block a threat.

True (A)

Integrity means the item is unmodified.

True (A)

Availability refers to unauthorized access to assets.

False (B)

Error detection and correction are important aspects of integrity.

True (A)

Denial of service (DoS) is an aspect of integrity.

False (B)

The AAA framework includes authentication, authorization, and assurance.

False (B)

Integrity can involve modification only by authorized people.

True (A)

Availability requires that data is present in an unusable form.

False (B)

The integrity of an item can be characterized by its meaningfulness.

True (A)

Separation and protection of resources are part of the integrity aspects.

True (A)

Assets must be inaccessible to authorized parties during a denial of service.

True (A)

Study Notes

Chapter 1: Basic Security Concepts

• Computer security protects computer system assets.
• Assets include hardware, software, data, processes, storage media, and people.
• The "Principle of Easiest Penetration" suggests intruders will use readily available methods.
• Security protection has three classifications:
  • Prevention: measures to stop damage.
  • Detection: identifying when and how assets are harmed.
  • Reaction: measures to recover from damage.

Example from the Physical World

• Prevention: Locks, walls prevent access to property.
• Detection: Noticing something missing triggers an alarm (CCTV, burglar alarm).
• Reaction: Calling the police or replacing stolen items.

Example from the Cyber World: Credit Card Fraud

• Prevention: Encryption and merchant checks before processing credit card orders or not using credit card numbers online.
• Detection: Unauthorized transactions appearing on statements.
• Reaction: Requesting new cards, recovering costs from the fraudster.

Security Goals - CIA Triad

• Confidentiality: Assets accessible only to authorized parties.
• Integrity: Assets modified only by authorized parties.
• Availability: Authorized parties access needed assets without delay.
• Security is achieved through combining the CIA principles from an asset perspective, not a user perspective.

Confidentiality

• Computer assets are accessible only to authorized parties.
• Access includes viewing, printing, and knowing the existence of the asset.
• A subject is a person/process/program.
• An object is a data item.
• An access mode is the type of access (read, write, execute).
• A policy describes how access is controlled.

Integrity

• Assets can only be modified by authorized parties.
• Modification includes writing, changing status, deleting, creating.
• Integrity can mean various things in different contexts:
  • Accurate
  • Precise
  • Unmodified
  • Modified only in acceptable ways
  • Modified only by authorized people
  • Modified only by authorized processes
  • Consistent
  • Internally consistent
  • Meaningful and usable
• Specific aspects of integrity: authorized actions, separation, protection of resources, and error detection/correction.

Availability

• Assets are accessible to authorized parties at appropriate times.
• Denial of service (DoS), preventing access from authorized users, is an availability threat.
• Availability concerns both data and services.
• Factors affecting availability include capacity and service needs.

Other Protection Requirements (AAA)

• A three-process framework manages user access, enforces policies, and monitors network resource consumption.
• Authentication: Verifying user identity.
• Authorization: Determining user access permissions.
• Accounting: Tracking user activities and resource consumption.

Vulnerabilities and Threats

• A vulnerability is a weakness in a system's design or implementation.
• A threat is a circumstance that has the potential to cause harm or loss.

Computer Network Vulnerabilities

• Various hardware, software, and network vulnerabilities contribute to potential security threats. Examples include radiation, taps, cross-talk, communication lines, improper connections, and unauthorized access.

Security Threats (Interception, Interruption, Modification, Fabrication)

• Interruption: System unavailable or unusable.
• Interception: Unauthorized access to an asset.
• Modification: Tampering with an asset.
• Fabrication: Introducing counterfeit objects into a system.

Examples of Security Threats (Interruption, Interception, Modification, Fabrication)

• Interruption: Destroying hardware components such as a hard drive, cutting communication lines, and disabling file management systems.
• Interception: Wiretapping, illegally copying files.
• Modification: Altering data files, changing program behavior, modifying files.
• Fabrication: Adding records to files, inserting spurious messages into networks.

Description

Explore the fundamental concepts of computer security in this quiz based on Chapter 1. Understand the classification of security protections along with real-world examples that demonstrate prevention, detection, and reaction methods. Test your knowledge on key principles and goals of securing computer assets.