Computer Security Concepts

Questions and Answers

Which of the following is NOT a type of biometric identification?

• Password (correct)
• Iris scan
• Voice print
• Fingerprint

You can change your biometric password once it has been leaked.

False (B)

What does confidentiality refer to in computer security?

Concealment of information or resources to keep it secret from unauthorized access.

A __________ is a weakness or design flaw in a system that can lead to security issues.

vulnerability

Match the following terms with their definitions:

Hacker = A person who exploits a computer system for various reasons Threat = An action that might compromise security Attack = An assault on system security by a person or machine Antivirus = Software used to prevent malicious software

What is the purpose of hashing passwords during user login?

To ensure the entered password matches the stored hash (A)

Hash functions allow for retrieving the original data from the hash value.

False (B)

Name one popular software used for file verification.

WinMD5

Data integrity refers to the accuracy, consistency, and reliability of ______.

data

Match the following hash functions with their characteristics:

MD5 = Widely used but not recommended due to vulnerabilities SHA-1 = More secure than MD5, but still has vulnerabilities SHA-256 = Part of the SHA-2 family, highly secure SHA-512 = Provides greater security through a longer hash value

Flashcards

Biometric Identification

Using unique physical characteristics (like fingerprints, faces, or irises) to identify someone.

Confidentiality

Keeping information secret from unauthorized people.

Integrity

Ensuring data hasn't been changed or tampered with.

Availability

Making data accessible to authorized users when needed.

Unauthorized Access

Gaining access to a system using someone else's account.

Hacker

A person who tries to exploit computer systems.

Threat

Something that risks compromising a system's security.

Vulnerability

A weakness in a system's security, which could be exploited.

Attack

An attempt to harm or compromise a system's security.

Antivirus/Antimalware

Software that protects computers from malicious programs.

Biometric Password

A password based on unique physical characteristics.

Data Integrity

Ensuring data accuracy, consistency, and reliability throughout its lifecycle.

Hash Function

A one-way function that creates a unique string (hash) from any input, making it hard to reverse.

File Integrity

Verifying a file's accuracy and completeness using hash values.

Hash Value

A unique string generated from a file or data using a hash function.

Password Hashing

Converting a password into a unique hash for storage instead of storing the original password.

Login Verification

Comparing a user's entered password hash with the stored hash to verify the user's identity.

One-way Function

A function that is relatively easy to compute in one direction but very difficult to reverse.

Study Notes

Computer Security Elements

• Confidentiality: Concealing information or resources from unauthorized access.
• Integrity: Maintaining the trustworthiness of data by preventing unauthorized changes.
• Availability: Ensuring authorized access to data and resources when needed.

Terminology

• Unauthorized access: Gaining access to a computer system or data without permission.
• Hacker: Someone who uses computer systems for malicious purposes, often for financial gain or social causes.
• Threat: An action or event that potentially compromises security.
• Vulnerability: A weakness or flaw in a system that can exploit and lead to a harmful event.
• Attack: An assault on a security system by a person or machine.
• Antivirus/Antimalware: Software designed to prevent and remove malicious software.
• Social Engineering: Manipulating individuals to disclose sensitive information.
• Virus: Malicious software installed on a computer without consent to harm resources.
• Firewall: Software or hardware used to control network traffic based on predefined rules.
• Ciphertext: The encrypted form of an original message.
• Plaintext: The original unencrypted message.

Biometric Identification

• Biometrics: Methods of identifying individuals based on unique physical characteristics.
• Risks of Biometric Identification: Permanent nature, possibility of leakages, no right to refusal (like a password).
• Examples: Fingerprints, voice prints, iris scans, retinal scans.

Encryption/Decryption

• Cipher: An algorithm or set of rules for encrypting or decrypting data.
• Asymmetric Encryption: Uses two keys (public and private) for encryption and decryption.
• Symmetric Encryption: Uses a single key for both encryption and decryption.
• Public Key Encryption: Encryption using a public key to send messages that are decrypted by a private key.

Passwords

• Password Policies: Rules for creating strong and secure passwords.
• Password Strength: Should include a large set of characters (upper/lower case, numbers, symbols), and should be changed frequently.
• Password Management: Don't reuse passwords between different sites, do not write them down, and do not share them even with those authorized to administer the computer.

Virtual Private Networks(VPNs)

• VPN: A method of extending a private network across a public network
• Benefits : Increased security (encryption) for data transmissions and protection from snooping

Data Encryption Methods

• Symmetric: Encryption using the same key for encryption and decryption.
• Asymmetric: Encryption using two separate keys (public key for encryption and private key for decryption).
• End-to-End: Ensures only the intended recipient can decrypt encrypted data.
• Hash Function: Mathematical algorithms that produce unique outputs for any given input.

Data Integrity

• Data Integrity: Maintaining the accuracy, consistency, and reliability of data.
• Key Aspects: Preventing unauthorized changes, detecting tampering, ensuring data accuracy, and securing data in transit.

Common Threats to Data Integrity

• Malware/Viruses: Malicious software designed to compromise data.
• Data Breaches: Unauthorized access to sensitive data by attackers.
• Human Error: Data breaches initiated by user error causing corruption.

Data Availability

• Distributed Denial of Service (DDoS) Attacks: Overwhelming a system with traffic to disrupt its services.
• Hardware Failures: Unexpected malfunctions of hardware components.
• Natural Disasters: Disruption of services and data centers during natural disasters.

Information Assurance (IA)

• IA: Protecting information assets from unauthorized access and unauthorized disclosures and ensuring timely access to valid information from authorized parties.
• IA components: Confidentiality, integrity, accessibility, authentication, and non-repudiation.

Security Risks

• Physical Security: Protecting hardware and software from physical threats.
• Personnel Security: Measures to reduce threats from staff.
• IT Security: Using technical controls to protect data and systems.
• Operational Security: Implementing operational procedures to maintain security within an organization.

Cyber Security

• Cybersecurity: The practices and protocols used to protect data and computer systems in the digital world.

Authentication

• Authentication Methods: Ways to verify a person's identity.
• Examples: Something you know (passwords), something you have (tokens), something you are (biometrics), and multi-factor authentication.

Backup Information

• Backup Importance: Regular data backups are critical as no security measure is 100% reliable.
• Cyber Incident Reporting: Protocol for reporting security incidents, ensuring steps are taken to contain and manage the situation.

Computer Ethics

• 10 Commandments of Computer Ethics: Guidelines for ethical computer use, addressing issues like stealing, harming others, interfering with others’ work, and snooping.