Computer Security: Concepts and Objectives

Questions and Answers

Which of the following scenarios primarily tests the integrity of a system?

• Confirming the sender of an email is accurately identified.
• Ensuring only authorized personnel can access sensitive financial records.
• Guaranteeing a server remains online during a denial-of-service attack.
• Verifying that a software update does not corrupt existing system files. (correct)

Accountability ensures that unauthorized users can access the system.

False (B)

In the context of computer security, what does nonrepudiation ensure?

A user cannot deny having performed a transaction

______ assures that systems work promptly and service is not denied to authorized users.

Availability

Match the following security concepts with their descriptions:

Confidentiality = Protecting information from unauthorized disclosure Integrity = Ensuring information is accurate and complete Availability = Ensuring timely and reliable access to information Authenticity = Verifying the validity of a message generator

Which security concept is MOST directly related to preventing data tampering?

Integrity (B)

Authorization is the process of verifying the identity of a user.

False (B)

Implementing multi-factor authentication primarily addresses which security concept?

Authenticity (C)

Which type of attack involves an unauthorized entity gaining access to confidential information?

Leaky (A)

An active attack focuses solely on gaining information from a system without altering its resources.

False (B)

What is the primary goal of a passive attack?

to obtain information that is being transmitted

An attack initiated by an entity from within the organization is known as an ______ attack.

insider

Match the following attack types with their descriptions:

Replay = Capturing and re-transmitting legitimate data packets Masquerade = Assuming the identity of another user or entity Modification of messages = Altering the content of transmitted data Denial of service = Preventing legitimate users from accessing system resources

Which of the following is NOT a category of active attack?

Traffic analysis (D)

What is the aim of countermeasures in computer security?

To deal with security attacks through prevention, detection, and recovery (D)

A computer security strategy only focuses on external threats and ignores potential insider threats.

False (B)

Which factor complicates computer security, shifting the advantage towards attackers?

Administrators must identify and patch all vulnerabilities, while attackers need to find only one. (B)

A countermeasure solely eliminates a threat, offering complete protection to a system.

False (B)

What security term describes a weakness in a system's design, implementation, or operation and management?

Vulnerability

A potential event that could violate security and harm a system is known as a ______.

threat

Which of the following is the BEST example of a computer security asset?

Database of customer information (D)

What is the primary purpose of keeping records of user activities regarding computer security?

To enable forensic analysis after a security breach. (A)

Which statement is MOST accurate regarding the integration of security measures into computer systems?

Security measures are frequently viewed as an impediment to efficient and user-friendly operation. (C)

Match each security term with its corresponding description:

Vulnerability = A weakness in a system's design, implementation, or operation. Threat = A potential event that could cause harm to a system. Countermeasure = An action to reduce the impact of a threat or vulnerability. Risk = The probability of a threat exploiting a vulnerability.

Flashcards

Computer Security

Protection of automated information systems to maintain integrity, availability, and confidentiality.

Data Confidentiality

Ensuring private information isn't disclosed to unauthorized individuals.

Privacy

Assuring individuals control what info is collected, stored, and disclosed about them.

Data Integrity

Assuring information and programs are changed only in a specified, authorized manner.

System Integrity

Assuring a system performs its intended function correctly, free from unauthorized manipulation.

Availability

Ensuring systems work promptly and service is not denied to authorized users.

Authenticity

Being able to be verified and trusted; confidence in the validity of a transmission or message generator.

Accountability

Requiring actions to be traced uniquely to an entity; supports nonrepudiation.

Traceability in Security

The ability to trace a security breach back to the responsible party through activity logs and forensic analysis.

Vulnerability

A weakness in a system's design, implementation, or operation that can be exploited.

Security Policy

A set of rules and practices that define how a system provides security services to protect sensitive resources.

Threat

An event that could cause a security breach and harm the system by exploiting vulnerabilities.

Countermeasure

An action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack.

Risk

The probability that a threat will exploit a vulnerability with a harmful result.

Asset

A system resource, which can include hardware, software, data, and communication facilities/networks.

Corrupted Vulnerability

When the system does the wrong thing or provides incorrect answers due to data being improperly modified.

Leaky Information

Unauthorized access to information, leading to a loss of confidentiality.

Loss of Availability

System or network becomes impossible or impractical to use.

Insider Attack

An attack carried out by someone who has authorized access to the network.

Outsider Attack

An attack initiated from outside the organization's network perimeter.

Passive Attack

An attack that monitors or eavesdrops on transmissions without altering system resources.

Active Attack

An attack that attempts to alter system resources or affect their operation.

Computer Security Strategy

A strategic plan to protect an organization from internal and external threats using best practices.

Study Notes

• Computer Security: Protection afforded to an automated information system.

Key Objectives

• Preserving integrity
• Availability
• Confidentiality of information system resources (hardware, software, firmware, information/data, and telecommunications)

Key Security Concepts

Data confidentiality

• Assures that private or confidential information is not available or disclosed to unauthorized individuals

Privacy

• Assures that individuals control or influence what information related to them may be collected and stored, and by whom and to whom that information may be disclosed.

Data integrity

• Assures that information and programs are changed only in a specified and authorized manner.

System integrity

• Assures that a system performs its intended function correctly.

Availability

• Assures that systems work promptly and service is not denied to authorized users.
• Confidentiality, integrity, and availability form the CIA triad.
• Authenticity and accountability are additional concepts needed to present a complete security picture.

Authenticity

• Being able to be verified and trusted.
• Confidence in the validity of a transmission or a message generator.
• Verifying that users are who they say they are and that each input arriving at the system come from a trusted source.

Authorization

• The process of giving someone permission or the right to do or have something.

Accountability

• Generates the requirement for action of an entity to be traced uniquely to that entity.
• Supports nonrepudiation, meaning a user cannot deny performing a transaction.
• Traces security breaches to a responsible party.
• Keeps records of activities to permit later forensic analysis to trace security breaches or to aid in transaction disputes.

Levels of Impact (Breach Impact)

• Low: limited effect expected
• Moderate: serious effect expected.
• High: severe or catastrophic effect expected.

Computer Security Challenges

• Attackers only need to find one weakness, developers need to find all.
• Security benefits are often unseen until a failure occurs.
• Requires regular, constant monitoring.
• Often incorporated after the design is complete.
• Sometimes seen as an obstacle to efficient, user-friendly operation.

Security Terminology

Vulnerability

• Weakness in a system's design, implementation, or operation and management.

Security Policy

• A set of rules and practices specifying how a system provides security services to protect sensitive and critical system resources.

Threat

• An event that could cause a security breach and harm the system.
• Capable of exploiting vulnerabilities.
• Represents potential security harm to a system
• Examples include removable media, brute force attacks, unauthorized use of system privileges, and loss/theft of confidential devices.

Countermeasure

• An action, device, procedure, or technique that reduces a threat, vulnerability, or an attack.

Risk

• The probability that a threat will exploit a vulnerability with a harmful result.

Asset

• System resource that is to be protected (hardware, software, data, communication lines, etc.)

Security Concepts

• Owners impose countermeasures to minimize risk to assets threatened by threat agents, resulting in threats. Vulnerabilities
• Corrupted: Does the wrong thing or gives wrong answers, leading to loss of integrity.
• Leaky: Unauthorized access to information, leading to loss of confidentiality.
• Unavailable: System is too slow or impractical, leading to loss of availability.

Attacks

• Threats carried out.

Insider attack:

• Initiated by an entity inside the organization.

Outsider attack:

• Initiated from outside the organization.

Attacks can be:

Passive:

• Attempts to learn or use information without affecting system resources.
• Eavesdropping or monitoring transmissions aims for gaining information transmitted. Includes:
• Release of message contents.
• Traffic analysis.

Active:

• Attempts to alter system resources or affect their operation, involving data stream modification, or creating a false stream.
• Categories include replay, masquerade, message modification, and denial of service.

Countermeasures

• Used to deal with security attacks including:
• Prevent
• Detect
• Recover
• Can introduce new vulnerabilities, goal is to minimize the residual risk for the assets

Computer Security Strategy

• A plan involving best practices to protect an organization from internal and external threats.
• A plan of action to maximize security and resiliency. Components:

Security Policy:

• Formal statement of rules and practices.

Security Implementation:

• Prevention
• Detection
• Response
• Recovery

Assurance:

• Confidence in the effectiveness of security measures.

Evaluation:

• Examining a computer product or system per specific security criteria.

Description

Explore computer security, focusing on protecting automated information systems. Understand key objectives like preserving integrity, availability, and confidentiality. Learn about data confidentiality, privacy, data integrity, system integrity, and the CIA triad.