Computer Security Concepts

Questions and Answers

Which option is NOT considered a core objective of computer security?

• Authenticity (correct)
• Integrity
• Confidentiality
• Availability

What is the main purpose of a passive attack on a computer system?

• To halt or impair system functionality
• To acquire or utilize sensitive information (correct)
• To modify system configurations
• To achieve unauthorized system access

Which scenario primarily exemplifies a violation of data integrity?

• Physical device misappropriation
• Unauthorized exposure of private records
• Unapproved manipulation of data archives (correct)
• Network service interruption

What does the principle of least privilege advocate in the context of computer security?

Granting users the minimum essential rights (B)

Which characteristic is typically associated with an active attack on a system?

An effort to alter system resources or operations (C)

What is the primary function of an attack tree in security assessment?

Mapping out possible exploitation strategies (B)

Which option represents a cornerstone principle in the design of secure systems?

All of the above (D)

What aspect does the network attack surface primarily concern itself with?

Weaknesses exploitable through networks (A)

Which of the following options is a security functional requirement?

All of the above (D)

What is the overarching objective of implementing a security policy?

To outline security service rules and practices (D)

What represents a direct threat to the integrity of a computer system?

The illicit modification data files (A)

What is the main purpose of encapsulation within security design principles?

To shield data and actions inside safe domains (A)

What is a defining attribute of a passive system attack?

Attempts to glean or exploit details discreetly (C)

Which task constitutes the principle aim of security implementation?

To discover and handle breaches effectively (C)

What comprises a crucial security design principle?

All of the above (D)

Where does a software attack surface primarily concentrate its focus?

Weak spots found in application’s coding (C)

What is regarded as a functional requirement in matters of security?

All of the above (D)

Regarding security policy development, what remains the chief aim?

To enact guidelines regulating protective tech use (D)

What poses a notable risk to how a system maintains its integrity?

Illicit alterations to existing databanks (D)

When employing encapsulation when designing for superior security, what role does it fulfill?

To shelter instructions and info under protective layers (B)

Among strategies relating a systems safety, what does a passive incursion aim to do?

Observe data movement secretly to exploit it (D)

Chiefly, which objective underlies the implementation aspects for safeguarding integrity?

Quickly responding to detected security events (A)

What constitutes a primary attribute for designing heightened computer safety?

All of the above (D)

What aspect receives center stage when looking at software attack scenarios?

Exploitable areas due to insecure applications code (C)

What type of strategy qualifies as a fundamental security standard?

All of the above (D)

Flashcards

Availability

Ensuring information is accessible and usable upon demand by authorized users.

Passive Attack

An attempt to learn or use system information without altering system resources.

Data Integrity Threat

The unauthorized modification or corruption of data.

Principle of Least Privilege

Granting users and processes only the necessary privileges to perform their tasks.

Active Attack

An attempt to alter system resources or affect their operation.

Attack Tree

A diagram representing potential techniques to exploit vulnerabilities.

Economy of Mechanism

Security measures should be simple, minimize potential vulnerabilities, and be easily verifiable.

Fail-Safe Defaults

Deny access by default and grant access only when explicitly authorized.

Complete Mediation

Each and every access attempt must be verified against access controls.

Network Attack Surface

Vulnerabilities accessible over a network.

Threat to System Integrity

Unauthorized modification of data files.

Encapsulation

Isolating procedures and data objects in a protected domain.

Security Implementation Goal

Implementing security mechanisms in a system.

Software Attack Surface

Vulnerabilities in application code.

Security Policy

Rules and practices that govern security services.

Goal of Security Policy

Defining rules and practices for providing security services.

Passive Attack Characteristic

Attempt to learn/use information from the system.

Encapsulation Purpose

Isolating public access systems from critical resources.

Security Implementation Goal

Implement security mechanisms in a system.

Study Notes

• Authenticity is not a key objective of computer security.
• The primary goal of a passive attack is to learn or make use of information from the system.
• Modification of data files is an example of a threat to data integrity.
• The principle of least privilege ensures every process and user operates with the least set of privileges necessary.
• Active attacks attempt to alter system resources or affect their operation.
• Attack trees represent potential techniques for exploiting security vulnerabilities.
• Economy of Mechanism, Fail-Safe Defaults, and Complete Mediation are fundamental security design principles.
• Network attack surfaces primarily focus on vulnerabilities over a network.
• Access Control, Awareness and Training, and Audit and Accountability are examples of security functional requirements.
• The main goal of a security policy is to define the rules and practices for providing security services.
• A threat to system integrity is the modification of data files.
• Encapsulation in security design serves to encapsulate procedures and data objects in a protected domain.
• A characteristic of a passive attack is that it attempts to learn or make use of information from the system.
• The primary goal of a security implementation is to detect and respond to security attacks.
• Economy of Mechanism, Fail-Safe Defaults and Complete Mediation are all fundamental security design principles.
• The primary focus of a software attack surface is vulnerabilities in application code.
• Access Control, Awareness and Training, and Audit and Accountability are all examples of a security functional requirement.
• The main goal of a security policy is to define the rules and practices for proving security services
• A threat to system integrity is the modification of data files.
• The purpose of encapsulation in security design is to encapsulate procedures and data objects in a protected domain.
• A characteristic of a passive attack is that it attempts to learn or make use of information from the system.
• The primary goal of a security implementation is to detect and respond to security attacks.
• Economy of mechanism, fail-safe defaults, and complete mediation are all fundamental security design principles.
• The primary focus of a software attack surface is vulnerabilities in application code.
• Access control, awareness and training, and audit and accountability are all examples of a security functional requirement.
• The main goal of a security policy is to define the rules and practices for proving security services
• A threat to system integrity is the modification of data files.
• The purpose of encapsulation in security design is to encapsulate procedures and data objects in a protected domain.
• A characteristic of a passive attack is that it attempts to learn or make use of information from the system.
• The primary goal of a security implementation is to detect and respond to security attacks.
• Economy of mechanism, fail-safe defaults, and complete mediation are all fundamental security design principles.
• The primary focus of a software attack surface is vulnerabilities in application code.
• A security functional requirement: Access control
• The main goal of a Security Policy: To define the rules and practices for providing security services
• A threat to System Integrity: The modification of data files.
• The purpose of encapsulation in security design is to encapsulate procedures and data objects in a protected domain.
• A characteristic of a passive attach: It attempts to learn or make use of information from the system
• The primary goal of a Security Implementation: To detect and respond to security attacks.