Recent

  • Show all results for ""
quiz image

Computer Security Fundamentals

AdulatoryGarnet8936 avatar
AdulatoryGarnet8936
·
·
Download

Start Quiz

Study Flashcards

40 Questions

What is the primary focus of computer security?

Protecting the assets of a computer or computer system

What is the term used to describe the ability to access computer-related assets only by authorized parties?

Confidentiality

What is meant by the modification of assets in the context of computer security?

Writing, changing, changing status, deleting, or creating the assets

What is the term used to describe the prevention of access to computer-related assets?

Denial of Service

What is the term used to describe the combination of confidentiality, integrity, and availability?

C-I-A Triad

What determines the value of an asset in computer security?

Factors such as personal, time dependent, replicable or not, cost of loss

What is the primary goal of computer security in relation to assets?

To protect the assets from unauthorized access

What is the term used to describe the ability to access computer-related assets at appropriate times?

Availability

What is a vulnerability in a security system?

A weakness in the security system, for example, in procedures, design, or implementation.

What is a threat to a computing system?

A set of circumstances that has the potential to cause loss or harm.

What is an attacker?

A human who exploits a vulnerability.

What is a control in a security system?

An action, device, procedure, or technique that removes or reduces a vulnerability.

What is an example of a nonhuman threat?

Natural disasters like fires or floods.

What is an example of a nonmalicious harm?

Someone's accidentally spilling a soft drink on a laptop.

What is an example of a malicious attack?

A malicious code posted on a website.

What is an example of a random attack?

A malicious code posted on a website that could be visited by anybody.

What is the reason why a malicious attacker performs an attack?

For fun and challenge

What is one way to exploit a hardware vulnerability?

By adding devices to a system

What is an example of a software alteration vulnerability?

The truncation of fractional interest on an account

Why is hardware security usually the concern of a small staff?

Because they are professionals in a computing center

What is an example of machinicide?

Physically harming computer hardware

What is a method used by an attacker to succeed?

Having skills and knowledge

What can enhance the security of hardware components?

Using simple physical measures

What is an example of software deletion?

Accidentally erasing a file

What kind of harm could a company experience from electronic espionage?

All of the above

What is the main concern in preserving confidentiality, integrity, and availability of data?

Protection against interruption, interception, modification, and fabrication

What is a key aspect of a program with high quality?

Security features to prevent unauthorized access

Who might want to attack a program that displays the current time and temperature of a city?

All of the above

What type of harm might an attacker want to cause to a program that allows consumers to order products from the web?

All of the above

What is a potential vulnerability in a program that accepts and tabulates votes in an election?

All of the above

Who might want to attack a program that allows a surgeon to assist in an operation remotely?

All of the above

What type of control could be instituted to limit the vulnerability of a program that secretly leaks a list of employees' salaries?

All of the above

What is the primary reason for controlling access to software?

To prevent software from being deleted or destroyed accidentally

What is a type of software modification that causes it to fail or perform an unintended task?

Logic bomb

What is a program that overtly does one thing while covertly doing another?

Trojan horse

What is a specific type of Trojan horse that can spread its infection from one computer to another?

Virus

What is a program that has a secret entry point?

Trapdoor

What is an unauthorized copying of software?

Software theft

Who is responsible for software security?

Programmers and analysts

What is a code that makes information accessible to unauthorized people or programs?

Information leak

Study Notes

Computer Security

  • Computer security is the protection of computer-related assets, including hardware, software, data, people, processes, or combinations of these.
  • Assets can be valued based on factors such as personal, time-dependent, replicable, or cost of loss.

Computer Security Goals

  • The three important aspects of computer security are confidentiality, integrity, and availability.
  • Confidentiality ensures that assets are accessed only by authorized parties.
  • Integrity means that assets can be modified only by authorized parties or only in authorized ways.
  • Availability means that assets are accessible to authorized parties at appropriate times.

Vulnerabilities, Threats, Attacks, and Controls

  • A vulnerability is a weakness in the security system that might be exploited to cause loss or harm.
  • A threat is a set of circumstances that has the potential to cause loss or harm.
  • An attacker is a human who exploits a vulnerability to perpetrate an attack on the system.
  • A control is an action, device, procedure, or technique that removes or reduces a vulnerability.
  • Harm is the negative consequence of an actualized threat.

Types of Threats

  • Nonhuman threats include natural disasters, loss of electrical power, component failure, or attack by a wild boar.
  • Human threats can be nonmalicious (accidental) or malicious (intentional).
  • Malicious attacks can be random or directed.

Attacker Requirements

  • A malicious attacker must have three things to succeed: method (skills, knowledge, tools), opportunity (time and access), and motive (reason to want to perform the attack).

Vulnerabilities of Computing Systems

Hardware Vulnerabilities

  • Visible attack: adding, changing, removing, intercepting, or flooding devices with traffic.
  • Physical attack: drenching with water, burning, freezing, gassing, or electrocuting with power surges.
  • Machinicide: intentionally harming computer hardware or software.
  • Simple physical measures like locks and guards can enhance hardware security.

Software Vulnerabilities

  • Software alteration: exploiting software vulnerability, such as truncating fractional interest on an account.
  • Software deletion: accidentally erasing a file or replacing a good copy of a program with a bad one.
  • Software modification: causing software to fail or perform an unintended task, including logic bombs, Trojan horses, viruses, trapdoors, and information leaks.

Harm from Electronic Espionage or Unauthorized Viewing of Confidential Materials

  • Examples of harm include theft of trade secrets, loss of competitive advantage, and legal liabilities.

Learn about the protection of computer-related assets and the three important aspects of computer security: confidentiality, integrity, and availability.

Make Your Own Quizzes and Flashcards

Convert your notes into interactive study material.

Get started for free

More Quizzes Like This

Computer Security Quiz
10 questions

Computer Security Quiz

ThumbsUpFantasy avatar
ThumbsUpFantasy
Computer Security Introduction
69 questions

Computer Security Introduction

SprightlyVision avatar
SprightlyVision
Information Security Protection Goals
10 questions

Information Security Protection Goals

CompatibleHolmium avatar
CompatibleHolmium
Computer Study Notes: Cybersecurity
10 questions

Computer Study Notes: Cybersecurity

BeauteousMinimalism avatar
BeauteousMinimalism
Use Quizgecko on...
Browser
Open
Browser
Browser