Computer Security Introduction

Questions and Answers

What does computer security primarily protect?

User privacy only

Network speed and performance

Software applications alone

The assets of a computer system (correct)

Which of the following best defines a vulnerability in computer security?

An attack method employed by hackers

A collection of user credentials

A specific type of software

A weakness in the security system (correct)

In the context of computer security, which term describes a potential violation of security?

Attack

Control

Countermeasure

Threat (correct)

What is a countermeasure in computer security?

A protective measure against threats

Which of the following is NOT an asset in computer security?

Malware

What does the C-I-A Triad represent in computer security?

Confidentiality, Integrity, Availability

Which statement best describes an attack in the context of computer security?

The act of exploiting a vulnerability

Which of the following could be considered a unique and irreplaceable asset?

Class projects

What do the three components Method, Opportunity, and Motive collectively refer to in the context of a malicious attack?

Factors that enable a malicious attack.

Which type of threat involves an unauthorized party not only accessing but also tampering with an asset?

Modification

What does confidentiality in computer security primarily ensure?

Assets are accessed only by authorized parties.

In the context of asset security, what does an interruption signify?

An asset is lost, unavailable, or unusable.

What is the role of 'motive' in the MOM framework for malicious attacks?

The reasoning behind performing the attack.

Which of the following is NOT one of the three security goals addressed in computer security?

Authenticity

Which of the following is a necessary condition for a successful malicious attack according to the MOM framework?

Availability of method, opportunity, and motive.

What type of security control aims to address the integrity of systems?

Technical controls

What are the three basic security primitives mentioned?

Confidentiality, integrity, and availability

Which of the following is NOT considered a physical control?

Intrusion detection systems

What role do policies and procedures play in security controls?

They enhance security by fostering user cooperation.

How do vulnerabilities and threats interact in a security context?

Vulnerabilities create opportunities for threats to exploit.

What must be understood for effective cooperation with security requirements?

The necessity of security in specific situations

Which of the following describes VirusTotal's main function?

It inspects items using over 70 antivirus scanners.

Which of the following best captures the relationship between different attackers and their capabilities?

Attackers vary in capabilities and motivations, leading to different threats.

Which security control is most beneficial for mitigating the risk of physical theft?

Locks and cables

What is the primary purpose of a control in the context of threats and vulnerabilities?

To remove or reduce a vulnerability

Which of the following correctly describes the relationship among threats, controls, and vulnerabilities?

Without understanding threats, controls cannot be devised.

What does the term nonrepudiation refer to?

Proving the authenticity of a document or communication.

Which of the following factors defines the 'Access Control Policy'?

Who + What + How = Yes/No

What type of threats are classified as having benign intent?

Unintentional actions like human error

Which of the following best describes an Advanced Persistent Threat (APT)?

A well-organized and directed threat with patience and funding

Which type of harm involves unauthorized access to an asset?

Interception

In the context of types of attackers, which description fits a 'criminal-for-hire'?

A hacker performing attacks for monetary gain

What does integrity in security refer to?

Modification of assets only by authorized parties

Which of the following describes the goal of recovery in security?

Stopping the attack and repairing the damage

Which of the following represents the relationship between confidentiality, integrity, and availability?

They can overlap and be mutually exclusive.

What is an example of a deterrence control?

Legal consequences for unauthorized access

What role do trust and assumptions play in security?

They underlie all aspects of security.

What is a characteristic of deflection controls?

Redirecting threats to less critical parts of the system

Which option best defines availability in a security context?

Making sure assets can be accessed at appropriate times

What is the primary focus of preventive measures in security?

Stopping attacks before they occur

What term refers to data in their normal, unscrambled state?

Cleartext

What is one potential disadvantage of weak encryption?

It can degrade the performance of the entire system.

Which type of control includes parts of the program that enforce security restrictions?

Internal program controls

Which method ensures that user access is restricted from one another in a network?

Operating system controls

What is an example of an independent control program?

Antivirus software

What aspect does encryption primarily address?

Confidentiality of data

Which statement is true regarding the use of encryption?

It should be complemented by other security tools.

What is a potential result of not using encryption properly?

It may create vulnerabilities in the system.

Study Notes

Computer Security Introduction

• Computer security protects a computer system's assets: hardware, software, and data.
• Chapter 1 objectives include defining computer security and basic terms, introducing the C-I-A Triad, access control terminology, basic threats, vulnerabilities, and attacks, and control mapping to threats.
• Assets include hardware (computers, devices, disk drives, memory, printers, network gear), software (operating system, utilities like antivirus, commercial applications, word processing, photo editing, individual applications), and data (documents, photos, music, videos, email, class projects).
• Hardware assets are easily replaceable; data assets are unique and irreplaceable.
• Basic terms include vulnerability (a weakness in the security system), threat (circumstances potentially causing loss or harm), attack (a human exploiting a vulnerability), and controls/countermeasures (actions, devices, procedures, techniques to reduce a vulnerability).
• Threats are blocked by controls on vulnerabilities. Knowledge of threats is key to control design.
• The C-I-A Triad includes confidentiality (ensuring access only by authorized parties), integrity (assets only changed by authorized parties), and availability (assets accessible to authorized parties).
• Access control defines who (subject) has what (object) access and how (mode).
• Types of threats include natural causes (fire, power failure), human causes (benign/malicious intent, human error, random/directed attacks, impersonation).
• Advanced Persistent Threats (APTs) are organized, directed, well-financed, patient, and silent.
• Types of attackers include hackers, individuals, terrorists, criminal-for-hire, loosely connected groups, and organized crime members.
• Types of harm include interception, interruption, modification, and fabrication.
• Interception is unauthorized access to an asset.
• Interruption is an asset becoming unavailable or lost.
• Modification is unauthorized tampering with an asset.
• Fabrication is creating counterfeit objects in a system.
• Method-Opportunity-Motive (MOM) describes attacker characteristics needed to conduct an attack.

Security Goals

• Prevention aims to stop attackers from violating security policies.
• Detection aims to identify attackers violating security policies.
• Recovery aims to stop attacks, evaluate damage, repair it, and ensure continued correct functioning.

Trust and Assumptions

• Trust underlies security policies, mechanisms, and procedures.
• Policies must unambiguously define system states and capture security requirements.
• Mechanisms must be assumed to enforce policies and work correctly.

Different Types of Controls

• Deterrence discourages attacks by increasing costs.
• Deflection redirects threats to less critical components.
• Response involves reacting after a detected attack to minimize damage, restore services, and analyze the attack.
• Prevention aims to stop attacks before they occur (e.g., firewalls, antivirus).

Controls Available

• Encryption renders data unreadable to unauthorized parties while maintaining integrity.
• Weak encryption can be detrimental.
• Software/program controls include security restrictions within programs, access limitations, operating system controls, and independent control programs.
• Hardware controls include encryption devices, locks, security verification devices, firewalls, and intrusion detection systems.
• Physical controls include locks, entry point guards, backups, and disaster preparedness planning.

Effectiveness of Controls

• Awareness of problems is necessary; people must understand why security is required.

Summary

• Vulnerabilities are weaknesses; threats exploit vulnerabilities, and controls help prevent such exploitation.
• Confidentiality, integrity, availability are core security principles.
• Attacker types depend on their capabilities and motivations.
• Controls vary, have different functions, and can exist at different levels/points within the system.

Description

This quiz covers the foundational concepts of computer security as introduced in Chapter 1. It defines key terms, discusses the C-I-A Triad, and highlights various threats, vulnerabilities, and control measures. Understanding these basics is essential for protecting valuable system assets.