Computer Security Overview

Questions and Answers

What is the primary goal of computer security?

To enhance the performance of computer systems

To ensure the availability of all online resources

To protect computer systems from unauthorized access and damage (correct)

To improve user friendliness of computer interfaces

Which of the following elements of computer security refers to the trustworthiness of data?

Authentication

Integrity (correct)

Confidentiality

Availability

What type of attacker is characterized by having advanced technical skills to exploit vulnerabilities?

Hackers (correct)

State-sponsored actors

Insiders

Phishers

Which type of attack floods a web property with excessive traffic to disrupt its normal operations?

Denial-of-Service (DoS) attack

What is a key trade-off associated with implementing strong security measures?

Reduced user convenience and usability

Which of the following is an example of a malware attack?

Trojan horses

What tactic is commonly used in phishing attacks?

Creating counterfeit websites to collect information

Which type of attacker works for a nation's government to engage in cyber espionage?

State-sponsored actors

What type of attack involves injecting malicious SQL code into input fields?

SQL Injection Attack

Which of the following best describes Cross-Site Scripting (XSS)?

Executing malicious scripts in users' browsers.

What is a primary consequence of a data breach?

Exposure of personal and financial information

Which mechanism ensures that only authorized users can access certain resources?

Access Control

What is a method to convert data into a scrambled format for protection?

Encryption

Insider threats are characterized by which of the following?

Misuse of privileges by authorized individuals.

How does encryption protect sensitive information during data transmission?

By converting it into a scrambled format.

Which of the following is an example of a social engineering attack?

Phishing email attempts

What is the primary purpose of Transport Layer Security (TLS)?

To secure data transmitted over the internet

Which type of firewall protects individual devices from unauthorized network traffic?

Host-based firewall

What role do Intrusion Detection and Prevention Systems (IDPS) play in network security?

To monitor network traffic for suspicious activities

What is the main function of vulnerability assessment?

To periodically scan systems for security weaknesses

Which of the following best describes an Acceptable Use Policy (AUP)?

A policy outlining acceptable behavior when using organizational resources

What type of vulnerability assessment simulates attacks to identify weaknesses in a system?

Penetration testing

Which of the following is NOT a type of firewall mentioned?

Web application firewall

What feature distinguishes anomaly-based Intrusion Detection and Prevention Systems (IDPS)?

They analyze network traffic to detect abnormal patterns

What is the primary purpose of multi-factor authentication (MFA)?

To provide an additional security layer by requiring multiple forms of verification.

Which of the following is NOT a component of an effective backup and disaster recovery plan?

Encryption of all data stored in the cloud.

What is the main focus of application security?

To ensure software is developed, tested, and deployed with security considerations.

Which type of encryption uses only one key for both encrypting and decrypting data?

Symmetric Encryption.

What do audit trails primarily help administrators to accomplish?

Review and investigate security incidents or breaches.

Which of the following best describes stream algorithms in symmetric encryption?

Data is encrypted as it is processed in a continuous stream.

In the context of data classification policy, what criteria primarily determine the handling of data?

The sensitivity of the data.

What is a potential benefit of using security libraries and frameworks during application development?

They help prevent common vulnerabilities like SQL injection.

Which of the following is a characteristic of a block cipher?

Encrypts data in fixed size blocks

What is the primary function of cryptography?

To encode data to maintain confidentiality

Which of the following attacks involves attackers trying all possible keys?

Brute force attack

What type of cipher is RC4 categorized as?

Stream cipher

What is the consequence of using predictable values to generate encryption keys?

Susceptibility to attacks

Which component is NOT an aspect of cryptographic importance?

Speed of encryption

Which of the following best describes pseudorandom numbers?

Values appearing random but determined by an initial value

Which group is likely to utilize cryptanalysis?

National security agencies

Study Notes

Computer Security Overview

• Refers to the protection of computer systems, networks, and data from unauthorized access, attacks, and damage.
• Also known as cyber security or IT security.
• Involves safeguarding hardware, software, and information from theft or damage.

Key Elements of Computer Security

• Confidentiality: Ensures information and resources remain concealed from unauthorized users.
• Integrity: Maintains the trustworthiness of data by preventing unauthorized or improper changes.
• Availability: Guarantees authorized users can access data when needed, ensuring the usefulness of the information.

Types of Attackers

• Hackers: Skilled individuals exploiting system vulnerabilities.
• Insiders: Authorized individuals who may misuse their access.
• State-sponsored Actors: Highly trained cyber spies working for governmental entities.

Security vs. Usability Trade-off

• Balancing strong security measures with user-friendliness is crucial.
• Increased security often leads to user inconvenience.

Security Attacks

• Malware: Compromises data, steals information, or disrupts operations (e.g., viruses, ransomware).
• Phishing: Tricks users into revealing personal information via counterfeit websites.
• Denial-of-Service (DoS): Overwhelms a web service to disrupt normal operations (e.g., DDoS attacks).
• Man-in-the-Middle (MitM): Eavesdrops on communication between two parties.
• SQL Injection: Targets databases by injecting malicious SQL to manipulate or access data.
• Cross-Site Scripting (XSS): Injects scripts into web applications to execute in user browsers.
• Data Breaches: Unauthorized access to sensitive data, often exposing personal information.
• Insider Threats: Misuse of authorized access by individuals within an organization.
• Social Engineering: Manipulates individuals into divulging confidential information.

Security Mechanisms

• Access Control: Limits resource access to authorized users through authentication and authorization methods.
• Encryption: Converts data into scrambled formats, making it accessible only to authorized parties with the correct decryption key.
• Firewalls: Monitor and control network traffic, protecting against unauthorized access.
• Intrusion Detection and Prevention Systems (IDPS): Monitor networks for suspicious activities to prevent breaches.
• Vulnerability Assessment: Regular scanning to identify and address system weaknesses.
• Security Policies: Guidelines outlining organizational security practices and responsibilities.
• Multi-Factor Authentication (MFA): Requires multiple verification forms to access sensitive information.
• Audit Trails: Track user activities for investigation and review of security incidents.
• Backup and Disaster Recovery: Regular data backups and plans for operational continuity post-incident.
• Application Security: Secure development practices to minimize vulnerabilities in software applications.

Symmetric Encryption

• Also known as "private key" encryption, utilizes a single key for both encryption and decryption.
• Block Algorithms: Encrypt data in fixed-size blocks using a secret key.
• Stream Algorithms: Encrypt data in a continuous stream.
• Common symmetric encryption algorithms include AES, DES, and Blowfish.

Cryptography

• The technique of encoding data to ensure that it remains confidential, integral, authentic, and non-repudiated.
• Key uses: maintaining data confidentiality, integrity, authentication, and non-repudiation.

Attacks on Encrypted Messages

• Brute Force Attack: Attempts all possible keys to decrypt messages.
• Known-Plaintext Attack: Uses known pairs of plaintext and ciphertext to determine keys.
• Chosen-Plaintext Attack: Allows attackers to choose plaintexts and analyze corresponding ciphertexts.
• Frequency Analysis: Exploits predictable patterns in natural language for deciphering codes.

Random Numbers in Encryption

• True Randomness: Generated via hardware from unpredictable physical processes.
• Non-Random Values: Keys based on predictable inputs (like current date/time) are weak.
• Pseudorandom Numbers: Generated via algorithms that seem random but are based on an initial seed.

Cryptanalysis and Its Users

• Employed by hackers, government entities, and cybersecurity companies to break encryption and analyze data security.

Description

This quiz covers the foundational elements of computer security, including its key components such as confidentiality, integrity, and availability. You will also learn about different types of attackers and the balance between security and usability. Test your knowledge and understanding of cyber security concepts.