Computer Security Overview

Questions and Answers

PDF Questions PDF Answers

What is the primary consequence of a loss of confidentiality?

Unauthorized disclosure of information (correct)

Unauthorized modification of information

Disruption of access to information

Verification of user identities

Which of the following correctly describes integrity in the context of security objectives?

Ensures timely access to information

Guards against unauthorized modification or destruction of information (correct)

Provides verified identity for system users

Preserves information access and disclosure rights

What does availability in a security context refer to?

Timely and reliable access to information and systems (correct)

The authorized access and disclosure of information

The ability to trace actions of an entity

The property of being genuine and valid

Which additional security concept is primarily concerned with verification of identities?

Authenticity

What is the role of accountability in security?

To trace actions uniquely to specific entities

According to FIPS 199, what level of impact is classified as low?

Expected limited adverse effects on operations, assets, or individuals

Which security objective involves protecting personal privacy and proprietary information?

Confidentiality

Which of the following is true regarding authenticity and integrity?

Authenticity is included as a subset of integrity.

What is the goal when dealing with active attacks?

Detect and recover from disruptions

What is an example of a denial of service attack?

Overloading a network with messages

Which area requires primarily computer security technical measures?

Access control

What characterizes passive attacks compared to active attacks?

They are difficult to detect

Which functional area involves both technical measures and management controls?

Incident response

Which is NOT a requirement listed under FIPS PUB 200?

Authentication management

What must be prioritized in response to an active attack?

Detection of the attack

What is the main focus of management measures in security?

Awareness and training programs

What are the three fundamental questions addressed in computer security?

What assets do we need to protect? How are those assets threatened? What can we do to counter those threats?

Which of the following is NOT a part of the CIA triad?

Accountability

What type of attack can lead to misappropriation of service?

Distributed denial of service attack

What does data confidentiality aim to ensure?

Private or confidential information is not disclosed to unauthorized individuals.

Which category of computer system assets is most vulnerable to attack?

Hardware

Which statement best describes data integrity?

Guarantees that only authorized changes are made to the information.

Which of the following scenarios illustrates a threat to system integrity?

A hacker gains unauthorized access and manipulates system operations.

What is a significant threat concerning software assets?

Attacks on availability

What security concern is primarily related to data assets?

Integrity and secrecy

What does availability in the context of computer security ensure?

Systems are functioning as intended and access is not denied to authorized users.

What can result from software modification by a virus?

Altered program functionality

Which organization provides standards related to the security categorization of information systems?

NIST: National Institute of Standards and Technology

What is the significance of the CIA triad in computer security?

It provides a framework for organizing security objectives.

Which measure is most effective in addressing threats to hardware assets?

Physical security measures

What is the risk associated with the theft of CD-ROMs and DVDs?

Loss of confidentiality

What type of access can lead to misuse of a computer system?

Unauthorized remote access

What is the purpose of an attack surface analysis?

To assess the scale and severity of potential threats

In an attack tree, what does a leaf node represent?

A way to initiate an attack

What type of node requires all subgoals to be achieved for success?

AND-node

Which of the following best describes vulnerabilities in the human attack surface?

Social engineering and human error

What is the role of branches in an attack tree?

To show potential attack techniques leading to the root goal

How does defining an attack surface help security designers?

It helps prioritize security measures and testing

Which of the following statements about attack trees is true?

The actions required can be labeled with values for easier comparison

What do network protocol vulnerabilities typically involve?

Denial-of-service attacks and communication disruptions

Study Notes

Computer Security Overview

• Security deals with protecting computer-related assets from threats.
• Three fundamental questions in security:
  • What assets need protection?
  • How are those assets threatened?
  • What countermeasures can be used?
• Three key security objectives:
  • Confidentiality: Protecting sensitive information from unauthorized access.
    • Includes data confidentiality and privacy.
  • Integrity: Ensuring data and systems remain unchanged without authorized modifications.
  • Availability: Guaranteeing timely and reliable access to systems and services.
• CIA triad: confidentiality, integrity, and availability.
• NIST standard FIPS 199: Defines confidentiality, integrity, and availability as the three security objectives for information and information systems.

Expanding Security Objectives

• Authenticity: Verifying the genuineness and trustworthiness of users and data sources.
• Accountability: Ensuring actions can be traced back to a specific entity for non-repudiation, fault isolation, and forensic analysis.
• Impact Levels:
  • Low: Limited adverse effect on operations, assets, or individuals.
    • Misappropriation: Unauthorized use of resources, such as in distributed denial-of-service attacks.
    • Misuse: Malicious code or unauthorized access leading to security function disruption.
  • Moderate: Serious adverse effect on operations, assets, or individuals.
  • High: Severe or catastrophic adverse effect on operations, assets, or individuals.

Computer System Assets

• Hardware:
  • Threat: Availability is a primary concern.
  • Countermeasures: Physical and administrative security measures.
• Software:
  • Threat: Availability is a primary concern.
  • Countermeasures: Careful software configuration management.
• Data:
  • Threat: Confidentiality (secrecy), integrity, and availability are all concerns.
  • Countermeasures: Access control, encryption, and data integrity checks.
• Communication Lines and Networks:
  • Threats: Interception (passive attack) and modification (active attack) of data.
  • Countermeasures: Encryption, firewalls, intrusion detection systems.

Attack Types

• Passive Attacks: Eavesdropping or monitoring communications without altering them.
• Active Attacks: Modifying data, disrupting services, or introducing false information.

Countermeasures

• FIPS PUB 200: Defines 17 security-related functional areas:
  • Access control, Identification and authentication, System and communication protection, System and information integrity, Awareness and training, Audit and accountability, Certification, accreditation, and security assessments, Contingency planning, Maintenance, Physical and environmental protection, Planning, Personnel security, Risk assessment, Systems and services acquisition, Configuration management, Incident response, Media protection.
• Attack Surface:
  • Network attack surface: Vulnerabilities in network protocols and services.
  • Software attack surface: Vulnerabilities in software code.
  • Human attack surface: Vulnerabilities due to human error or social engineering.

Attack Tree Analysis

• A hierarchical representation of attack techniques.
• Visualizes how attackers can exploit vulnerabilities to achieve a goal.
• Helps understand attack patterns and prioritize security measures.

Description

This quiz covers the fundamental concepts of computer security, including the key security objectives of confidentiality, integrity, and availability, known as the CIA triad. It also discusses the importance of authenticity and accountability in protecting computer-related assets. Explore how to identify threats and implement effective countermeasures to safeguard information systems.