Computer Security Threats

Questions and Answers

PDF Questions PDF Answers

What is the term for a circumstance or event that interrupts or prevents the correct operation of system services and functions?

Disruption (correct)

Obstruction

Misappropriation

Corruption

What is the result of an entity assuming unauthorized logical or physical control of a system resource?

Usurpation (correct)

Obstruction

Misuse

Corruption

What type of asset is an unencrypted USB drive an example of?

Network

Communication lines

Software

Hardware (correct)

What is the term for an action that causes a system component to perform a function or service that is detrimental to system security?

Misuse

What is the term for a threat that negatively modifies system functions or data?

Corruption

What is the category of assets that includes programs and applications?

Software

What is the term for a threat action that interrupts the delivery of system services by hindering system operation?

Obstruction

What is the term for a threat that results in an unauthorized entity controlling system services or functions?

Usurpation

What is the primary goal of isolating public access systems from critical resources?

To prevent unauthorized access to critical resources

How does encapsulation provide protection in object-oriented functionality?

By limiting access to internal structure of a data object

What is the main advantage of a modular security design?

Easier modification of individual security modules

What is the purpose of layering in security?

To provide multiple, overlapping protection approaches

What is the principle of least astonishment in program design?

A program should always respond in the way that is least likely to astonish the user

What is the main benefit of isolating security mechanisms?

Prevention of access to security mechanisms

What is the relationship between encapsulation and isolation?

Encapsulation is a type of isolation

What is the primary goal of isolating processes and files of individual users?

To prevent unauthorized access to individual files

What is the primary concern of the confidentiality aspect of the security triad?

Preventing unauthorized access to data

What type of threat is the fabrication of new files?

Integrity threat

Which security area is concerned with protecting information systems from physical damage or disruption?

Physical and Environmental Protection

What is the main purpose of Risk Assessment in the context of security requirements?

To identify vulnerabilities in information systems

What is the primary concern of the availability aspect of the security triad?

Ensuring timely and reliable access to data

Which standard enumerates 17 security-related areas about protecting the confidentiality, integrity, and availability of information systems?

FIPS 200

What type of threat is the deletion of files, denying access to users?

Availability threat

Which area of security requirements involves protecting information systems from unauthorized access?

Access Control

What are the white boxes in an Attack Tree?

Categories that consist of one or more specific attack events (leaf nodes)

What is the first step in devising security services and mechanisms?

Development of a security policy

What is the goal of prevention in security implementation?

To have no successful attack

What is an example of recovery in security implementation?

Using backup systems

What is the primary concern of consumers of computer security services and mechanisms?

The belief that security measures work as intended

What is the security aspect that involves ensuring that the security scheme really works?

Correctness/Assurance

What are the three aspects of a comprehensive security strategy?

Specification/Policy, Implementation/Mechanisms, and Correctness/Assurance

What is a critical factor to consider when developing a security policy?

The value of the assets being protected

What does an attack tree represent?

A set of potential techniques for exploiting security vulnerabilities

What is the purpose of the root node in an attack tree?

To represent the security incident that is the attack's goal

What type of nodes are the final nodes on the paths outward from the root in an attack tree?

Leaf nodes

What is the purpose of labeling branches with values in an attack tree?

To compare alternative attacks

What is the motivation for using attack trees?

To effectively exploit the information available on attack patterns

What can security analysts use attack trees to document?

Security attacks in a structured form

What can an attack tree guide?

Both the design of systems and applications, and the choice and strength of countermeasures

What is represented by the shaded boxes in an attack tree example?

The leaf nodes

Study Notes

Threats to Computer Systems

• Corruption: Alters system operation by modifying system functions or data
• Obstruction: Interrupts the delivery of system services by hindering system operation
• Usurpation: An unauthorized entity assumes control of system resources or services
• Disruption: A threat to availability or system integrity that interrupts system operation

Assets of a Computer System

• Hardware
• Software
• Data
• Communication lines and networks

Scope of Computer Security

• Confidentiality: Protection of unauthorized access to data
• Integrity: Protection of data from modification or deletion
• Availability: Protection of data and systems from disruptions

Threats to Computer System Assets

• Hardware: Theft or disablement of equipment
• Software: Unauthorized copies, modification, or deletion of software
• Data: Unauthorized read, modification, or deletion of data
• Communication lines and networks: Unauthorized access, modification, or disruption of communication

Security Functional Requirements

• 17 security-related areas defined in FIPS 200 for protecting confidentiality, integrity, and availability of information systems
• Areas include access control, awareness and training, audit and accountability, and more

Countermeasures

• Isolation: Isolating public access systems from critical resources and isolating security mechanisms
• Encapsulation: Protecting data and procedures by encapsulating them in a domain of their own
• Modularity: Developing security functions as separate, protected modules
• Layering: Using multiple, overlapping protection approaches
• Least astonishment: Designing user interfaces to respond in a way that is least likely to astonish the user

Attack Trees Mechanism

• A hierarchical data structure representing potential techniques for exploiting security vulnerabilities
• Root node represents the attack goal, and branches represent ways to achieve that goal
• Subnodes define subgoals, and each subgoal may have its own set of subgoals

Attack Trees Motivation

• Effective exploitation of information on attack patterns
• Documenting security attacks in a structured form that reveals key vulnerabilities
• Guiding system design and application, and choice and strength of countermeasures

Attack Trees Example

• Analysis for an Internet banking authentication application
• Root node is the objective of the attacker, and leaf nodes represent events that comprise the attacks

Computer Security Strategies

• Specification/policy: Defining what the security scheme is supposed to do
• Implementation/mechanisms: How the security scheme is implemented
• Correctness/assurance: Ensuring the security scheme works as intended

Security Policy

• Developing a security policy involves considering the value of assets, system vulnerabilities, and potential threats
• Trade-offs between ease of use, cost of security, and cost of failure and recovery must be considered

Security Implementation

• Prevention: Ideal security scheme with no successful attack
• Detection: Detecting security attacks when prevention is not feasible
• Response: Responding to detected attacks to prevent further damage
• Recovery: Recovering from security breaches by using backup systems or reloading correct data

Description

This quiz covers different types of computer security threats, including corruption, obstruction, disruption, and usurpation. It explains how these threats can affect system operation and integrity.