18 Questions
Which type of attack involves a physical intrusion into a secure facility to gather information?
Scavenging and removal
In the context of Information Assurance, what is the primary focus of the perceptual level?
Managing perceptions of the target
Which of the following is considered an active attack in the context of Information Assurance?
Spoofing
What is the main focus of the second level of Information Assurance (IA), known as the information structure level?
Processes and programs
Which operation involves influencing decisions and behaviors by managing perceptions of the target in Information Assurance?
Social engineering
What does an attacker engage in when they use piggybacking as part of their operations in Information Assurance?
Passive exploitation
What is the main purpose of an exploit in cybersecurity?
To take advantage of a known vulnerability
Which of the following is an example of a vulnerability in computer security?
A bug in a computer program leading to a buffer overflow
In cybersecurity, what can result from a lack of controls within a system?
Vulnerabilities that can be exploited
What distinguishes an exploit from an attack in the context of cybersecurity?
An exploit is a method for taking advantage of a known vulnerability, while an attack is the act of exploiting it
Which type of attack involves the compromise of confidential data through methods like packet sniffing?
Interception
What is the primary difference between a passive and an active attack in cybersecurity?
A passive attack involves monitoring or eavesdropping, while an active attack involves modifying or destroying data
What is a dangling vulnerability?
A vulnerability that is known but not exploitable
Which of the following best describes a dangling threat?
A threat that poses no danger as there is no vulnerability to exploit
What is the main difference between a passive attack and an active attack?
Passive attacks observe interactions, while active attacks interact with the system directly
What is an unintentional attack?
An attack with no clear goal or objective
What constitutes the attack surface of an organization/entity?
The set of ways in which an adversary can enter the system and potentially cause damage
How can the attack surface of a system be effectively reduced?
Limiting user input fields and interfaces
Study Notes
Vulnerabilities and Exploits
- A dangling vulnerability is a weakness in a system that is not currently exploitable.
- A dangling threat is a potential danger that cannot cause harm because there is no vulnerability to exploit.
Attack Types
- An attack is an attempt to gain access, cause damage, or compromise information and/or systems.
- Passive attack: the attacker observes interaction with the system without directly interacting with it.
- Active attack: the attacker directly interacts with the system.
- Unintentional attack: an attack without a deliberate goal of misuse.
Attack Surface
- The attack surface of an organization/entity is the set of ways an adversary can enter the system and potentially cause damage.
- Examples of attack surface include user input fields, protocols, interfaces, and services.
- Reducing the attack surface can be achieved by minimizing user input fields, limiting protocols and interfaces, and implementing secure coding practices.
Attacker and Defender Operations
- Attacker's operations include physical attack and destruction, electromagnetic attack, visual spying, intrusion, scavenging and removal, wiretapping, interference, and eavesdropping.
- Defender's operations include physical security, OPSEC, TEMPEST, encryption and key management, intrusion detection, anti-virus software, auditing, redundancy, firewalls, policies, and standards.
IA Levels
Infrastructure Level
- Focuses on the information structure level, including data structures, processes, and programs, protocols, data content, and databases.
- Desired effects include influencing the effectiveness and performance of information functions supporting perception, decision making, and control of physical processes.
- Attacker's operations include impersonation, piggybacking, spoofing, network attacks, malware, authorization attacks, active misuse, and denial of service attacks.
- Defender's operations include information security technical measures.
Perceptual Level (Social Engineering)
- Focuses on the perceptual level, concerned with managing perceptions of the target, particularly those making security decisions.
- Desired effects include influencing decisions and behaviors.
- Examples include interruption (denial of service attack), interception (compromise of confidential data), modification (hacking to deface a website), and fabrication (spoofing attacks in a network).
Environments and Enclaves
- Hostile environment: an environment with known threats, e.g., locating an asset in a war zone or a flood zone, or placing an unprotected machine on the Internet.
- Benign environment: a non-hostile environment protected from external hostile elements by physical, personnel, and procedural countermeasures.
- Enclave: a collection of computing environments connected by one or more internal networks under the control of a single authority and security policy, including personnel and physical security.
- Example of a local enclave: a university campus network.
Test your knowledge on terms related to vulnerabilities, exploits, attacks, and threats as discussed in CS361C Slideset 1. Explore concepts such as dangling vulnerabilities, threats, and attacks in the realm of cybersecurity.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
