CS361C Slideset 1: Introduction Terms Quiz

Questions and Answers

Which type of attack involves a physical intrusion into a secure facility to gather information?

• Scavenging and removal (correct)
• Denial of service attack
• Interference attack
• Impersonation attack

In the context of Information Assurance, what is the primary focus of the perceptual level?

• Managing perceptions of the target (correct)
• Information security technical measures
• Data manipulation ability
• Physical security measures

Which of the following is considered an active attack in the context of Information Assurance?

• Spoofing (correct)
• Wiretapping
• Intrusion detection
• Denial of service attack

What is the main focus of the second level of Information Assurance (IA), known as the information structure level?

Processes and programs (D)

Which operation involves influencing decisions and behaviors by managing perceptions of the target in Information Assurance?

Social engineering (B)

What does an attacker engage in when they use piggybacking as part of their operations in Information Assurance?

Passive exploitation (C)

What is the main purpose of an exploit in cybersecurity?

To take advantage of a known vulnerability (D)

Which of the following is an example of a vulnerability in computer security?

A bug in a computer program leading to a buffer overflow (B)

In cybersecurity, what can result from a lack of controls within a system?

Vulnerabilities that can be exploited (A)

What distinguishes an exploit from an attack in the context of cybersecurity?

An exploit is a method for taking advantage of a known vulnerability, while an attack is the act of exploiting it (C)

Which type of attack involves the compromise of confidential data through methods like packet sniffing?

Interception (C)

What is the primary difference between a passive and an active attack in cybersecurity?

A passive attack involves monitoring or eavesdropping, while an active attack involves modifying or destroying data (A)

What is a dangling vulnerability?

A vulnerability that is known but not exploitable (A)

Which of the following best describes a dangling threat?

A threat that poses no danger as there is no vulnerability to exploit (A)

What is the main difference between a passive attack and an active attack?

Passive attacks observe interactions, while active attacks interact with the system directly (A)

What is an unintentional attack?

An attack with no clear goal or objective (C)

What constitutes the attack surface of an organization/entity?

The set of ways in which an adversary can enter the system and potentially cause damage (C)

How can the attack surface of a system be effectively reduced?

Limiting user input fields and interfaces (C)

Flashcards are hidden until you start studying

Study Notes

Vulnerabilities and Exploits

• A dangling vulnerability is a weakness in a system that is not currently exploitable.
• A dangling threat is a potential danger that cannot cause harm because there is no vulnerability to exploit.

Attack Types

• An attack is an attempt to gain access, cause damage, or compromise information and/or systems.
• Passive attack: the attacker observes interaction with the system without directly interacting with it.
• Active attack: the attacker directly interacts with the system.
• Unintentional attack: an attack without a deliberate goal of misuse.

Attack Surface

• The attack surface of an organization/entity is the set of ways an adversary can enter the system and potentially cause damage.
• Examples of attack surface include user input fields, protocols, interfaces, and services.
• Reducing the attack surface can be achieved by minimizing user input fields, limiting protocols and interfaces, and implementing secure coding practices.

Attacker and Defender Operations

• Attacker's operations include physical attack and destruction, electromagnetic attack, visual spying, intrusion, scavenging and removal, wiretapping, interference, and eavesdropping.
• Defender's operations include physical security, OPSEC, TEMPEST, encryption and key management, intrusion detection, anti-virus software, auditing, redundancy, firewalls, policies, and standards.

IA Levels

Infrastructure Level

• Focuses on the information structure level, including data structures, processes, and programs, protocols, data content, and databases.
• Desired effects include influencing the effectiveness and performance of information functions supporting perception, decision making, and control of physical processes.
• Attacker's operations include impersonation, piggybacking, spoofing, network attacks, malware, authorization attacks, active misuse, and denial of service attacks.
• Defender's operations include information security technical measures.

Perceptual Level (Social Engineering)

• Focuses on the perceptual level, concerned with managing perceptions of the target, particularly those making security decisions.
• Desired effects include influencing decisions and behaviors.
• Examples include interruption (denial of service attack), interception (compromise of confidential data), modification (hacking to deface a website), and fabrication (spoofing attacks in a network).

Environments and Enclaves

• Hostile environment: an environment with known threats, e.g., locating an asset in a war zone or a flood zone, or placing an unprotected machine on the Internet.
• Benign environment: a non-hostile environment protected from external hostile elements by physical, personnel, and procedural countermeasures.
• Enclave: a collection of computing environments connected by one or more internal networks under the control of a single authority and security policy, including personnel and physical security.
• Example of a local enclave: a university campus network.