CS361C Slideset 1: Introduction Terms Quiz

Questions and Answers

Which type of attack involves a physical intrusion into a secure facility to gather information?

Scavenging and removal (correct)

Denial of service attack

Interference attack

Impersonation attack

In the context of Information Assurance, what is the primary focus of the perceptual level?

Managing perceptions of the target (correct)

Information security technical measures

Data manipulation ability

Physical security measures

Which of the following is considered an active attack in the context of Information Assurance?

Spoofing (correct)

Wiretapping

Intrusion detection

Denial of service attack

What is the main focus of the second level of Information Assurance (IA), known as the information structure level?

Processes and programs

Which operation involves influencing decisions and behaviors by managing perceptions of the target in Information Assurance?

Social engineering

What does an attacker engage in when they use piggybacking as part of their operations in Information Assurance?

Passive exploitation

What is the main purpose of an exploit in cybersecurity?

To take advantage of a known vulnerability

Which of the following is an example of a vulnerability in computer security?

A bug in a computer program leading to a buffer overflow

In cybersecurity, what can result from a lack of controls within a system?

Vulnerabilities that can be exploited

What distinguishes an exploit from an attack in the context of cybersecurity?

An exploit is a method for taking advantage of a known vulnerability, while an attack is the act of exploiting it

Which type of attack involves the compromise of confidential data through methods like packet sniffing?

Interception

What is the primary difference between a passive and an active attack in cybersecurity?

A passive attack involves monitoring or eavesdropping, while an active attack involves modifying or destroying data

What is a dangling vulnerability?

A vulnerability that is known but not exploitable

Which of the following best describes a dangling threat?

A threat that poses no danger as there is no vulnerability to exploit

What is the main difference between a passive attack and an active attack?

Passive attacks observe interactions, while active attacks interact with the system directly

What is an unintentional attack?

An attack with no clear goal or objective

What constitutes the attack surface of an organization/entity?

The set of ways in which an adversary can enter the system and potentially cause damage

How can the attack surface of a system be effectively reduced?

Limiting user input fields and interfaces

Study Notes

Vulnerabilities and Exploits

• A dangling vulnerability is a weakness in a system that is not currently exploitable.
• A dangling threat is a potential danger that cannot cause harm because there is no vulnerability to exploit.

Attack Types

• An attack is an attempt to gain access, cause damage, or compromise information and/or systems.
• Passive attack: the attacker observes interaction with the system without directly interacting with it.
• Active attack: the attacker directly interacts with the system.
• Unintentional attack: an attack without a deliberate goal of misuse.

Attack Surface

• The attack surface of an organization/entity is the set of ways an adversary can enter the system and potentially cause damage.
• Examples of attack surface include user input fields, protocols, interfaces, and services.
• Reducing the attack surface can be achieved by minimizing user input fields, limiting protocols and interfaces, and implementing secure coding practices.

Attacker and Defender Operations

• Attacker's operations include physical attack and destruction, electromagnetic attack, visual spying, intrusion, scavenging and removal, wiretapping, interference, and eavesdropping.
• Defender's operations include physical security, OPSEC, TEMPEST, encryption and key management, intrusion detection, anti-virus software, auditing, redundancy, firewalls, policies, and standards.

IA Levels

Infrastructure Level

• Focuses on the information structure level, including data structures, processes, and programs, protocols, data content, and databases.
• Desired effects include influencing the effectiveness and performance of information functions supporting perception, decision making, and control of physical processes.
• Attacker's operations include impersonation, piggybacking, spoofing, network attacks, malware, authorization attacks, active misuse, and denial of service attacks.
• Defender's operations include information security technical measures.

Perceptual Level (Social Engineering)

• Focuses on the perceptual level, concerned with managing perceptions of the target, particularly those making security decisions.
• Desired effects include influencing decisions and behaviors.
• Examples include interruption (denial of service attack), interception (compromise of confidential data), modification (hacking to deface a website), and fabrication (spoofing attacks in a network).

Environments and Enclaves

• Hostile environment: an environment with known threats, e.g., locating an asset in a war zone or a flood zone, or placing an unprotected machine on the Internet.
• Benign environment: a non-hostile environment protected from external hostile elements by physical, personnel, and procedural countermeasures.
• Enclave: a collection of computing environments connected by one or more internal networks under the control of a single authority and security policy, including personnel and physical security.
• Example of a local enclave: a university campus network.

Description

Test your knowledge on terms related to vulnerabilities, exploits, attacks, and threats as discussed in CS361C Slideset 1. Explore concepts such as dangling vulnerabilities, threats, and attacks in the realm of cybersecurity.