Cyber Security Lecture 2
13 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary goal of information security?

  • Confidentiality
  • Integrity
  • Availability
  • All of the above (correct)
  • Define 'Vulnerability' in the context of cyber security.

    Characteristic of, or weakness in, a system, that could result in harm to an asset if acted on by a threat.

    Threat incidents occur when threats and vulnerabilities coincide.

    True

    ______ is preventing unauthorised disclosure of information.

    <p>Confidentiality</p> Signup and view all the answers

    Match the following threat actors with their motivations:

    <p>Cyber criminals = Money Hacktivist = Support for a cause Nation-state attackers = Political reasons Malicious insider = Money or desire to disrupt</p> Signup and view all the answers

    Give an example of a natural threat event.

    <p>Earthquake, Flood, Storm, etc.</p> Signup and view all the answers

    What was the dividend payment error mentioned in the article?

    <p>Instead of 1000 won per share, the dividend issued was equal to the value of 1000 shares per share.</p> Signup and view all the answers

    What information is needed to protect information assets according to the summary?

    <p>All of the above</p> Signup and view all the answers

    What are vulnerabilities in the context of cyber security?

    <p>Characteristics of weaknesses in a system that could cause harm to information assets.</p> Signup and view all the answers

    Which of the following is considered as part of 'Property' when it comes to vulnerabilities in cyber security?

    <p>All of the above</p> Signup and view all the answers

    Is it important to consider the location and maintenance of physical assets to mitigate vulnerabilities?

    <p>True</p> Signup and view all the answers

    What is the term used by ACSC to define 'The methods used to manipulate people into carrying out specific actions, or divulging information'?

    <p>social engineering</p> Signup and view all the answers

    Match the following aspects with their considerations in cyber security vulnerabilities:

    <p>Access control and privilege management = Keys, ID cards, passwords Backup of files and systems = Recovery after disaster, storage locations Checks and balances = Processes to detect, correct, or reduce errors</p> Signup and view all the answers

    Study Notes

    Introduction to Cyber Security

    • Information is an important asset for individuals and organizations, and is stored, transmitted, processed, and displayed in various formats.
    • Information security is about protecting information assets from damage or harm.
    • Cyber security is about protecting the confidentiality, integrity, and availability of digital systems, devices, and the information residing on them.

    Fundamental Concepts in Cyber/Info Sec

    • Confidentiality: preventing unauthorized disclosure of information.
    • Integrity: preventing unauthorized modification or destruction of information.
    • Availability: ensuring resources are accessible when required by an authorized entity.

    Threats and Vulnerabilities

    • Threat: any circumstance or event with the potential to cause harm to an asset by compromising security goals.
    • Vulnerability: a characteristic of, or weakness in, a system that could result in harm to an asset if acted on by a threat.
    • Security incident: occurs when threats and vulnerabilities coincide.
    • Attack: when vulnerabilities are deliberately exploited.

    Threat Actors and Motivations

    • External threat actors: cybercriminals, hacktivists, nation-state attackers, and script kiddies.
    • Internal threat actors: careless or negligent workers, and malicious insiders.
    • Threat actors' motivations: money, ideology, political, thrill-seeking, and bragging rights.

    Threat Sources

    • External threats: from outside an organization or system, requiring physical and/or logical access to cause harm.
    • Internal threats: from within an organization or system, potentially misusing systems or exceeding authorization.

    Threat Types

    • Natural events: earthquakes, fires, floods, storms, tornadoes, tidal waves, extreme temperatures, and vermin.
    • Human action: accidental (no intent to cause harm) and deliberate (intended to cause harm).

    Natural Events

    • Examples: storms in Victoria, Australia (February 2024), Cyclone Gabrielle in New Zealand (February 2023), earthquakes in Turkiye and Syria (February 2023), Brisbane floods (February 2022), and Australian bushfires (December 2019 - January 2020).
    • Natural events can compromise the availability of information assets.

    Human Action - Accidental

    • Examples: accidental damage to equipment, change management errors, configuration errors, lost property, misdirecting messages, operational errors, and programming errors.
    • Human action can compromise any security goal, depending on the action and asset involved.

    Human Action - Deliberate

    • Examples: eavesdropping, espionage, extortion, fraud, industrial action, malicious code, sabotage, social engineering, theft, and vandalism.
    • Deliberate human action can compromise all security goals, depending on the actions taken and the asset involved.

    Malware

    • Malicious software deliberately designed to breach security of digital information systems.
    • Examples: viruses, worms, and Trojan horses.
    • Malware can compromise confidentiality, integrity, and availability of information assets.

    Emerging Technologies and the Threat Landscape

    • Emerging technologies result in changes to the threat landscape.

    Summary

    • Many threats to information assets and systems exist.
    • To protect information assets, it is essential to understand the context: what is the information asset, where is it located, and what state is the information in?
    • Understanding possible threats and potential consequences is crucial for protecting information assets.

    Vulnerabilities in Information Systems

    • A vulnerability is a characteristic or weakness in a system that could cause harm to information assets if acted on by a threat.
    • Vulnerabilities exist in all components of an information system, including:
      • Property (physical assets, hardware, software, and data)
      • People (employees, contractors, and others with access to the system)
      • Procedures (operational and management processes)

    Property Vulnerabilities

    • Physical assets:
      • Location and accessibility (e.g., natural disaster-prone areas, proximity to flammable materials, and ease of access for outsiders)
      • Maintenance and monitoring (e.g., perimeter protection, CCTV, and logging access)
      • Environmental conditions (e.g., temperature, humidity, and power supply)
    • ICT hardware and software:
      • Reliability and robustness (e.g., susceptibility to environmental conditions and supporting infrastructure)
      • Redundancy and fail-safes (e.g., uninterruptible power supply and backup systems)
      • Source and legitimacy of software (e.g., authorized vendors, updates, and patches)
      • Configuration and misconfiguration (e.g., default settings and changes to settings)

    People Vulnerabilities

    • Lack of awareness and training:
      • Social engineering (e.g., phishing, scams, and manipulation)
      • Recruiting and hiring failures (e.g., inadequate background checks and vetting)
      • Inadequate training and awareness of staff regarding threats and policies
    • Employee access and privileges:
      • Key personnel and critical roles
      • Unavailability or uncooperativeness of employees
      • Undocumented procedures and lack of backup

    Process Vulnerabilities

    • Access control and privilege management:
      • Processes for managing access and privileges
      • Use of keys, ID cards, passwords, and other authentication methods
    • Backup and recovery:
      • Frequency and timing of backups
      • Storage and encryption of backups
      • Business continuity plans and disaster recovery
    • Communications:
      • Acceptable use policies for communication systems
      • Processes for sending and receiving sensitive information (e.g., passwords and PINs)
    • Checks and balances:
      • Detection and correction of errors
      • Separation of duties and nondisclosure agreements
    • Software management:
      • Application whitelisting and auditing
      • Processes for joining and leaving the organization

    Importance of Understanding Vulnerabilities

    • To protect information assets, it's essential to understand:
      • What the asset is, where it is, and its value
      • Possible threats and vulnerabilities
      • Likelihood of threats and vulnerabilities coinciding
      • Potential consequences of a threat or vulnerability being exploited

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    This quiz covers threats to information and systems, including the importance of information security and cyber security in protecting assets from damage or harm.

    More Like This

    Cyber Security: Network Threats
    36 questions
    Information Security Quiz
    80 questions
    Information Security Terminology Quiz
    24 questions
    Use Quizgecko on...
    Browser
    Browser