Cybersecurity: Security Objectives

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson
Download our mobile app to listen on the go
Get App

Questions and Answers

Which security objective is primarily concerned with ensuring that data is accessible and operational when needed by authorized users?

  • Authenticity
  • Availability (correct)
  • Confidentiality
  • Integrity

A company discovers that sensitive customer data has been accessed by an unauthorized third party. Which security objective has been primarily violated in this scenario?

  • Confidentiality (correct)
  • Non-Repudiation
  • Integrity
  • Availability

Which of the following measures would best ensure data integrity during transmission?

  • Implementing a VPN
  • Using checksums (correct)
  • Data encryption
  • Multi-factor authentication

A hospital wants to ensure that patient records are always accessible, even in the event of a natural disaster. Which key concept of availability should they implement?

<p>Disaster recovery plans (C)</p> Signup and view all the answers

A bank uses digital signatures to ensure that transaction details sent between branches are not tampered with. Which security objective does this primarily support?

<p>Integrity (D)</p> Signup and view all the answers

What is the primary purpose of implementing multi-factor authentication (MFA)?

<p>To verify the identity of users and systems (D)</p> Signup and view all the answers

A company uses digital signatures in its contracts to prevent either party from denying agreement to the terms. Which security objective is being addressed?

<p>Non-Repudiation (C)</p> Signup and view all the answers

Which threat involves attackers tricking individuals into revealing sensitive information by pretending to be a trustworthy entity?

<p>Phishing (A)</p> Signup and view all the answers

What type of threat involves an attacker intercepting communication between two parties and potentially altering it without their knowledge?

<p>Man-in-the-Middle (MitM) Attack (B)</p> Signup and view all the answers

Which type of cybercrime involves using the internet to conduct terrorist activities, such as disrupting critical infrastructure?

<p>Cyberterrorism (A)</p> Signup and view all the answers

Distributing unauthorized copies of software is an example of which type of cybercrime?

<p>Software Piracy (B)</p> Signup and view all the answers

What type of threat is WannaCry, which encrypts a victim's data and demands payment for the decryption key?

<p>Ransomware (B)</p> Signup and view all the answers

Which of the following is an example of a physical threat to cybersecurity?

<p>Theft of a laptop containing sensitive data (B)</p> Signup and view all the answers

A previously unknown vulnerability in software or hardware that developers have zero days to fix is known as what?

<p>Zero-Day Exploit (C)</p> Signup and view all the answers

What is the purpose of regular software updates as a mitigation strategy against cyber threats?

<p>To patch vulnerabilities (A)</p> Signup and view all the answers

Flashcards

Confidentiality

Ensuring sensitive information is accessed only by authorized individuals, systems, or processes, preventing unauthorized disclosure.

Integrity

Ensuring data remains accurate, complete, and unaltered during storage, transmission, or processing, guarding against unauthorized modifications.

Availability

Ensuring systems, data, and services are accessible and operational when needed by authorized users, focusing on minimizing downtime.

Authenticity

Ensuring users, systems, or data are genuine and not impersonated, verifying the identity of entities involved in a transaction or communication.

Signup and view all the flashcards

Non-Repudiation

Ensuring that a party in a communication or transaction cannot deny their involvement, providing proof of the origin and integrity of data.

Signup and view all the flashcards

Malware

Software designed to harm, exploit, or compromise systems, networks, or data.

Signup and view all the flashcards

Phishing

A social engineering attack where attackers trick individuals into revealing sensitive information by pretending to be a trustworthy entity.

Signup and view all the flashcards

Denial of Service (DoS)

Attacks aiming to make a system or network unavailable by overwhelming it with traffic or requests.

Signup and view all the flashcards

Man-in-the-Middle (MitM)

An attack where an attacker intercepts and potentially alters communication between two parties without their knowledge.

Signup and view all the flashcards

Insider threats

Threats coming from individuals within the organization who have inside information concerning security practices, data, and computer systems.

Signup and view all the flashcards

Advanced Persistent Threats (APTs)

Prolonged and targeted cyberattacks in which an intruder gains access to a network and remains undetected for an extended period.

Signup and view all the flashcards

Social engineering

Manipulating individuals into breaking normal security procedures to gain unauthorized access to systems or data.

Signup and view all the flashcards

Zero-Day Exploit

An exploit that targets a previously unknown vulnerability in software or hardware, giving developers zero days to fix the issue.

Signup and view all the flashcards

Cybercrimes

Criminal activities carried out using computers, networks, or the internet.

Signup and view all the flashcards

Hacking

Unauthorized access to computer systems, networks, or data.

Signup and view all the flashcards

Study Notes

  • Security objectives are foundational goals for cybersecurity measures.
  • They ensure confidentiality, integrity, and availability of data and systems.
  • These objectives are critical for businesses and organizations.
  • Primary security objectives are confidentiality, integrity, availability, authenticity, and non-repudiation.

Confidentiality

  • Confidentiality ensures sensitive information is accessed only by authorized entities.
  • It prevents unauthorized disclosure of data.
  • Key concepts include data encryption (e.g., AES, RSA), access control mechanisms (e.g., passwords, biometrics), and secure communication protocols (e.g., HTTPS, VPN).
  • A company encrypting its customer database is an example of confidentiality.
  • An employee using a VPN to securely access a company's internal network from a remote location is an example of confidentiality.
  • Threats to confidentiality include phishing attacks, data breaches, and eavesdropping on unencrypted communications.

Integrity

  • Integrity ensures data remains accurate, complete, and unaltered during storage, transmission, or processing.
  • It protects against unauthorized modifications.
  • Key concepts include hash functions (e.g., SHA-256), digital signatures, and checksums.
  • A bank using digital signatures to ensure transaction details between branches cannot be tampered with is an example of integrity.
  • A software company providing a checksum for downloadable files lets users verify that the file has not been corrupted or altered during download.
  • Threats to integrity include malware (e.g., ransomware), man-in-the-middle attacks, and unauthorized data modifications by insiders.

Availability

  • Availability ensures systems, data, and services are accessible and operational when needed by authorized users.
  • It focuses on minimizing downtime and ensuring business continuity.
  • Key concepts include redundancy (e.g., backup servers, RAID), disaster recovery plans, and DDoS protection.
  • An e-commerce website uses load balancers and backup servers to ensure the site remains operational even during high traffic or server failures.
  • A hospital implements a disaster recovery plan to ensure patient records are accessible after a natural disaster.
  • Threats to availability include Distributed Denial of Service (DDoS) attacks, hardware failures, and power outages.

Authenticity

  • Authenticity ensures that users, systems, or data are genuine and not impersonated.
  • It verifies the identity of entities involved in a transaction or communication.
  • Key concepts include multi-factor authentication (MFA), digital certificates, and biometric verification.
  • A user logs into their online banking account using a password and a one-time PIN sent to their mobile phone (MFA).
  • A website uses SSL/TLS certificates to prove its authenticity to users, ensuring they are not connecting to a fake site.
  • Threats to authenticity include spoofing attacks, fake websites (phishing), and identity theft.

Non-Repudiation

  • Non-repudiation ensures that a party in a communication or transaction cannot deny their involvement.
  • It provides proof of the origin and integrity of data.
  • Key concepts include digital signatures, audit trails, and timestamping.
  • A company uses digital signatures in its contracts to ensure that neither party can later deny agreeing to the terms.
  • An online auction platform maintains an audit trail of bids to prevent users from denying their participation.
  • Threats to non-repudiation include lack of proper logging mechanisms and weak digital signature implementations.

Importance of Security Objectives in Business Management

  • Protecting sensitive customer and business data helps business management
  • Ensuring compliance with regulations (e.g., GDPR, HIPAA).
  • Maintaining customer trust and brand reputation.
  • Preventing financial losses due to cyberattacks.

Threats in Cyberspace

  • A threat in cybersecurity refers to any potential danger that can exploit a vulnerability in a system or network to cause harm.
  • Threats can come from various sources, including hackers, malware, natural disasters, and even human error.
  • Understanding these threats is crucial for implementing effective security measures.

Types of Threats

  • Malware
  • Phishing
  • Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks
  • Man-in-the-Middle (MitM) Attacks
  • Insider Threats
  • Advanced Persistent Threats (APTs)
  • Social Engineering
  • Zero-Day Exploits
  • Physical Threats
  • Natural Disasters

Malware

  • Malware (malicious software) is any software designed to harm, exploit, or compromise systems, networks, or data.
  • Examples include viruses, worms, trojan horses, and ransomware.
  • Viruses are programs that attach themselves to clean files and spread throughout a system.
  • Worms are self-replicating malware that spreads across networks without user intervention.
  • Trojan Horses are malicious software disguised as legitimate software.
  • Ransomware is malware that encrypts a victim's data and demands payment for the decryption key.
  • Impact include data theft, system damage, and financial loss.

Phishing

  • Phishing is a type of social engineering attack where attackers trick individuals into revealing sensitive information by pretending to be a trustworthy entity.
  • Examples include email phishing, spear phishing, and smishing.
  • Email Phishing are Fake emails that appear to be from legitimate companies asking for personal information.
  • Spear Phishing are Targeted phishing attacks aimed at specific individuals or organizations.
  • Smishing are Phishing attacks conducted via SMS messages.
  • Impact includes identity theft, financial fraud, and unauthorized access to systems.

Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks

  • These attacks aim to make a system or network unavailable by overwhelming it with traffic or requests.
  • A DoS Attack is when a single source floods a server with traffic.
  • A DDoS Attack is when multiple sources (often a botnet) flood a server with traffic.
  • Impact includes service downtime, loss of revenue, and damage to reputation.

Man-in-the-Middle (MitM) Attacks

  • In a MitM attack, an attacker intercepts and potentially alters communication between two parties without their knowledge.
  • Examples include eavesdropping and session hijacking.
  • Eavesdropping is intercepting unencrypted communication.
  • Session Hijacking is taking over a user's session to gain unauthorized access.
  • Impact includes data theft, unauthorized transactions, and loss of confidentiality.

Insider Threats

  • Insider threats come from individuals within the organization, such as employees, contractors, or business partners.
  • These people have inside information concerning the organization's security practices, data, and computer systems.
  • Malicious Insiders are employees who intentionally steal data or sabotage systems.
  • Negligent Insiders are employees who accidentally expose sensitive information.
  • Impact includes data breaches, financial loss, and damage to reputation.

Advanced Persistent Threats (APTs)

  • APTs are prolonged and targeted cyberattacks in which an intruder gains access to a network and remains undetected for an extended period.
  • Nation-State Actors are Governments targeting other nations' infrastructure.
  • Corporate Espionage is Competitors stealing trade secrets.
  • Impact includes long-term data theft and significant financial and reputational damage.

Social Engineering

  • Social engineering involves manipulating individuals into breaking normal security procedures to gain unauthorized access to systems or data.
  • Pretexting is creating a fabricated scenario to obtain information.
  • Baiting is offering something enticing to trick victims into revealing information.
  • Impact include unauthorized access, data breaches, and financial loss.

Zero-Day Exploits

  • A zero-day exploit targets a previously unknown vulnerability in software or hardware.
  • This exploit gives developers zero days to fix the issue before it is exploited.
  • Stuxnet is a worm that exploited zero-day vulnerabilities to damage Iran's nuclear program.
  • WannaCry is ransomware that exploited a zero-day vulnerability in Windows.
  • Impact includes widespread damage, data loss, and financial loss.

Physical Threats

  • Physical threats involve the theft, damage, or destruction of physical assets, such as servers, computers, or storage devices.
  • Theft includes stealing laptops or servers containing sensitive data.
  • Vandalism includes damaging hardware to disrupt operations.
  • Impact includes data loss, service downtime, and financial loss.

Natural Disasters

  • Natural disasters, such as floods, earthquakes, and fires, can damage or destroy physical infrastructure, leading to data loss and service interruptions.
  • Hurricanes include destroying data centers.
  • Earthquakes include damaging network infrastructure.
  • Impact includes data loss, service downtime, and financial loss.

Mitigation Strategies

  • Regular software updates patch vulnerabilities.
  • Employee training to recognize and avoid social engineering attacks.
  • Using firewalls.
  • Backup and Disaster Recovery plans ensure data availability after an incident.
  • Intrusion Detection Systems (IDS) monitor and block malicious traffic.
  • Data encryption protects sensitive information.

Cybercrimes

  • Cybercrimes are criminal activities carried out using computers, networks, or the internet.
  • These crimes can target individuals, organizations, or governments.
  • Significant financial, reputational, and operational damage can be the result.
  • Understanding the various types of cybercrimes is crucial for implementing effective security measures and responding to incidents.

Types of Cybercrimes

  • Hacking
  • Identity Theft
  • Financial Fraud
  • Cyberstalking and Harassment
  • Cyberterrorism
  • Software Piracy
  • Child Exploitation
  • Ransomware Attacks
  • Data Breaches
  • Online Scams

Hacking

  • Hacking involves unauthorized access to computer systems, networks, or data.
  • Hackers exploit vulnerabilities to gain access for malicious purposes.
  • Website Defacement is altering the appearance of a website without permission.
  • Network Intrusion is gaining unauthorized access to a corporate network to steal data.
  • Impact includes data theft, service disruption, and financial loss.

Identity Theft

  • Identity theft occurs when someone steals another person's personal information to commit fraud or other crimes.
  • Credit Card Fraud is using stolen credit card information to make unauthorized purchases.
  • Account Takeover is gaining access to online accounts using stolen credentials.
  • Impact includes financial loss, damage to credit score, and legal issues for the victim.

Financial Fraud

  • Financial fraud involves the illegal use of financial information or systems to steal money or assets.
  • Phishing Scams are when individals get tricked into revealing banking information.
  • Business Email Compromise (BEC) is impersonating a company executive to authorize fraudulent transactions.
  • Impact includes financial loss, damage to reputation, and legal consequences.

Cyberstalking and Harassment

  • Cyberstalking and harassment involve using digital means to stalk, harass, or threaten individuals.
  • Online Harassment is sending threatening or abusive messages via social media.
  • Stalking uses GPS and social media to track someone's movements.
  • Impact includes emotional distress, invasion of privacy, and physical danger.

Cyberterrorism

  • Cyberterrorism involves using the internet to conduct terrorist activities, such as disrupting critical infrastructure or spreading fear.
  • Attacks on Power Grids is disrupting electricity supply to create chaos.
  • Propaganda is spreading extremist ideologies online.
  • Impact includes national security threats, public panic, and economic disruption.

Software Piracy

  • Software piracy involves the illegal copying, distribution, or use of software.
  • Cracked Software is distributing unauthorized copies of software.
  • License Violation is using more copies of software than the license permits.
  • Impact includes financial loss for software developers, legal consequences for users, and increased risk of malware.

Child Exploitation

  • Child exploitation involves the use of the internet to exploit children, often for sexual purposes.
  • Child Pornography is distributing or possessing illegal images of children via the internet.
  • Online Grooming is building a relationship with a child to exploit them via the internet.
  • Impact includes severe emotional and psychological harm to victims, legal consequences for perpetrators, and societal harm.

Ransomware Attacks

  • Ransomware attacks involve encrypting a victim's data and demanding payment for the decryption key.
  • WannaCry is a global ransomware attack that affected hundreds of thousands of computers.
  • Locky is ransomware that spreads via malicious email attachments.
  • Impact includes data loss, financial loss, and operational disruption.

Data Breaches

  • Data breaches involve unauthorized access to sensitive data, often resulting in its theft or exposure.
  • Equifax Breach was a breach that exposed the personal information of 147 million people.
  • Yahoo Breach was a breach that affected 3 billion user accounts.
  • Impact includes financial loss, damage to reputation, and legal consequences.

Online Scams

  • Online scams involve using the internet to deceive individuals or organizations for financial gain.
  • Nigerian Prince Scam are emails promising large sums of money in exchange for a small upfront payment.
  • Fake Online Stores are websites that sell non-existent products.
  • Impact includes financial loss, loss of trust in online platforms, and legal issues.

Prevention and Mitigation Strategies

  • Regular software updates patch vulnerabilities.
  • Employee training is needed to recognize and avoid scams and phishing attacks.
  • Strong passwords and multi-factor authentication (MFA) secure accounts.
  • Encryption protects sensitive data.
  • Incident Response Plans quickly respond to and recover from cyber incidents.

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Quiz Team

Related Documents

More Like This

Use Quizgecko on...
Browser
Open
Browser
Browser