24 Questions
What is the primary purpose of implementing hashing and digital signatures in ensuring data integrity?
To detect any unauthorized modifications to data
What is the purpose of providing a computed checksum and the hash function used to compute it?
To validate the accuracy and completeness of the data
What is an essential component of a Service Level Agreement (SLA) in ensuring availability requirements?
Maximum Tolerable Downtime (MTD)
What is the topic that Professor Raymond Chan will discuss in the second half of the module?
Static Code Analysis
Why is it important to have a security checklist?
To ensure system integrity and reliability
What is the primary goal of availability requirements?
To protect against unwanted destruction or disruption of services
What is the purpose of measuring Maximum Tolerable Downtime (MTD) in a Service Level Agreement (SLA)?
To set a threshold for acceptable system downtime
What is the primary benefit of using checksum validation?
To ensure data authenticity and integrity
What should a Security Checklist contain?
Specifications required for implementation, such as protocols to use and encryption strength
What is the main objective of implementing a Random Number Generator in a security protocol?
To ensure confidentiality of data
What type of attack involves determining sensitive information through indirect means?
Side-channel attack
What Act should be considered when dealing with personal data storage?
Personal Data Protection Act
What is an example of a data requirement?
Personal data storage
What is a consequence of failing to categorize suspicious activity as a cyberattack?
Inaction against cyberattacks
What is the name of the checklist provided by SANS for securing web application technologies?
SANS Securing Web Application Technologies Checklist
What can be leaked through direct or indirect means?
Information
What is the primary goal of a Distributed Denial of Service (DDoS) attack?
To compromise the availability of a system
Which of the following is NOT a method to mitigate DDoS attacks?
Checksum validation
What is an example of an availability requirement?
The software shall ensure high availability of five nines (99.999%)
What is the purpose of a Content Distribution Network (CDN) in DDoS attack mitigation?
To distribute traffic across multiple servers
Which of the following is an example of a mission critical functionality?
Processing payments
What is the primary goal of DNS load balancing in DDoS attack mitigation?
To distribute traffic across multiple servers
What is the purpose of hiding IP addresses in DDoS attack mitigation?
To prevent IP address discovery
What is the purpose of replicating software and data across data centers?
To provide redundancy and load balancing
Study Notes
DDoS Attacks and Mitigation
- DDoS attacks aim to compromise system availability by flooding systems with useless work, cutting off network access, or triggering infinite loops
- Examples of DDoS attacks include Microsoft Service Outage on 21/07/2022
Mitigating DDoS Attacks
- DNS load balancing
- Server load balancing
- Content Distribution Network
- Firewall:
- Layer 3: Network Firewall
- Layer 5 (7): App Firewall
- HIDE ALL IP ADDRESSES
Availability Requirements
- Ensure high availability of five nines (99.999%)
- Specify the number of simultaneous users (e.g., 300 users)
- Implement load balancing and redundancy across data centers
- Define recovery time objectives (RTO) for:
- Mission critical functionality (1 hour)
- Mission essential functionality (4 hours)
- Mission support functionality (24 hours)
Data Requirements
- Identify the types of data to be stored (e.g., personal data, finance, communication, credit card information)
- Consider Personal Data Protection Act requirements
Data Leakage
- Information can be leaked directly or indirectly (side channels)
- Examples: SingHealth data leakage cases
Integrity Requirements
- Prevent unauthorized modifications to ensure system and data integrity
- Implement security controls like hashing and digital signatures
- Capture specifications like protocols, data randomness strength (e.g., salt length) in security checklists
- Ensure reliability and accuracy of information
Integrity and Security Checklists
- OWASP Security Code Checklist
- Static code analysis
Security Best Practices
- Be cautious when downloading software from official websites
- Verify software integrity using checksums and hash functions
This quiz covers Distributed Denial of Service attacks, their impact on system availability, and tactics used to compromise systems. Learn how DDoS attacks work and how to protect against them.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
