Podcast
Questions and Answers
What is the primary goal of information security?
What is the primary goal of information security?
- Protecting information and information systems from unauthorized use, access, disclosure, disruption, modification, or destruction. (correct)
- Preventing any access to information and information systems.
- Ensuring all information is publicly accessible for transparency.
- Maximizing the speed and efficiency of information dissemination, regardless of risks.
In the context of information security, what does 'confidentiality' primarily aim to protect?
In the context of information security, what does 'confidentiality' primarily aim to protect?
- The availability of systems and data when needed.
- Information from unauthorized disclosure. (correct)
- The integrity of data against unauthorized modifications.
- Systems from physical damage.
Which of the following best describes the concept of 'integrity' in information security?
Which of the following best describes the concept of 'integrity' in information security?
- Ensuring that information is accessible to anyone who needs it.
- Protecting information from unauthorized destruction.
- Guaranteeing the accuracy and completeness of information. (correct)
- Concealing information to prevent unauthorized access.
What aspect of information security does 'availability' primarily address?
What aspect of information security does 'availability' primarily address?
Which action exemplifies a threat to data confidentiality?
Which action exemplifies a threat to data confidentiality?
Which scenario illustrates a threat to data integrity?
Which scenario illustrates a threat to data integrity?
What kind of attack is a Distributed Denial of Service (DDoS) primarily targeting?
What kind of attack is a Distributed Denial of Service (DDoS) primarily targeting?
How does 'secrecy' contribute to confidentiality in information security?
How does 'secrecy' contribute to confidentiality in information security?
Which concept involves storing sensitive data in an obscure or inaccessible location to enhance confidentiality?
Which concept involves storing sensitive data in an obscure or inaccessible location to enhance confidentiality?
What is the purpose of 'isolation' in maintaining confidentiality?
What is the purpose of 'isolation' in maintaining confidentiality?
What does the concept of 'accuracy' ensure within the domain of data integrity?
What does the concept of 'accuracy' ensure within the domain of data integrity?
In the context of data integrity, what does 'non-repudiation' ensure?
In the context of data integrity, what does 'non-repudiation' ensure?
What does 'usability' ensure within the scope of data availability?
What does 'usability' ensure within the scope of data availability?
Apart from usability, what other concept directly supports data availability?
Apart from usability, what other concept directly supports data availability?
What is meant by the term 'cybersecurity'?
What is meant by the term 'cybersecurity'?
Which of these options best explains what 'data privacy' refers to?
Which of these options best explains what 'data privacy' refers to?
What type of threat involves tricking individuals into divulging sensitive information?
What type of threat involves tricking individuals into divulging sensitive information?
What is the primary goal of ransomware attacks?
What is the primary goal of ransomware attacks?
What is the primary objective of 'hacktivists' as threat actors?
What is the primary objective of 'hacktivists' as threat actors?
Which threat actor is most likely to sabotage military and critical infrastructure to gain an advantage in a conflict?
Which threat actor is most likely to sabotage military and critical infrastructure to gain an advantage in a conflict?
What is 'sensitivity' in the context of confidentiality?
What is 'sensitivity' in the context of confidentiality?
What does 'discretion' refer to in the context of confidentiality?
What does 'discretion' refer to in the context of confidentiality?
In the context of integrity, what signifies 'truthfulness'?
In the context of integrity, what signifies 'truthfulness'?
What does 'accessibility' mean in the context of availability?
What does 'accessibility' mean in the context of availability?
Which traditional IT role is primarily concerned with the maintenance and operation of network infrastructure?
Which traditional IT role is primarily concerned with the maintenance and operation of network infrastructure?
Which of the following IT disciplines focuses on the design, creation, and maintenance of databases?
Which of the following IT disciplines focuses on the design, creation, and maintenance of databases?
What foundational concept related to cybersecurity involves limiting who or what can view or use resources in a computing environment?
What foundational concept related to cybersecurity involves limiting who or what can view or use resources in a computing environment?
In system security, which process answers 'WHO ARE YOU?'
In system security, which process answers 'WHO ARE YOU?'
Which activity falls under the 'enforcement' aspect of system security?
Which activity falls under the 'enforcement' aspect of system security?
What does 'logging' primarily facilitate in system security?
What does 'logging' primarily facilitate in system security?
In the context of access control, providing security guards, locks and doors into facilities are examples of:
In the context of access control, providing security guards, locks and doors into facilities are examples of:
Which of the following is the most common form of physical identification and authorization?
Which of the following is the most common form of physical identification and authorization?
What is the main function of the AAA services?
What is the main function of the AAA services?
Which of the following provides a way of uniquely identifying a user amongst all the users of that system?
Which of the following provides a way of uniquely identifying a user amongst all the users of that system?
What does the acronym MAC stand for, as used in network hardware identification?
What does the acronym MAC stand for, as used in network hardware identification?
What is the main utility of a Radio Frequency Identification (RFID) system?
What is the main utility of a Radio Frequency Identification (RFID) system?
What do account management systems primarily aim to streamline the administration of?
What do account management systems primarily aim to streamline the administration of?
What is the main objective of enabling Single Sign-On (SSO) systems?
What is the main objective of enabling Single Sign-On (SSO) systems?
What is a primary function of Kerberos in network security?
What is a primary function of Kerberos in network security?
What is the primary advantage of Multi-Factor Authentication over Single Factor Authentication?
What is the primary advantage of Multi-Factor Authentication over Single Factor Authentication?
Flashcards
Sensitive Information
Sensitive Information
Information that needs protection, like passwords.
Personal Information
Personal Information
Information that describes you, such as name or age.
Data Privacy
Data Privacy
Proper handling, processing, and storage of personal information.
Cybersecurity
Cybersecurity
Signup and view all the flashcards
Information Security
Information Security
Signup and view all the flashcards
Ransomware
Ransomware
Signup and view all the flashcards
Phishing
Phishing
Signup and view all the flashcards
Social Engineering
Social Engineering
Signup and view all the flashcards
Denial of Service (DoS)
Denial of Service (DoS)
Signup and view all the flashcards
Data Leakage
Data Leakage
Signup and view all the flashcards
Hacktivism
Hacktivism
Signup and view all the flashcards
Cyber Crime
Cyber Crime
Signup and view all the flashcards
Insider Threat
Insider Threat
Signup and view all the flashcards
Espionage
Espionage
Signup and view all the flashcards
Cyber Terrorism
Cyber Terrorism
Signup and view all the flashcards
Confidentiality
Confidentiality
Signup and view all the flashcards
Integrity
Integrity
Signup and view all the flashcards
Availability
Availability
Signup and view all the flashcards
Prevent Disclosure
Prevent Disclosure
Signup and view all the flashcards
Prevent Alteration
Prevent Alteration
Signup and view all the flashcards
Prevent Denial
Prevent Denial
Signup and view all the flashcards
Usability
Usability
Signup and view all the flashcards
Accessibility
Accessibility
Signup and view all the flashcards
Timeliness
Timeliness
Signup and view all the flashcards
Access Control
Access Control
Signup and view all the flashcards
Authentication
Authentication
Signup and view all the flashcards
Authorization
Authorization
Signup and view all the flashcards
Logging
Logging
Signup and view all the flashcards
Physical Access Control
Physical Access Control
Signup and view all the flashcards
Logical Access Control
Logical Access Control
Signup and view all the flashcards
Identification
Identification
Signup and view all the flashcards
Authentication
Authentication
Signup and view all the flashcards
Authorization
Authorization
Signup and view all the flashcards
Auditing
Auditing
Signup and view all the flashcards
Accounting
Accounting
Signup and view all the flashcards
User ID
User ID
Signup and view all the flashcards
Personal Identification Number
Personal Identification Number
Signup and view all the flashcards
Role-Based Access Control (RBAC)
Role-Based Access Control (RBAC)
Signup and view all the flashcards
Rule-Based Access Control
Rule-Based Access Control
Signup and view all the flashcards
Mandatory Access Control (MAC)
Mandatory Access Control (MAC)
Signup and view all the flashcards
Study Notes
Essential Security Concepts
- Cyber security involves protection, information systems, internet, computer and mobile devices.
- Abet Dela Cruz is assigned to the Philippine Computer Emergency Response Team Coordinating Center (PHCERT/CC).
- All definitions need to be clear from the beginning to understand the topics.
Definitions
- Sensitive information includes passwords or things that others should not know.
- Company trade secrets are examples of sensitive information.
- Personal information includes name, age or birthday which all refers to ourselves.
- Sensitive data is stored on the internet or in the cloud, and on-premise data is stored in an organization or local setting.
Data Privacy
- Data privacy covers how data is handled.
- This includes proper handling, processing, storage, and usage of personal information.
Protecting personal information
- Information security: Protecting information and systems from unauthorized access, use, disclosure, disruption, modification, or destruction, provides confidentiality, integrity, and availability.
- Cybersecurity: The ability to protect cyberspace from cyber attacks.
InfoSec
- InfoSec encompasses other realms like data privacy and cyber, which is internet-based.
Forms of Cyber Attack
- Phishing is tricking a person to give their personal information.
- Whale-ing, vishing and smishing are types of phishing.
- Ransomware is malicious software locks files, demands payment for access, and recovers the file.
- Insider abuse refers to actions from within that are illegal.
- Social engineering is a manipulation technique to trick individuals to give or divulge confidential information.
- Defacement is the action of of hacking the system then replacing it with what you want.
- DDOS is flooding website or network which causes traffic and makes site inaccessible.
- Worm infections are like DDOS.
- Malware makes computers unaccessible.
- Data Leakage happens when information is being exposed to unauthorized entities.
Threat Actors
- Hacktivists use computer networks to advance political or social causes.
- Criminal enterprises steal personal information for financial gain.
- Trusted insiders steal proprietary information for personal, financial, or ideological reasons.
- Nation-state actors intrude on computers to steal sensitive information from private companies.
- Terrorist groups sabotage critical infrastructure computer systems.
- Nation-state actors target military and critical infrastructure systems for conflict advantage.
FBI Cyber Criminals
- APT 10 Group are hackers from China who stole various data from at least 45 commercial and defense technology companies.
- APT 40 Cyber Espionage Activities is a group of four Chinese hackers who targeted aerospace, biomedical, healthcare, manufacturing, and virus sectors.
- APT 41 was a Chinese hacking group that uses many different methods to gain illegal access to systems.
- Yevgenly Igoryevich Polyanin (Russian national), is wanted for involvement in ransomware attacks and money laundering.
- In 2020, Kaspersky reported that 7,000 Philippine companies encountered ransomware attacks.
- In 2021, Sophos noted Philippine organizations spent an average of $820,000 (₱40 million) to recover from attacks.
- Susceptibility to attacks is trending upward, while willingness to pay ransoms is decreasing, more likely to be able to restore from back up is trending upward.
Data Breach
- Data breach is inevitable.
- It is not if, but when and how severe the breach will be.
- There are two types of companies - those who have been hacked, and those who don't know they have been hacked.
C.I.A. Triad
- C.I.A. refers to Confidentiality, Integrity and Accessibility.
- Confidentiality allows authorized entities to access information.
- Integrity ensures data is accurate and not altered.
- Accessibility ensures authorized entities can access information when needed.
D.A.D. Triad
- D.A.D. refers to Disclosure, Alteration, Denial.
Prevent Cyber Attacks
- Prevent disclosure of information to unauthorized entities.
- Prevent alteration so information is not modified by unauthorized entities.
- Prevent denial (inaccessibility) so information is available when needed.
CIA Threat Analysis
Threat to CONFIDENTIALITY
- Any form of data leakage is harmful to the organization and its clients.
- This includes confidential information, trade secrets, and PII.
- Potential consequences include compromise of databases or file servers, wireless network sniffing, trojans, theft, damages, penalties, and legal action.
Threat to INTEGRITY
- Integrity, trust and confidence are all invaluable, and keep clients coming back.
- Website defacement, email spoofing/phishing, or identitiy theft can diminish it.
- This can result in reduced trust, non-compliance, and leakage of personal information.
Threat to AVAILABILITY
- Attacks on information systems can affect operational efficiency.
- It can potentially hurt the productivity of employees, effecting the organization as a whole.
- Trojans, denial-of-service attacks, scanning reconnaissance, and man-made incidents can lead to these type of attacks.
Confidentiality Concepts
- Sensitivity refers to harm that can be caused if information is disclosed.
- Discretion is an act of decision where an operator can influence or control disclosure.
- Criticality is level to which information is mission critical.
- Concealment is the act of hiding or preventing disclosure.
- Secrecy is the act of keeping something a secret or preventing its disclosure.
- Privacy refers to keeping personally identifiable information confidential.
- Seclusion involves storing something in an out-of-the-way location.
- Isolation is the act of keeping something separated from others.
Integrity Concepts
- Accuracy: correct & precise.
- Truthfulness: a true reflection of reality.
- Authenticity: genuine.
- Validity: factually/logically sound.
- Nonrepudiation: unable to deny action or verify origin of communication.
- Accountability: responsible/obligated for actions and results.
- Responsibility: in charge or having control.
- Completeness: having all needed components.
- Comprehensiveness: complete in scope or inclusion.
Availability Concepts
- Usability refers to easy to use or learn for the subject.
- Accessibility refers to the widest range is able to interact with resource.
- Timeliness: be prompt, on time, within a reasonable time frame, or providing low latency response.
IT Disciplines
- Traditional IT roles include Network Administrator, System Administrator, DataBase Administrator and Software Developer.
- Security cuts across all IT disciplines, and are broken down into different types of specializations.
Intro to Access Control
- Access control limits what resources can be viewed or used in an environment.
- Access control is a basic Infosec concept that reduces risk to organizations and companies.
- System Security is Authentication, Authorization, Enforcements, Logging
Nightclub Security Example
- Authentication done by Identification check via IDs.
- Access Control includes Over 18 - Allowed In and Over 21 - Allowed to Drink, and VIP List Access.
- Enforcement done by Doors, Walls, Locks, Security Guards, and Bouncers.
- Security measures logged by Log Book and CCTV.
Access Control Types
- Physical limits access to buildings, offices, rooms, cabinets, other physical IT assets.
- Logical limits connection to networks, devices, files, and / or data.
Securing Facilities
- Barriers, Locks, Doors are examples of securing physical location.
- Electronic Access Control Systems involve user credentials, card readers and biometrics.
- There data reports track personnel.
Securing IT Resources
- AAA Services abbreviation refers to Authentication, Authorization, Accounting (Auditing).
- AAA Services cover 5 elements: Identification, Authentication, Authorization, Auditing, and Accounting.
Review of Access Control Technologies
- Identification is provided to confirm uniqueness.
- Authentication is provided to confirm validity.
- Authorization is provided to confirm control.
Identification Methods
- Methods include Usernames, User IDs, Account Numbers, Personal Identification Numbers, and Digital Identification.
- Identification badges are the most common physical identification and authorization, show name, logo, and holder photo. Access Badges to enter secure areas and read stored information.
Types of Addresses
- User ID provide the system a way to uniquely identify a user.
- Account numbers and Pins provide authetication.
- The MAC address is a supposed uniquely generated 48-bit number for network devices.
- IP address gives the logical location of a device on the IP network and are organized into logical groups that get caled subnetworks.
- Radio Frequency Identification (RFID) is Non-contact, automatic identification technology that uses radio signals to identify and track people, vehicles, goods, and assets.
RFID Tag Components
- The RFID Basic System includes, Computer Database,RFID Tag,RFID Reader and Antenna.
- RFID Tags are Chipless.
- Key Components of RFID tech are the Tags, Reader and Back-end Database.
Identity Management
- Password Management, Account Management, Profile Management,Directory Management, Single Sign-on are Identity Management Implementations.
- The policies and standards managed for password use need to be implemented consistently,
- Collection of info associated with a identity or group.
- A login experience for the end users when access system.
Lightweight Directory Access Protocol (LDAP)
- LDAP use is a hierarchical tree structure, support DN and RDN concepts, use DN/CN/DC/OU attributes.
- ADDS provides central authenticatoin and authorization capabilities , and enforce organizational policies on a company level.
Perimeter-based Web Portal Access
- Organization can leverage the directory data to manage,User identity Authentication Authorization data on multiple web-based application using a web portal.
SSO (Single Sign On) Systems
- SSO Server Authenticates the user, application authentication is back end, applications receive user and password data from SSO.
- After initial login subsequent logins are fully automatic.
Kerberos
- Kerberos is a network security system with three key elements: Authentication, Authorization, Auditing
- The system includes the interaction between client and server.
Authentication
- Single-factor authentication involves one factor.
- Multi-factor authentication is higher-trust with multiple authenticating factors; it ensures accurate validation of the user.
Tokens
- Tokens identify and authenticate to applications using software or hardware.
- Soft tokens stored on computer and require second factor for activation.
- Hard tokens dedicated devices.
Biometrics
- Biometrics use data that is unique, and difficult to counterfeit.
- Selected individual characteristics stored and compared with presented template.
Access Control Models
- Role-based Access Control (RBAC) is access control authorizations and roles/functions assigned to a user.
- The owner defines what roles can access a resource, the system being based on policy.
- RBAC systems are easily modeled for organizations of functional struture, and simplify accounting regarding personnel information adjustments. Rule-based, is based on predefined list of rules that determine access.
- The rules specify the privileges granted to users when condition and rules are met.
- Mandatory Access Control (MAC) requires system to manage access controls in accordance to policy, is typically used for systems and for high sensitive.
- This approach is based on a mutual interaction with the information and the system.
Access Capabilities
- System settings are set to: no access, read, write, execute, delete, and full control.
- Types of access listed are: public, group owner, admins, and system.
Discretionary Access Control
- Non-discretionary Access Control is based on the assignment of permission to read, write and execute files on a system
- The administrator to define and tightly control the access rules for files in the system
Types of Access Control
- Discretionary access is the user who has access to data as determined by the owner.
- owner determines who has access and what privileges.
Attacker Profiles
Hacker
- Hackers are intensely interested in the arcane and recondite workings of any computer operating system..
- Highly skilled with coding knowledge, have zero intension on causing damage.
Cracker
- Those break machines with malicious intent, cause a lot of damage by stealing or causing many issues,
- Malicious and easily identified.
The Hats
- Black Hats are Cybercriminals, intentionally illegal, and out for exploitation, malicious for personal gain.
- Gray Hats sometimes have good intensions, have their own perceptions of what is Right and Wrong.
- White Hats are Infosec Professionals, follow ethical practices and laws, and usually work with people's consent.
Hacking Objectives
- Hacktivists seek to advance political or social causes through computer network exploitation.
- Criminals steal personal data and extort money.
- Insiders can be trusted, and leak important data for their own needs.
- Spies gain sensitive state secrets and proprietary data from private companies.
- Terrorist groups aim to disrupt computer systems that operate critical infrastructure
- Warfare aims to sabotage military and infrastructure to gain the advantage in conflict.
Hacking Personas
- Script kiddle are unskilled, use tools developed by other hackers and cause many issues. Hacktivists aim to promote politics, to shed light on injustice.
- State sponsored hackers try finding information for goverments and are directly paid.
- Cyber Terrorist individuals who are motivated by large disruption of computers.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.