Information Assurance and Security Lecture 1

Questions and Answers

What is a primary characteristic of passive attacks?

They involve eavesdropping without affecting data. (correct)

They alter system resources.

They require significant system downtime.

They are easy to detect.

Which of the following is an example of an active attack?

Monitoring system logs for unusual activity.

Replay of captured data to affect outcomes. (correct)

Traffic analysis of encrypted messages.

Eavesdropping on network packets.

What makes active attacks easier to detect compared to passive attacks?

Active attacks cause alterations to system data. (correct)

Active attacks leave no trace.

Active attacks are performed by outsiders only.

Active attacks do not require network access.

Which of the following categories is NOT an active attack?

Eavesdropping

Why are inside attacks potentially more damaging than outside attacks?

Internal users have direct access to sensitive data.

Which prevention method is primarily recommended for passive attacks?

Data encryption

What is a defining trait of a masquerade attack?

It involves pretending to be an authorized entity.

What is a common internal threat an organization faces?

The use of infected USB drives.

Who is the Lecturer in Charge of the Department of Computer Systems Engineering?

Kavinga Yapa Abeywardena

What is the role of Dr. Harinda Fernando in the lecture series?

Co-Lecturer

Which of the following personnel is NOT a Co-Lecturer in the Department of Computer Systems Engineering?

Kavinga Yapa Abeywardena

What is the primary academic department associated with the listed lecturers?

Department of Computer Systems Engineering

Which lecturer is associated with SLIIT Northern UNI?

Mr. V.A.M. Ragunathan Sinthujan

What are the primary objectives of computer security?

Confidentiality, Integrity, Availability

Which statement accurately defines Information Assurance (IA)?

Ensuring the availability, integrity, authentication, confidentiality, and non-repudiation of information systems.

Which of the following is NOT a part of the CIA Triad?

Authentication

What does data confidentiality primarily ensure?

That confidential information is not disclosed to unauthorized individuals.

What aspect does the privacy component of confidentiality emphasize?

Control over what information is collected, stored, and shared.

Which of the following best describes information security?

The protection of information and systems from unauthorized use and destruction.

Which security measure is NOT included in Information Assurance?

Cost management

In the context of computer security, what does the term 'availability' refer to?

The ability to access and use information systems when needed.

What is meant by a vulnerability in system resources?

A flaw or weakness that could be exploited to violate security

Which option best describes an active attack?

An act causing negative effects on system resources

What does the term 'adversary' refer to in the context of computer security?

An individual that carries out an attack

Which definition best describes 'risk' in information security?

The expected loss due to a particular attack

A passive attack is defined as:

An effort to monitor and gather information without change

What characterizes an inside attack?

An intrusion by an entity within the security perimeter

Countermeasures in cybersecurity are intended to:

Address attacks, and manage their consequences

Which of the following actions would violate integrity within a system?

Data corruption by a malware attack

What is an exploit?

A sequence of commands that takes advantage of a bug.

What is the primary purpose of a vulnerability assessment?

To classify and prioritize vulnerabilities in information systems.

Which of the following best describes penetration testing?

A practice that tests systems to find exploitable vulnerabilities.

What is one of the goals of penetration testing?

To identify weak spots in an organization's security posture.

Which of the following actions might result from an exploit?

Privilege escalation.

What does effective vulnerability assessment provide to an organization?

Knowledge and risk background to understand threats.

Which feature of penetration testing helps in simulating an attack?

Gathering information about the target.

What is one potential outcome of a denial-of-service attack?

System unavailability.

Study Notes

Resource Personnel

• Kavinga Yapa Abeywardena: Senior Lecturer, Department of Computer Systems Engineering.
• Dr. Harinda Fernando: Assistant Professor, Co-Lecturer.
• Ms. Chethana Liyanapathirana: Senior Lecturer, Co-Lecturer.
• Mr. V.A.M. Ragunathan Sinthujan: Lecturer at SLIIT Northern University.

Passive Attacks

• Conducted by eavesdropping on data transmissions without altering them.
• Hard to detect as system resources remain unaffected.
• Types include:
  • Confidentiality breach: Learning message contents through eavesdropping.
  • Traffic analysis: Observing patterns, particularly on encrypted data.

Active Attacks

• Involve modifications to system resources or operations.
• Easier to detect but challenging to prevent.
• Categories include:
  • Replay: Capturing and retransmitting data for unauthorized effects.
  • Masquerade: One entity impersonates another.
  • Data modification: Altering legitimate data, causing unauthorized effects.
  • Denial of Service: Interrupting authorized access to services.

Inside Attacks

• Origin from internal users; can be accidental or intentional.
• Risks include:
  • Unauthorized data copying and transferring.
  • Compromising internal servers.
  • Causing network outages by disconnecting crucial connections.
• Internal threats are often more damaging due to deep access and knowledge of systems.

Computer Security

• Defined as the protective measures taken to maintain integrity, availability, and confidentiality of information systems.
• Key objectives include:
  • Confidentiality: Ensuring information is not disclosed to unauthorized parties.
  • Integrity: Safeguarding data from unauthorized alteration.
  • Availability: Ensuring access to information when needed.

Information Security (InfoSec)

• Protects information and systems from unauthorized access, use, and destruction.
• Focuses on maintaining confidentiality, integrity, and availability.

Information Assurance (IA)

• Encompasses measures ensuring the protection of information systems.
• Aims for availability, integrity, authentication, confidentiality, and non-repudiation.
• Involves detection and response capabilities.

CIA Triad

• Represents the core principles of information security:
  • Confidentiality: Safeguarding data from unauthorized access.
  • Integrity: Protecting data against unauthorized modifications.
  • Availability: Ensuring system resources are accessible when needed.

Vulnerabilities and Threats

• Vulnerability: Flaws in system design/management that can be exploited.
• Threats represent potential risks based on vulnerabilities; they can be from internal or external sources.
• Adversaries: Entities that carry out attacks.

Countermeasures

• Strategies devised to prevent attacks, detect successful breaches, and recover from damage.

Risk

• Denotes expected loss associated with a specific attack, informing security strategies.

Exploits

• Software or commands that exploit vulnerabilities to cause unexpected behavior (e.g., control of a system).
• Exploitation refers to using these vulnerabilities for malicious intent.

Vulnerability Assessment

• Process to identify, classify, and prioritize vulnerabilities in information systems to manage risks.

Penetration Testing

• Testing method to find exploitable vulnerabilities in networks/applications.
• Involves risk assessment and security compliance checks.
• Can be automated or conducted manually.

Goals of Penetration Testing

• Identify security weaknesses in an organization’s infrastructure.
• Measure adherence to security policies.
• Assess staff awareness of security threats.
• Evaluate potential exposure to security incidents.

Description

Dive into the fundamentals of Information Assurance and Security with this introductory lecture. Led by experienced faculty, this session explores key concepts and principles that protect information systems. Join us to enhance your understanding of security measures in the digital age.