Information Security Fundamentals

Questions and Answers

What type of attack involves an attacker impersonating someone else?

Denial of Service

Masquerading (correct)

Modification

Replaying

What is the term for a sender or receiver denying they sent or received a message?

Repudiation (correct)

Masquerading

Denial of Service

Replaying

What type of attack involves slowing down or interrupting a system's service?

Denial of Service (correct)

Masquerading

Replaying

Modification

What is the primary goal of the OSI security architecture?

To focus on security attacks, mechanisms, and services

What is the term for an attacker intercepting and altering a message?

Modification

What is the primary goal of protecting confidential information?

To prevent unauthorized access

What is the purpose of security mechanisms in the OSI security architecture?

To detect, prevent, or recover from security attacks

What is the term for the unauthorized interception of data?

Snooping

What is the main concern of integrity requirement?

Unauthorized modification of data

What is the primary objective of availability requirement?

To provide timely and reliable access to authorized users

What is the ITU-T standard for security architecture?

X.800

What is a threat in the context of computer system security?

A potential danger to the system

What is a vulnerability in the context of computer system security?

A weakness in the system that can be exploited

What is an attack in the context of computer system security?

An attempt to breach the system

What is the purpose of security standards and regulations?

To provide guidelines for secure practices

What is the primary concern of computer system security?

Data confidentiality, integrity, and availability

What is the primary goal of implementing countermeasures in computer and network security?

To minimize the residual level of risk to assets

Which type of attack does not affect system resources?

Passive attack

What is the primary concern in preventing passive attacks?

Prevention

Which of the following is an example of a loss of availability?

Unavailability of system resources

What is the term for unauthorized access to or interception of data?

Snooping

What is the primary difference between a threat and an attack?

A threat is a potential security harm, while an attack is a carried-out threat

What is the term for the release of message contents without affecting system resources?

Release of message contents

What is the primary goal of implementing security measures in computer and network security?

To ensure confidentiality, integrity, and availability of assets

Study Notes

Security Concepts and Relationships

• Computer and network assets require protection from threats, which can be countered with countermeasures to prevent, detect, and recover from attacks.
• Residual vulnerabilities may remain even after countermeasures are implemented, and the goal is to minimize the residual level of risk to the assets.

Vulnerabilities, Threats, and Attacks

• Vulnerabilities can be categorized into three types: corrupted (loss of integrity), leaky (loss of confidentiality), and unavailable or very slow (loss of availability).
• Threats are capable of exploiting vulnerabilities and represent potential security harm to an asset.
• Attacks are threats carried out, and can be classified as passive or active.
• Passive attacks attempt to learn or make use of information from the system but do not affect system resources.
• Active attacks attempt to alter system resources or affect their operation.

Attack Types

• Passive attacks are difficult to detect and emphasize prevention over detection.
• Passive attacks can be further categorized into release of message contents and traffic analysis.
• Release of message contents, also known as snooping, refers to unauthorized access to or interception of data.

Security Requirements

• Confidentiality ensures that information is only accessible to authorized entities.
• Integrity ensures that changes to information are only made by authorized entities and through authorized mechanisms.
• Availability ensures that information is accessible and usable to authorized entities when needed.

Key Security Concepts

• Confidentiality, integrity, and availability are core security concepts.
• Other key concepts include authentication, non-repudiation, and authenticity.

Threats, Vulnerabilities, and Attacks

• A threat is a potential occurrence that could compromise security, such as a person crossing a bridge.
• A vulnerability is a weakness that can be exploited, such as a crack in a wall.
• An attack is the actual exploitation of a vulnerability, such as someone destroying the wall.

Threats to Security Goals

• Modification attacks threaten integrity, such as intercepting and changing a message.
• Masquerading or spoofing attacks threaten authenticity, such as impersonating someone else.
• Replaying attacks threaten availability, such as replaying a message to slow down a system.
• Denial of Service (DoS) attacks threaten availability, such as overwhelming a system with messages.

Security Architecture

• The OSI security architecture focuses on security attacks, mechanisms, and services.
• Security mechanisms are designed to detect, prevent, or recover from specific security attacks.

Description

Test your understanding of the fundamental principles of information security, including confidentiality, integrity, and availability requirements.