Integrity and Accountability in Security Systems

Questions and Answers

What is primarily ensured by data integrity?

Modifications occur in an uncontrolled manner

Only authorized subjects can read data

Data is accessible to everyone at all times

Information and programs are modified in a controlled manner (correct)

Which of the following is NOT a concept associated with integrity?

System integrity

Meaningful fashion

Controlled modification

Unauthorized modification (correct)

Which method is a common way to achieve data integrity?

Frequent data duplication

Public sharing of data

Access control measures (correct)

Open data policies

System integrity ensures that a system performs which of the following?

Unimpeded and as intended

Which of the following statements best describes nonrepudiation in the context of data integrity?

Users cannot deny having performed certain actions

What type of access is restricted to certain individuals to achieve data integrity?

Authorized access

How does data integrity relate to authenticity in cybersecurity?

Integrity confirms the authenticity of data modifications

Which of the following describes the key purpose of integrity policies?

Ensure modifications are made by authorized subjects only

Which of the following is a correct example of checking integrity?

Comparing a document with its original version

What is meant by 'controlled manner' in relation to data integrity?

Changes are made according to set rules and protocols

What does the term 'attack surface' refer to?

The reachable and exploitable vulnerabilities in a system

Which category of attack surface deals with vulnerabilities over an enterprise or wide-area network?

Network Attack Surface

What is the primary focus of the Software Attack Surface?

Web server software vulnerabilities

What are the four courses of action involved in security implementation?

Prevention, Detection, Response, Recovery

What does evaluation in the context of computer security involve?

Examining a computer product against established criteria

Which of the following best defines 'assurance' in the context of information systems?

Confidence that a system enforces its security policy

Which action is NOT part of the defense in depth strategy?

Relying solely on antivirus software

Who is most likely to create a vulnerability in the Human Attack Surface?

An insider with privileged access

Which organization is noted for developing standards for security mechanisms and services?

National Institute of Standards and Technology (NIST)

Which of the following is NOT a component of a security policy?

Specifications for hardware specifications

Study Notes

Integrity

• Integrity refers to an object's unchanging nature and authenticity.
• An object is authentic if it matches its claimed identity but may lack integrity if it can change.

Accountability

• Requires that actions of an entity be uniquely traced to that entity.
• Ensures accountability supports security measures and assists with post-incident analysis.
• Tracing breaches is essential to identify responsible parties.

Levels of Impact

• Low: Limited adverse effect on operations, assets, or individuals.
• Moderate: Serious adverse effect on operations, assets, or individuals.
• High: Severe or catastrophic impact on operations, assets, or individuals.

Security Scenarios

• Importance of Confidentiality, Integrity, Authentication, Accountability, and Availability varies across contexts.
• Examples include ATMs, semi-public stockholder sites, control programs on aircraft, and smart home systems.

Computer Security Challenges

• Computer security is complex and requires consideration of potential attacks on security mechanisms.
• Procedures may be counterintuitive and require careful design.
• Identifying physical and logical placements is vital to security architecture.

Threats, Attacks, and Assets

• Disruption: Incapacity caused by preventing system operation; corruption alters functions or data, and obstruction hinders service delivery.
• Usurpation: Unauthorized control over system resources or misuse of system functions.

Computer and Network Assets

• Availability: Risks such as hardware theft leading to denial of service.
• Confidentiality: Issues like unencrypted drives being stolen.
• Integrity: Alteration of sensors that misreport status.

Cyber Security Concepts

• Defined by measures ensuring confidentiality, integrity, and availability across hardware, software, and data.

Objectives of Cyber Security (CIA Model)

• Confidentiality: Protects unauthorized access and ensures privacy.
• Integrity: Guards against improper modifications and ensures data authenticity.
• Availability: Ensures timely access to data and services at necessary levels.

Confidentiality

• Encompasses data confidentiality (limited access to data) and privacy (control over personal information).
• Achieved through access controls and cryptography.

Integrity

• Involves controlled modification of information and proper system functionality.
• Policies set enforce who can modify and how changes are made.

Availability

• Involves ensuring sufficient presence and timely access to data/services.
• Includes fair use of resources to meet demand.

Authenticity

• Confirms the identity of an object or its features.
• User authentication validates identity while document authorship ensures veracity.
• Distinctions between authenticity and other security concepts are important.

Computer Security Concepts

• Computer security involves measures and controls to ensure confidentiality, integrity, and availability (CIA) of information processed by computers.
• Defined by NISTIR 7298, it includes hardware, software, firmware, data, and telecommunications.

Objectives of Cybersecurity

• Confidentiality: Protects information from unauthorized access, ensuring privacy and proprietary information is kept secure.
• Integrity: Prevents unauthorized modifications to data, ensuring authenticity and non-repudiation.
• Availability: Guarantees reliable access to information and services when needed.

Definitions of Key Terms

• Data Confidentiality: Only authorized users can read specific data.
• Privacy: Restricted access to personal information only to consented individuals.
• Data Integrity: Ensures information is modified only in a controlled manner; system integrity guarantees that a system functions without impairments.
• Authenticity: Confirms the identity of a user or document, distinguishing between what is authentic and what is integral.
• Accountability: Enables tracing actions back to entities, essential for security breaches' post-analysis.

Level of Impact Assessment

• Classified into three levels:
  • Low: Limited effect on operations or assets.
  • Moderate: Serious adverse effects expected.
  • High: Severe or catastrophic impacts anticipated.

Security Challenges

• Computer security complexity exceeds novice expectations; security mechanisms must consider potential attacks.
• Security measures can often be counterintuitive, requiring careful physical and logical placement.
• Familiar threats include unauthorized access, software modification, data deletion, and communication interference.

Attack Types

• Passive Attacks: Involve information gathering without affecting system resources (e.g., eavesdropping, traffic analysis).
• Active Attacks: Alter system resources or data, including replay attacks, denial of service, and message modification.

Security Functional Requirements

• Access Control: Restriction of information system access to authorized users and processes.
• Awareness and Training: Educating users on security risks and applicable regulations.
• Audit and Accountability: Ensuring audit trails are maintained for accountability.

Attack Surfaces

• Comprises exploitable vulnerabilities within a system, including:
  • Open ports, services behind firewalls, and interfaces with incoming external data.
  • Human factors, including insider threats and social engineering.

Categories of Attack Surfaces

• Network Attack Surface: Vulnerabilities in enterprise or internet networks impacting protocols and communication.
• Software Attack Surface: Includes application vulnerabilities, with an emphasis on web server security.
• Human Attack Surface: Involves threats from personnel or human errors affecting security.

Computer Security Strategy

• Security Policy: Rules governing how an organization protects sensitive resources.
• Security Implementation: Encompasses four actions—prevention, detection, response, recovery.
• Assurance: Confidence in a system's adherence to its security policy, based on design and implementation.
• Evaluation: System assessment against specified criteria, involving testing and formal analysis.

Standards

• Developed to guide management practices and the architecture of security mechanisms and services, with NIST being a pivotal organization in standard creation.

Description

This quiz explores the concepts of integrity and accountability within the context of secure systems. It discusses how authenticity relates to an object's integrity and the importance of traceability of actions for security measures and analysis. Test your understanding of these critical security principles.