Introduction to Computer Security

Questions and Answers

Within the CIA triad, what does 'confidentiality' primarily aim to protect?

• The accuracy of data modifications by authorized personnel.
• The verification of a user's identity and access privileges.
• The timely accessibility of assets to authorized parties.
• Restricting computer assets access to only authorized parties. (correct)

Which statement best describes the concept of 'integrity' within the CIA triad?

• Maintaining a record of all access attempts.
• Ensuring assets are accessible when needed without delay.
• Guaranteeing that assets can only be modified in authorized ways by authorized parties. (correct)
• Making sure all data is encrypted in transit.

In the context of the CIA triad, what qualifies as 'access' to an asset?

• Only the ability to modify data.
• Only the ability to execute code.
• Only the ability to read data.
• Viewing, printing, or knowing that the asset exists. (correct)

What does the term 'subject' refer to when discussing access to an asset?

A person, process, or program attempting access. (C)

What are considered modifications, in the context of 'integrity' within the CIA triad?

Writing, changing, changing status, deleting, and creating data. (D)

Which security threat involves making a system resource unusable?

Interruption (C)

What type of security threat is exemplified by illicitly copying a file?

Interception (C)

Which attack directly compromises the integrity of a system by altering transmitted messages?

Modification (B)

Adding false records to a database is an example of which security threat?

Fabrication (A)

Which of the following best describes 'integrity' in the context provided?

Maintaining the precision, accuracy, and unmodified state of an item, or modifying it only in acceptable and authorized ways. (B)

Which threat targets the confidentiality of data?

Interception (C)

According to the provided information, what is a primary concern regarding availability?

Preventing legitimate users from accessing authorized resources or services. (A)

Which aspect is NOT a part of the three particular aspects of integrity as recognized by [Welke & Mayfield]?

Unauthorized Actions. (C)

In the context of the AAA framework, what is the primary purpose of 'Authentication'?

Verifying that a user is who they claim to be. (C)

Which statement best reflects the relationship between 'CIA' and 'AAA' as presented?

AAA is based on the user point of view, while CIA is based on the assets view. (B)

What is a vulnerability in the context of a computer system?

A weakness in the system's procedures, design, or implementation. (B)

Which of the following best describes a 'threat' to a computing system?

A potential situation that could cause harm or loss. (C)

In the analogy of the man, water, and wall, what is the role of the crack in the wall?

It acts as a vulnerability that could be exploited by the water. (D)

According to the 'Security Threats' model, what type of harm is caused by interception?

Obtaining unauthorized access to information. (A)

Which of the following action is described by the term 'fabrication' as a security threat?

Creating fake data in the system. (A)

Computer security focuses exclusively on protecting hardware.

False (B)

The principle of easiest penetration suggests that intruders will use the most difficult means possible to compromise a system.

False (B)

Detection measures are proactive steps to prevent damage to assets.

False (B)

In a cyber security context, using encryption when placing an order is a reactive measure.

False (B)

Replacing a stolen item is considered a 'prevention' method in security.

False (B)

An attack on availability occurs when an asset of the system is enhanced or improved.

False (B)

Wiretapping is an example of a modification attack.

False (B)

Changing values in a data file is an example of fabrication.

False (B)

Cutting a communication line is an example of an interruption threat that targets the confidentiality of messages.

False (B)

In the CIA triad, confidentiality ensures that assets are accessible to anyone who requests them.

False (B)

An unauthorized party inserting counterfeit records into a file is considered a fabrication attack, which is an attack on the system's integrity

True (A)

Modifying an asset includes only writing new information; deleting or changing existing data is not considered modification.

False (B)

A 'threat' is best described as the active exploitation of a vulnerability.

False (B)

Availability ensures that authorized users can access assets without any notable delay.

True (A)

Accidentally deleting a file is categorized as a malicious, human-caused harm.

False (B)

An 'object' in access control is the person or process attempting to access data.

False (B)

Lack of access control is an example of a hardware vulnerability.

False (B)

The security goals of the CIA triad are primarily from the user's point of view.

False (B)

Interruption resulting in a denial of service is associated with the hardware category of vulnerabilities.

True (A)

Creating false data or records falls under the threat category labeled modification.

False (B)

Flashcards

Confidentiality

Ensuring sensitive data is only accessible to authorized individuals or systems, preventing unauthorized access, viewing, or modification.

Integrity

Guaranteeing that data remains accurate, complete, and unaltered, ensuring modifications are only performed by authorized entities in approved ways.

Availability

Making sure that authorized users can access the resources they need without delays or interruptions.

CIA Triad

A core security principle that combines confidentiality, integrity, and availability to protect information and systems.

Subject

The entity that tries to access data (e.g., a person, program, or process).

Vulnerability

A weakness in a system's design, procedures, or implementation that could be exploited to cause harm or loss.

Threat

A set of circumstances that might lead to harm or loss to a computing system.

Interception

The act of gaining unauthorized access to data or information.

Interruption

The disruption or halting of normal system operations or data flow.

Modification

The alteration or tampering of data or information without authorization.

Authentication

Authenticating users to verify their identity.

Authorization

Granting users specific permissions based on their roles.

Fabrication

An attacker introduces fake or counterfeit data into a system, misleading users and compromising data integrity.

Confidentiality Threats

Security threats that target the confidentiality of information, preventing unauthorized access and disclosure.

Principle of Easiest Penetration

The idea that an attacker will use any method available to breach a system, regardless of complexity, to gain access.

Prevention (security)

Measures taken to prevent an asset from being damaged or compromised.

Detection (security)

Measures taken to detect when an asset has been damaged or compromised.

Reaction (security)

Measures taken to recover from damage or compromise to an asset.

Why computer security is important

Data, hardware, software, people, processes, and storage media all have value and require protection.

Access Mode

The way a subject interacts with data, such as reading, writing, or executing.

Exploit

An action that takes advantage of a vulnerability to gain unauthorized access or cause harm.

Threat Agent

A threat agent is a person, group, or piece of software that can cause harm to an asset. Examples include hackers, viruses, and disgruntled employees.

Data Modification

An unauthorized action that aims to manipulate or corrupt data, often to deceive or gain an advantage. This can include altering existing data, introducing fake data, or modifying system settings.

Study Notes

Introduction to Computer Security

• Computer security is the protection of computer system assets.
• Assets include hardware, software, data, processes, storage media, and people.
• The principle of easiest penetration means intruders will use the easiest method available.

Core Concepts

• Computer systems (hardware, software, and data) have value and require protection.
• There are three levels of protection:
  • Prevention: measures to prevent damage.
  • Detection: measures to identify when and how an asset is damaged.
  • Reaction: measures to recover assets or from damage.
• An example from the physical world is using locks, burglar alarms, and CCTV cameras.
• An example from the cyber world is using encryption for online purchases and checking credit card statements for unauthorized transactions.
  • Preventing theft of assets
  • Detecting and recovering from theft

Security Goals - CIA Triad

• Confidentiality: assets of computing systems are only accessible to authorized parties.
• Integrity: assets can only be modified by authorized parties using authorized methods.
• Availability: assets are accessible to authorized parties when needed without delay.
• Security is from the assets' point of view.

Data Access

• At the most basic level, a subject can observe or alter an object.
• Access modes include observe and change.
• Access rights in the Bell-LaPadula model.

Vulnerabilities and Threats

• A vulnerability is a weakness in a system (procedures, design, or implementation) that can be exploited.
• A threat is a set of circumstances that could cause harm.
• A threat, if it successfully leverages a vulnerability is called a realized threat; therefore harm occurs.
• Examples of vulnerabilities include: weak authentication, lack of access control, errors in programs, inadequate resources, insufficient hardware protection, and involuntary/voluntary machine-slaughter.
• Exploits use vulnerabilities.
• Attacks exploit vulnerabilities.

Types of Threats

• Non-human threats: natural disasters, power outages, and hardware/software failures.
• Human threats: benign (accidental) and malicious (intentional).
  • Benign: accidental data deletion, incorrect typing, or other similar errors.
  • Malicious: random and directed attacks.
  • Types of malicious attacks: interception, interruption, modification, and fabrication.
    • Random: general code placed on a public website targeting any users
    • Directed: targeting specific computer systems, or an individual.

Types of Attackers

• Amateurs: generally not career criminals, but are aware of security flaws.
• Crackers: usually students or young adults trying to access unauthorized resources.
• Career criminals: understand targets of computer crimes and often collaborate with other groups.
• Hackers: generally understand computer systems in depth and often explore system limits (can be benign or not).

Method, Opportunity, Motive

Malicious attackers have three things for success: Method, Opportunity, and Motive

System Access Control

• System Access Control: system decides whether a user is legitimate.
• Data Access Control: monitoring who can access data and for what purposes.
  • Authentication: Proving user identities.
  • Identification: Asserting user identity.
• System Administration and Security: enforcing procedures, training users, and maintaining systems.
• System Design: use of basic hardware and software security features.

System Access Controls (passwords)

• A user's role in password protection—authentication can be compromised by giving away the password to others.

• Password guessing: exhaustive search (brute force) and intelligent search.

• Password spoofing.

• Compromise of the password file.

• Choosing Strong Passwords

Effectiveness

• Awareness of security requirements, clear understanding of the importance of security, and use of appropriate controls.
• Overlapping controls and periodic reviews.
• Awareness of security problems is necessary for people to work collaboratively to solve problems
• Procedures and controls must be used correctly, and be easy to use; they may be combined.

System Controls

• Controls can counter threats using physical (locks, walls), procedural (rules, regulations), and technical (firewalls, passwords) methods.
• Access control—identifying and authenticating users.

Description

This quiz covers foundational concepts in computer security, including asset protection, core security principles, and the CIA triad. Test your knowledge on how to safeguard hardware, software, and data, as well as the various levels of protection and their applications. Prepare to explore strategies for prevention, detection, and reaction to security breaches.