Introduction to Cyber Security - Lecture 01

Questions and Answers

What is the primary purpose of a vulnerability assessment?

• To replace outdated equipment
• To eliminate all technology risks
• To define and prioritize vulnerabilities in systems (correct)
• To implement new security software

Which statement best describes penetration testing?

• It is a method for exploiting identified vulnerabilities (correct)
• It solely measures user compliance with security policies
• It is the same as vulnerability assessment
• It is a strategy for protecting against all cyber attacks

What aspect does penetration testing NOT typically evaluate?

• Effectiveness of security training for staff
• Compliance with security policies
• Feasibility of physical security barriers (correct)
• Identification of weak spots in security

What is meant by 'security posture' in the context of penetration testing?

The overall security measures an organization has in place (C)

Which of the following best describes the process involved in penetration testing?

Gathering information, testing defenses, and reporting findings (D)

What is the primary focus of the prevention action in security implementation?

To stop security breaches before they occur (C)

Which action is taken when a security attack is detected?

Response (A)

What does the concept of assurance refer to in the context of security measures?

The confidence in security measures functioning as intended (A)

Evaluation in computer security involves which of the following processes?

Examination against specific criteria through testing and analysis (C)

What is a common method used to recover after a security attack?

Using a backup copy of data (A)

What is the term used for a threat that is executed and affects system resources?

Attack (A)

Which of the following best describes a passive attack?

An act utilizing system information without affecting it. (D)

What role does an adversary play in the context of cyber security?

They carry out attacks on systems. (A)

Which violation occurs when a resource is deemed unavailable?

Availability violation (B)

What is a countermeasure in the context of cyber attacks?

An action to address, prevent, or recover from an attack. (D)

Which of the following actions primarily focuses on assessing vulnerabilities in a system?

Penetration testing (D)

Which of the following best characterizes a risk within the framework of cybersecurity?

The expected loss due to a specific attack. (C)

What is an exploit in cybersecurity?

Software or commands that leverage vulnerabilities. (C)

Study Notes

Exploits and Vulnerabilities

• The term "exploit" as a verb means to successfully use a vulnerability for an attack.
• Exploits can be software, data, or commands that leverage bugs, resulting in unintended behaviors like system control or privilege escalation.

Vulnerability Assessment

• Involves identifying, classifying, and prioritizing vulnerabilities in information systems and networks.
• Provides organizations with knowledge and awareness to understand potential threats and respond effectively.

Penetration Testing (Pen Testing)

• Aimed at identifying security vulnerabilities within an information system, network, or web application.
• Includes gathering target information, identifying entry points, attempting breaches, and reporting findings.
• Can be automated through software or done manually.

Goals of Penetration Testing

• Identify weaknesses in an organization’s security.
• Measure compliance with security policies.
• Assess staff awareness regarding security issues.
• Analyze potential impacts of security breaches.

Security Implementation Strategies

• Prevention: Ideal but not always feasible; involves measures to stop attacks before they occur.
• Detection: Identifies attacks when prevention fails, using tools like intrusion detection systems.
• Response: Measures taken to halt an attack or mitigate damage once detected.
• Recovery: Steps to restore systems after an attack, possibly using backups.

Computer Security Strategy

• Assurance is defined as the confidence in the effectiveness of security measures.
• Evaluation involves testing and analysis to ensure systems meet their security specifications.

Core Security Principles

• Integrity: Resource corruption signifies a violation of integrity.
• Confidentiality: Resource leaks indicate a breach of confidentiality.
• Availability: Loss of resource access represents a violation of availability.

Computer Security Model

• Threat: A potential danger exploiting vulnerabilities, posing harm to system resources.
• Attack: The actual execution of a threat that impacts the system.
• Attack types:
  • Active attack: Directly affects system resources.
  • Passive attack: Gathers system information without affecting operations.
• Attack Origins:
  • Inside attack: Conducted by an entity within the security perimeter.
  • Outside attack: Conducted by unauthorized external users.

Key Roles in Security

• Adversary: The entity that carries out an attack, also called a threat agent.
• Countermeasure: Actions taken to prevent, detect, and recover from attacks.
• Risk: The expected loss associated with a particular attack.

Description

This quiz covers key concepts from the first lecture of the Introduction to Cyber Security course by Amila Senarathne. Topics include the meaning of exploit as a verb and the process of vulnerability assessment in information systems. Test your understanding of these foundational concepts in cybersecurity.