Introduction to Information Security

Questions and Answers

What characterizes a passive attack?

• It alters system resources.
• It is easy to detect due to data alteration.
• It attempts to learn or make use of information without altering data. (correct)
• It forces users to lose access to the system.

Which of the following is NOT a type of passive attack?

• Obtain message contents
• Modification
• Traffic analysis
• Masquerade (correct)

Which active attack involves retransmitting a captured message?

• Modification
• Denial of service
• Reply (correct)
• Masquerade

What is an example of a denial of service attack?

Preventing normal use of communication facilities (D)

Why are passive attacks difficult to detect?

They do not involve any alteration of the data. (A)

Which method is NOT an attack vector for threat actors?

Regular communication (C)

What is the primary vector for malware distribution?

Email (A)

How can active attacks be prevented?

By implementing strong authentication measures. (B)

What is the primary technique used in social engineering attacks?

Psychological manipulation (D)

Which of the following is NOT a method of social engineering?

Dumpster diving (B)

What type of scam involves fictitious overdue invoices?

Invoice scams (B)

What is the primary goal of information security?

To protect information from unauthorized access and damage (A)

Why is phishing particularly successful today?

Emails appear authentically designed. (C)

Which of the following components are part of the CIA Triad?

Confidentiality, Integrity, Availability (C)

What is a vulnerability in the context of cybersecurity?

A flaw in a system that can be exploited (A)

What does shoulder surfing involve?

Observing someone entering a security code (B)

Which of the following best defines a threat actor?

An individual or entity responsible for cyber incidents (B)

Which of the following best describes dumpster diving?

Searching through trash to find useful information (C)

What is the role of botnets in spam activities?

To send unsolicited emails at scale (A)

What are countermeasures in information security?

Technological tools and practices designed to protect systems (C)

If one component of the CIA Triad is compromised, what does it create?

A vulnerability that can be exploited (D)

Which of the following is an example of a social engineering psychological method?

Phishing (D)

What constitutes a cyber threat?

A malicious act aimed at damaging or stealing data (C)

Which of the following does NOT constitute a part of information security layers?

Compliance with laws (A)

Which type of platform is most often associated with serious vulnerabilities due to being outdated?

Legacy platforms (D)

What is a common vulnerability associated with on-premises platforms?

Configuration challenges due to added resources (C)

How do modern operating systems address vulnerabilities over time?

They evolve and receive updates and patches (D)

What is a primary factor contributing to vulnerabilities in cloud platforms?

Misconfigurations by personnel (A)

Why were on-premises platforms once considered secure?

They were protected by firewalls (C)

What challenge do cloud platforms consistently face due to their nature?

Constant accessibility making them prone to attacks (A)

What result can occur from improper configuration settings in modern platforms?

Weak configurations leading to vulnerabilities (D)

What primarily affects the security of cloud platforms?

Inadequate security settings and configurations (B)

What is a potential problem when companies connect third-party systems with their own?

It can introduce vulnerabilities to security. (B)

What is a zero-day vulnerability?

A vulnerability discovered by threat actors before developers. (A)

Why do organizations often delay patching their operating systems?

They need to verify compatibility with custom programs. (D)

What is a major challenge when applying firmware patches?

Special procedures are needed for firmware updates. (A)

What is the primary goal of vendor management in a company?

To manage the relationship and access of third-party systems. (A)

What does applying security patches aim to address?

To fix vulnerabilities and improve security. (B)

How do machine learning protections help against zero-day attacks?

They create a baseline of safe system behavior to detect anomalies. (D)

What can happen if an attacker finds a weak spot in a company's system?

The entire system may be compromised and vulnerable. (C)

Flashcards

Information Security

Protecting information from unauthorized access, use, disclosure, disruption, modification or destruction.

CIA Triad

A security model encompassing Confidentiality, Integrity, and Availability of data.

Cyber Threat

A malicious act intended to steal, damage data, or disrupt a digital system.

Vulnerability

A flaw in a system that can be exploited by attackers.

Countermeasure

A measure (technology, policy, tools, or people) to protect a system from threats.

Threat Actor

Individual or entity responsible for cyber incidents.

Security Cycle

Ongoing process encompassing threats, vulnerabilities, and countermeasures.

Information Security Layers

Levels of defense involved in managing information security (not defined in the provided text).

Legacy Platform Vulnerabilities

Older computer systems, often replaced by newer versions, are more prone to security weaknesses.

On-Premises Platform Security Challenges

On-site computer systems (within a company's data center) can be vulnerable due to inadequate security configurations and numerous entry points.

Cloud Platform Misconfiguration

Cloud computing vulnerabilities often stem from improper setup by personnel managing the cloud environment.

Cloud Platform Accessibility

Cloud platforms are accessible from various locations, making them a frequent target for attackers.

Weak Configurations

Unnecessarily open settings in software/hardware that make attacks possible

Platform Vulnerabilities

Weaknesses inherent in the hardware and software systems.

Modern Platform Updates

Continual improvements and security patches to common computer systems like Windows and macOS.

Cloud Computing

A pay-per-use computing service where users pay only for needed resources

Vendor Management

Managing external service providers (vendors) who have access to a company's computer systems.

Third-Party Security Risks

Security vulnerabilities arising from connections between a company's systems and those of external service providers.

Patches

Software fixes released by developers to address security vulnerabilities in operating systems or application software.

Software Vulnerabilities

Weaknesses in software that can be exploited by attackers.

Zero-Day Vulnerability

A security flaw discovered by threat actors before software developers.

Security Attacks

Actions that compromise an organization's information security and violate CIA (Confidentiality, Integrity, Availability).

System Patching Challenges

Difficulties in applying security patches, including potential disruptions to existing software and procedures.

Firmware Updates

Update of hardware instructions and settings, that can be hard to deploy and require careful management.

Passive Attack

An attempt to gain information from a system without altering any system resources.

Active Attack

An attempt to alter system resources or disrupt operations.

Message Content Attack

A passive attack where the attacker tries to view the message content.

Traffic Analysis Attack

A passive attack involving monitoring network traffic to gain information about communication patterns.

Masquerade Attack

An active attack where one entity pretends to be another.

Replay Attack

An active attack where the attacker intercepts and retransmits messages.

Modification Attack

An active attack where the attacker alters message content.

Denial-of-Service Attack

An active attack that prevents or hinders system use.

Social Engineering

A method of gathering information by exploiting individuals' weaknesses through psychological manipulation or physical actions.

Impersonation

Masquerading as a real or fictitious person to gain access to information or systems.

Phishing

Sending emails or online messages falsely claiming to be from a legitimate source to trick users into revealing personal information.

Spam

Unsolicited email sent to large numbers of people for profit.

Dumpster Diving

Searching through trash for discarded information that can be used for malicious purposes.

Tailgating

Following someone into a restricted area without authorization.

Shoulder Surfing

Watching someone enter a security code or other sensitive information on a keypad.

Watering Hole Attack

Targeting a specific group of people by infecting a website or online resource they frequently visit.

Study Notes

Introduction to Information Security

• Information security is the practice of protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction.
• Information security covers digital information in various forms: processed by microprocessors (computers), stored on devices (hard drives, USB drives), and transmitted over networks (local area networks, internet).

Defining Information Security

• Information security protects data from unauthorized actions.

CIA Triad

• A good security system needs Confidentiality, Integrity, and Availability.
• Confidentiality ensures information isn't disclosed to unauthorized people.
• Integrity ensures information isn't modified without authorization.
• Availability ensures information access when needed.
• Loss of any of these components weakens the system's security and makes it vulnerable to attacks.

AAA of Security

• Authentication establishes a person's identity with proof and confirmation by a system using methods like something you know, something you are, something you have, or something you do.
• Authorization grants access to data or resources based on established identities. This includes tracking data, computer usage, and network resources.
• Accounting records data, usage, and resources, and establishes non-repudiation (proof of action).

Information Security Layers

• The 7 layers of cybersecurity include The Human Layer, Perimeter Security, Network Security, Endpoint Security, Application Security, Data Security, Mission Critical Assets.

Security Cycle

• Threats are malicious acts to steal or damage data or digital systems.
• Vulnerabilities are points where a system is susceptible to attack.
• Countermeasures are technologies, policies, tools, and people to protect a system.

Who Are the Threat Actors?

• Threat actors (malicious actors) are individuals or entities responsible for cyber incidents against systems.
• These include criminal organizations, individuals (both internal and external), nation-states, and hacktivists.

Vulnerabilities and Attacks

• Vulnerabilities are flaws in design, procedures, internal controls, or lack of education that cybercriminals can exploit.
• Cybersecurity vulnerabilities are categorized into Platforms, Configurations, Third Parties, Patches, and Zero-day vulnerabilities.

Platforms

• Legacy platforms are outdated and vulnerable ones.
• On-premises platforms, that are within an enterprise's data center, are vulnerable due to inadequate security configurations.
• Cloud platforms, which are pay-per-use computing models, can also be vulnerable depending on misconfigurations.

Configurations

• Modern hardware and software have security settings that need proper configuration to prevent attacks.
• Incorrect configurations can result in weak configurations.

Third Parties

• Companies often use outside help (IT services) which requires careful vendor management to ensure security.
• External systems connecting to the company's system can introduce vulnerabilities.

Patches

• Operating systems become more complex, leading to more vulnerabilities, requiring regular patches to keep systems secure.
• Applying patches can be tricky, especially for firmware, and delays can introduce more issues.

Zero Day

• Zero-day vulnerabilities are exploited by threat actors before the developer is aware of it which makes it harder to protect against.
• Machine learning-based protections can be a good way to spot these.

Security Attacks

• Security attacks compromise the security of information owned by an Organization.
• Attacks are classified as either passive or active attacks.

Passive Attacks

• Passive attacks attempt to learn or make use of data without affecting system resources, making them difficult to detect.
• These attacks include obtaining message contents and traffic analysis.

Active Attacks

• Active attacks intend to alter system resources or affect operations.
• These include impersonation, reply, modification, and denial of service attacks.

Attack Vectors

• Attack vectors are methods used by threat actors to enter a system.
• Common vectors include email, wireless transmissions, removable media, direct access, social media, and cloud systems.

Social Engineering Attacks

• Social engineering attacks are psychological approaches employing impersonation, phishing, redirection, spam, hoaxes, and watering hole attacks to gain data or information.

Phishing

• Phishing in social engineering is a common method that uses fake websites or emails in the name of a real institution to trick users into giving up personal information.
• Fake websites mimic legitimate entities. Invoice scams are another example in which illegitimate invoices are sent pretending to be legitimate.

Spam

• Spam is unsolicited email sent to large recipients by spammers to make a profit.
• Spam is often sent from botnets, which can also be used to launch attacks.

Physical Procedures

• Physical attacks can include dumpster diving and shoulder surfing to gain information.
• Dumpster diving is digging through trash receptacles.
• Shoulder surfing is watching someone enter information, like passwords.

Impacts of Attacks

• Negative impacts of successful attacks usually on data and the enterprise.
• This can result in data loss, data exfiltration, data breach, and identity theft. These actions can affect the organization's productivity and financials.

Description

This quiz covers the fundamental concepts of information security, including the CIA triad and the AAA principles. You'll learn about the importance of protecting information from unauthorized access and ensuring data integrity and availability. Test your knowledge on how various security measures are implemented to safeguard digital information.