Principles of Security - Topic 2

Questions and Answers

What is an attack in the context of information security?

A routine maintenance task performed by IT

A collaborative effort to enhance system performance

An intentional or unintentional act that can damage information (correct)

A software update to improve system security

Which of the following best describes the role of the IT department in managing attacks?

Implementing non-technical changes across the organization

Conducting regular offensive security tests

Coordinating responses to threats and attacks (correct)

Monitoring and reporting all organizational communications

Which statement is NOT true regarding attacks in information systems?

They can cause damage to information and supportive systems

They solely refer to malicious software deployments (correct)

They can be both intentional and unintentional

They involve various methods to compromise systems

What is a potential consequence of an attack on information systems?

Loss of data integrity and confidentiality

How should organizations ideally address threats and attacks?

By coordinating closely with the IT department

What is the primary intention of hackers?

To identify and understand system vulnerabilities

How do crackers primarily differ from hackers?

They work with bad intentions to compromise systems

Which of the following statements is true about hackers?

They mostly seek to improve system security.

What is the motivation behind a cracker's actions?

To undermine and harm systems

Which behavior is characteristic of crackers?

Breaking into systems for malicious purposes

What is the primary objective of a passive attack?

To collect information about the target

Which of the following statements describes a passive attacker?

They observe and record messages without intervention

What distinguishes a passive attack from other types of attacks?

It involves covertly gathering information without altering data

Which scenario best exemplifies a passive attack?

An individual monitors public Wi-Fi traffic to gather unencrypted data

In which scenario would passive attackers be most active?

In open networks where data is not encrypted

What is a vulnerability in the context of cybersecurity?

A potential weakness in an asset or its defensive control system.

What is malware primarily designed to do?

Disrupt, damage, or gain unauthorized access to a computer system.

Which of the following best describes the term 'malware'?

Malicious software designed to disrupt systems.

Which of the following is an example of malware?

A computer virus that replicates itself.

What is a key characteristic of vulnerabilities in cybersecurity?

They represent potential weaknesses that can be exploited.

What is the primary function of keyloggers?

To monitor user keystrokes

What action is expected after receiving a payment according to the described process?

Sending a unique key to release something

Which of the following best describes the context in which keyloggers operate?

As a type of malware

Which situation would most likely involve the use of a keylogger?

Gaining unauthorized access to personal information

Which of the following is not a typical characteristic of malware like keyloggers?

Providing enhanced security features

What is a primary reason for the existence of bugs in software?

Large quantities of code are often written and debugged.

How can new software bugs be created according to the relationship between software and hardware?

Through combinations of certain software and hardware.

Which statement best reflects the challenge of software development?

Bugs may exist after publishing due to incomplete debugging.

What is a potential source of software bugs that developers must consider?

Interactions between different software and hardware combinations.

Why might a software release still contain bugs after the development process?

The sheer volume of code makes it impossible to catch every error.

Study Notes

Principles of Security - 1911194, Topic 2: The Need of Security

• Learning Objectives: Discuss organizational need for info sec, explain shared responsibility of departments, list/describe threats to info security, and discuss Linux operating systems, distributions, and their use in security.

Business Need for Security

• Information security performs four vital functions for organizations:
  • Protecting the organization's ability to function
  • Protecting data and info the organization collects and uses
  • Enabling safe operation of applications running on IT systems
  • Safeguarding technology assets from threats and attacks

Protecting Functionality of an Organization

• Organizations need security management, alongside IT departments, to implement and follow security plans.
• Management is responsible for facilitating security programs.
• Implementing information security requires strong management, not just technology, and sound management strategies.
• Security failures disrupt business operations and incur high costs.

Protecting Collected and Used Data

• Organizations rely on data to deliver value to customers.
• Safeguarding data during transmission, processing, and storage is crucial for information security.

Enabling Safe Application Operation

• Organizations require environments protecting applications using IT systems.
• General management oversees operations by different departments, ensuring compliance with security plans coordinated with IT departments. .

Safeguarding Technological Assets

• Organizations must use secure hardware and software appropriate for their size and scope.
• Additional security measures may be needed as the organization grows.
• General management must continuously supervise and maintain proper infrastructure development; IT coordination is essential.

Threats and Attacks

• Key Term (Attack): An intentional or unintentional act compromising information and supporting systems. Attacks can be active or passive, and direct or indirect.

• Active Attacks: Attacker modifies message content or affects system operations (e.g., changing data streams, creating false statements.) Examples include viruses, worms, and Trojan Horses.

• Management Reporting: Management needs insights into the types of threats (people, applications, data, info systems, physical assets).

• Increasing Threats: Despite increasing security, threats and attacks also increase, particularly due to global internet user growth.

12 Main Threats on Information Security

• Compromises on intellectual property (IP).
• Deviation in quality of service.
• Espionage or trespass (includes hackers, expert hackers, unskilled hackers, crackers.)
• Forces of nature.
• Human error or failure (includes disclosing data, erroneous data entry, accidental data deletion, unprotected storage).
• Information extortion.
• Sabotage or vandalism.
• Software attack (Rootkits, Denial of Service -DoS- , distributed Denial of Service -DDoS).
• Technical hardware failure or error.
• Technological obsolescence.
• Theft and physical attacks.

Defense in Depth (DiD)

• Defense in Depth is an information security approach with layered security mechanisms, protecting confidentiality, integrity, and availability of networks and data within the system.

Linux Operating System

• Linux is a modular Unix-like operating system, based on principles from the 1970s and 1980s.

• It's open-source so users can create their own distributions.

• Examples of well known Linux Distributions include: Ubuntu, Fedora, Linux Mint, Debian, Kali Linux, and CSI Linux.

• Different Distributions are focused on different functional uses from ethical hacking to digital forensics.

• Web sites such as www.Linux.org and www.Kali.org offer relevant information and support.

Description

This quiz covers the critical need for information security within organizations. It discusses organizational responsibilities, potential threats to information security, and the role of Linux operating systems in maintaining security. Test your knowledge on how businesses can protect their information and functionality.