Principles of Security - Topic 2

Questions and Answers

What is an attack in the context of information security?

• A routine maintenance task performed by IT
• A collaborative effort to enhance system performance
• An intentional or unintentional act that can damage information (correct)
• A software update to improve system security

Which of the following best describes the role of the IT department in managing attacks?

• Implementing non-technical changes across the organization
• Conducting regular offensive security tests
• Coordinating responses to threats and attacks (correct)
• Monitoring and reporting all organizational communications

Which statement is NOT true regarding attacks in information systems?

• They can cause damage to information and supportive systems
• They solely refer to malicious software deployments (correct)
• They can be both intentional and unintentional
• They involve various methods to compromise systems

What is a potential consequence of an attack on information systems?

Loss of data integrity and confidentiality (D)

How should organizations ideally address threats and attacks?

By coordinating closely with the IT department (A)

What is the primary intention of hackers?

To identify and understand system vulnerabilities (B)

How do crackers primarily differ from hackers?

They work with bad intentions to compromise systems (A)

Which of the following statements is true about hackers?

They mostly seek to improve system security. (C)

What is the motivation behind a cracker's actions?

To undermine and harm systems (C)

Which behavior is characteristic of crackers?

Breaking into systems for malicious purposes (B)

What is the primary objective of a passive attack?

To collect information about the target (A)

Which of the following statements describes a passive attacker?

They observe and record messages without intervention (C)

What distinguishes a passive attack from other types of attacks?

It involves covertly gathering information without altering data (B)

Which scenario best exemplifies a passive attack?

An individual monitors public Wi-Fi traffic to gather unencrypted data (A)

In which scenario would passive attackers be most active?

In open networks where data is not encrypted (B)

What is a vulnerability in the context of cybersecurity?

A potential weakness in an asset or its defensive control system. (B)

What is malware primarily designed to do?

Disrupt, damage, or gain unauthorized access to a computer system. (D)

Which of the following best describes the term 'malware'?

Malicious software designed to disrupt systems. (B)

Which of the following is an example of malware?

A computer virus that replicates itself. (B)

What is a key characteristic of vulnerabilities in cybersecurity?

They represent potential weaknesses that can be exploited. (D)

What is the primary function of keyloggers?

To monitor user keystrokes (A)

What action is expected after receiving a payment according to the described process?

Sending a unique key to release something (D)

Which of the following best describes the context in which keyloggers operate?

As a type of malware (B)

Which situation would most likely involve the use of a keylogger?

Gaining unauthorized access to personal information (D)

Which of the following is not a typical characteristic of malware like keyloggers?

Providing enhanced security features (A)

What is a primary reason for the existence of bugs in software?

Large quantities of code are often written and debugged. (C)

How can new software bugs be created according to the relationship between software and hardware?

Through combinations of certain software and hardware. (D)

Which statement best reflects the challenge of software development?

Bugs may exist after publishing due to incomplete debugging. (D)

What is a potential source of software bugs that developers must consider?

Interactions between different software and hardware combinations. (A)

Why might a software release still contain bugs after the development process?

The sheer volume of code makes it impossible to catch every error. (D)

Flashcards

Attack

An intentional or unintentional action that harms or compromises information and the systems it runs on.

Information compromise

Damaging or losing protected information.

IT department involvement

Coordination with the IT department is needed for certain actions.

Intentional attack

A deliberate act to harm or damage information or systems.

Unintentional attack

An accidental action that harms or damages information or systems.

Hacker motivations

Hackers often seek to understand system vulnerabilities.

Cracker motivations

Crackers exploit vulnerabilities for malicious purposes.

Hacker vs. Cracker

Hackers focus on understanding and improving systems; crackers exploit systems.

System vulnerability

Weaknesses in a system that can be exploited

Motivation of crackers

Crackers have malicious goals.

Passive attack

An attack where an attacker observes and copies messages without altering the data.

Observation in attack

A key part of passive attacks where the attacker watches data transmissions.

Data copying

Messages are copied to gain information in a passive attack.

Information gathering

The goal in passive attacks is to understand the target’s communication activity.

Data alteration

Passive attacks do not involve changing the data; only observation and copying are involved.

Vulnerability

A possible weakness in a system or its security controls.

Malware

Harmful software designed to hurt or steal from computer systems.

Malicious software

Software intentionally designed to harm or gain access to a computer.

Computer system

A set of interconnected parts working together to process information.

Unauthorized access

Gaining entry to a system or data without permission.

Keylogger

A software program that records every keystroke made by a user.

Unique key

A special code or password used to access or unlock something.

Release

To make something available or accessible.

Monitor keystrokes

To record and track every key that is pressed.

Software Bugs

Errors in computer code that cause unexpected program behavior.

Debugging

The process of finding and fixing software bugs.

Hardware-Software Interaction

The way software and hardware components work together, which can sometimes create new bugs.

Software Release Cycle

The process of developing, testing, and releasing software, which often involves publishing and selling before all bugs are found.

Code Complexity

The amount of intricate details and relationships within computer code, which can make it harder to find bugs.

Study Notes

Principles of Security - 1911194, Topic 2: The Need of Security

• Learning Objectives: Discuss organizational need for info sec, explain shared responsibility of departments, list/describe threats to info security, and discuss Linux operating systems, distributions, and their use in security.

Business Need for Security

• Information security performs four vital functions for organizations:
  • Protecting the organization's ability to function
  • Protecting data and info the organization collects and uses
  • Enabling safe operation of applications running on IT systems
  • Safeguarding technology assets from threats and attacks

Protecting Functionality of an Organization

• Organizations need security management, alongside IT departments, to implement and follow security plans.
• Management is responsible for facilitating security programs.
• Implementing information security requires strong management, not just technology, and sound management strategies.
• Security failures disrupt business operations and incur high costs.

Protecting Collected and Used Data

• Organizations rely on data to deliver value to customers.
• Safeguarding data during transmission, processing, and storage is crucial for information security.

Enabling Safe Application Operation

• Organizations require environments protecting applications using IT systems.
• General management oversees operations by different departments, ensuring compliance with security plans coordinated with IT departments. .

Safeguarding Technological Assets

• Organizations must use secure hardware and software appropriate for their size and scope.
• Additional security measures may be needed as the organization grows.
• General management must continuously supervise and maintain proper infrastructure development; IT coordination is essential.

Threats and Attacks

• Key Term (Attack): An intentional or unintentional act compromising information and supporting systems. Attacks can be active or passive, and direct or indirect.

• Active Attacks: Attacker modifies message content or affects system operations (e.g., changing data streams, creating false statements.) Examples include viruses, worms, and Trojan Horses.

• Management Reporting: Management needs insights into the types of threats (people, applications, data, info systems, physical assets).

• Increasing Threats: Despite increasing security, threats and attacks also increase, particularly due to global internet user growth.

12 Main Threats on Information Security

• Compromises on intellectual property (IP).
• Deviation in quality of service.
• Espionage or trespass (includes hackers, expert hackers, unskilled hackers, crackers.)
• Forces of nature.
• Human error or failure (includes disclosing data, erroneous data entry, accidental data deletion, unprotected storage).
• Information extortion.
• Sabotage or vandalism.
• Software attack (Rootkits, Denial of Service -DoS- , distributed Denial of Service -DDoS).
• Technical hardware failure or error.
• Technological obsolescence.
• Theft and physical attacks.

Defense in Depth (DiD)

• Defense in Depth is an information security approach with layered security mechanisms, protecting confidentiality, integrity, and availability of networks and data within the system.

Linux Operating System

• Linux is a modular Unix-like operating system, based on principles from the 1970s and 1980s.

• It's open-source so users can create their own distributions.

• Examples of well known Linux Distributions include: Ubuntu, Fedora, Linux Mint, Debian, Kali Linux, and CSI Linux.

• Different Distributions are focused on different functional uses from ethical hacking to digital forensics.

• Web sites such as www.Linux.org and www.Kali.org offer relevant information and support.

Description

This quiz covers the critical need for information security within organizations. It discusses organizational responsibilities, potential threats to information security, and the role of Linux operating systems in maintaining security. Test your knowledge on how businesses can protect their information and functionality.