Security Basics Chapter 1 Part 2

Questions and Answers

What is the definition of security threats?

A risk that can potentially harm computer systems, organization, and (web) service providers.

Which of the following are examples of security threats? (Select all that apply)

Malicious code

A reconnaissance attack is a type of security attack that an attacker uses to launch an actual attack immediately.

False

_______ is when someone pretends to communicate in an attempt to gain confidence or access to systems.

Spoofing

Which of the following are types of spoofing attacks? (Select all that apply)

Email spoofing

What is the purpose of a Sniffer in a network?

To monitor and capture data packets passing through the network, capturing sensitive information.

Passive Sniffing allows altering network traffic in some way.

False

______ is an attempt to access another user account or network device through improper means.

Access Attack

What describes Brute Force attacks?

Repeated attempts with various password combinations

What is the goal of security that ensures information is correct and has not been altered by unauthorized persons?

Integrity

Define 'Availability' in the context of security goals.

Resources should be available to authorized parties at all times, ensuring timely and reliable access to and use of information.

Match the following types of hackers with their descriptions:

Black Hat = Uses knowledge to break into unauthorized systems Phreaker = Manipulates phone networks White Hat = Identifies vulnerabilities and reports them Script Kiddies = Uses scripts developed by others for attacks

The ___________ in security involves any attempt to destroy, expose, alter, disable, steal, or gain unauthorized use of an asset.

attack

What type of scan involves crafting a SYN packet to establish a TCP connection without forming the connection itself?

SYN Scan

Which type of scan is known for setting all header fields to null?

NULL Scan

Information security aims to protect information systems from authorized access, use, and disclosure.

False

Information security ensures ____, ____, and ____ of information.

Confidentiality, Integrity, Availability

Match the following security goals with their definitions:

Confidentiality = Ensuring only authorized parties can access the information Integrity = Preserving authorized restrictions on access and disclosure Availability = Ensuring information is accessible and usable when needed

Study Notes

Security Threats

• Security threats are risks that can potentially harm computer systems, organizations, and web service providers.
• Types of security threats:
  • Malicious code
  • Hacking
  • Natural disasters
  • Theft
• Consequences of security threats:
  • Financial damages
  • Leak of private data
  • Theft of valuable information
  • Disruption of phone and computer networks
  • Loss of sensitive data

Malicious Code

• Also known as malware
• A type of security threat that cannot be efficiently controlled by conventional antivirus software alone
• Types of malicious code:
  • Viruses
  • Worms
  • Trojan horses
  • Backdoors
  • Malicious active content
• Sources of malware:
  • Expert hackers
  • Virus creation software
  • Criminals
• Consequences of malware:
  • Undesired effects
  • Security breaches
  • Damage to a system

Hacking

• An attempt to exploit a computer system or private network
• Unauthorized access to or control over computer network security systems
• Main goal: to gain some sort of benefit or satisfaction
• Types of hacking:
  • Unauthorized access to information
  • Gaining unauthorized access to a system or network

Natural Disasters

• Extreme, sudden events caused by environmental factors
• Examples: floods, hurricanes, tornadoes, volcanic eruptions, earthquakes, tsunamis
• Natural disasters can damage property and injure people

Theft

• The physical removal of an object capable of being stolen without the consent of the owner
• Intention: to deprive the owner of the object permanently
• Types of theft:
  • Physical theft of computer hardware
  • Theft of sensitive information

Sources of Security Threats

• Internal threats:
  • Originate from within the organization
  • Examples: employees, contractors, suppliers
• External threats:
  • Originate from outside the organization
  • Examples: hackers, software threats, network security threats
• Structured threats:
  • Preplanned and focus on a specific target
• Unstructured threats:
  • Random and usually the result of an attacker identifying a vulnerability

Methods of Security Attacks

• Reconnaissance attack:
  • Gathering information about a target before launching an actual attack
  • Types: port scanning, spoofing, sniffing
• Access attack:
  • An attempt to access a system or network without authorization
  • Types: hacking, brute force
• Denial of Service (DoS) attack:
  • Shutting down a system or network by flooding it with traffic
  • Types: DoS, Distributed Denial of Service (DDoS)
• Malicious code attack:
  • Using malware to cause harm to a system or network
  • Types: viruses, worms, Trojan horses, backdoors

Security Attacks

• Spoofing:
  • Pretending to be someone else to gain access to a system or network
  • Types: email spoofing, website spoofing, caller ID spoofing
• Sniffing:
  • Monitoring and capturing data packets passing through a network
  • Types: active sniffing, passive sniffing
• Brute force attack:
  • Trying various combinations of usernames and passwords to gain access to a system or network
• Hacking:
  • An attempt to exploit a computer system or private network
• Malicious code:
  • Using malware to cause harm to a system or network

Social Engineering

• Manipulating people to give up confidential information
• Types: phishing, vishing, pretexting
• Consequences: identity theft, unauthorized access to systems and networks### Introduction to Security
• Information security is the protection of information from unauthorized access, use, disclosure, disruption, modification, or destruction.
• It preserves an organization's value.

Goals of Security

Confidentiality

• Ensures that only authorized parties can access information.
• Protects against unauthorized access, use, disclosure, and disruption.
• Only the sender and intended recipients should be able to access information.

Integrity

• Ensures that information is not modified without authorization.
• Protects against unauthorized modification or destruction of information.
• Ensures that information is correct and has not been altered or deleted.

Availability

• Ensures that information is accessible and usable when needed.
• Protects against the loss of access to information.
• Ensures that resources are available to authorized parties at all times.

Types of Hackers

• Attackers: Individuals or organizations that perform malicious activities to destroy, expose, alter, disable, or gain unauthorized access to assets.
• Hackers: Skilled computer experts, often associated with malicious activities (security hackers).
• Cracker: An individual who attempts to gain unauthorized access to network resources with malicious intent.
• Phreaker: An individual who manipulates the phone network to perform unauthorized functions.
• Script Kiddies: Unskilled individuals who use scripts or programs developed by others to attack computer systems and networks.
• Cybercriminals: Individuals who commit crimes involving computers and networks.
• Spammer: An individual who sends large numbers of unsolicited emails.
• White Hat: An individual who uses their abilities to find vulnerabilities and reports them to the system owners to fix.
• Black Hat: An individual who uses their knowledge to break into systems or networks without authorization.

Network Security Tools

• Nmap: A free, open-source tool for vulnerability scanning and network discovery.
• Netstat: A program that displays active network connections, routing tables, and interface statistics.
• Netscan: A tool that captures and analyzes network traffic to detect potential security threats.

Data Wiping

• Deleting files from a hard drive does not completely remove them from the computer.
• Data wiping involves securely erasing data from a hard drive to prevent recovery.
• Overwriting data multiple times is necessary to ensure complete erasure.

Hard Drive Destruction and Recycling

• Destroying hard drives is necessary for secure disposal of sensitive data.
• Shattering the hard drive platters with a hammer and safely disposing of the pieces is the most effective method.
• Recycling hard drives that do not contain sensitive data is possible, but reformating is necessary.

Types of Scans

• TCP Scan: A type of Nmap scan that checks for open ports and services on a target system.
• UDP Scan: A type of Nmap scan that checks for open UDP ports on a target system.
• SYN Scan: A type of Nmap scan that checks for open TCP ports on a target system.
• ACK Scan: A type of Nmap scan that checks for filtered ports on a target system.
• FIN Scan: A type of Nmap scan that checks for open TCP ports on a target system.
• NULL Scan: A type of Nmap scan that checks for open TCP ports on a target system.
• XMAS Scan: A type of Nmap scan that checks for open TCP ports on a target system.
• RPC Scan: A type of Nmap scan that checks for open RPC services on a target system.
• IDLE Scan: A type of Nmap scan that checks for open ports on a target system using an idle scan.

Data Wiping Tools

• Data Wiping Software: Software that securely erases data from hard drives to prevent recovery.

Note: The study notes are based on the provided text and may not be exhaustive.### Confidentiality, Integrity, and Availability

• The three fundamental principles of security, ensuring that data is protected from unauthorized access, modification, or destruction.

Hacker vs. Attacker

• A hacker is a skilled computer expert who uses their technical knowledge to overcome problems.
• An attacker is an individual or organization performing malicious activities, attempting to destroy, expose, alter, disable, steal, or gain unauthorized access to an asset.

Types of Hackers

Black Hat Hacker

• A malicious hacker using their skills for illegal or unethical purposes.

White Hat Hacker

• A security expert using their skills to help organizations improve their security and protect against threats.

Phreaker

• A type of hacker specializing in telecommunication systems and networks.

Cracker

• A malicious hacker who breaks into computer systems without permission.

Script Kiddie

• An inexperienced hacker using existing tools and scripts to launch attacks.

Spammer

• A type of hacker sending large amounts of unwanted emails or messages.

Cybercriminal

• An individual or group using hacking skills for illegal activities, such as fraud or extortion.