Security Vulnerabilities and Threats Quiz

Security Fundamentals

• A vulnerability is a weakness or flaw in a system, application, or network that could be exploited by a threat actor to compromise security.
• Security vulnerabilities include injection attacks, broken authentication, sensitive data exposure, misconfigurations, XSS, XXE, insecure deserialization, and using components with known vulnerabilities.

Threats

• Threats are potential dangers or harmful events that can exploit vulnerabilities in a system, leading to security breaches, data loss, or damage to assets.
• Threats include malware (viruses, worms, ransomware), phishing attacks, social engineering, insider threats, DDoS attacks, data breaches, and physical theft or damage.

Risk

• Risk refers to the likelihood and potential impact of a threat exploiting a vulnerability, resulting in harm to an organization's assets, reputation, or operations.
• Risk is often measured by assessing the probability and severity of potential threats and their potential consequences.

Types of Security

• Application security focuses on protecting software applications and systems from risks and weaknesses, with a focus on implementing security measures during design, development, and maintenance stages.
• Information security (InfoSec) focuses on safeguarding the confidentiality, integrity, and availability of information assets through various practices, technologies, and policies.
• Network security is essential for safeguarding an organization's network infrastructure and data traffic from unauthorized access and malicious activities.

Backup and Recovery

• Full backup: copying all data in a system at a specific point in time.
• Incremental backup: backing up only the data that has changed since the last backup.
• Differential backup: backing up all changes since the last full backup.
• Attributes of backup types:
  • Storage space: full backup (high), incremental backup (low), differential backup (medium)
  • Back up speed: full backup (slowest), incremental backup (fastest), differential backup (fast)
  • Restoration speed: full backup (fastest), incremental backup (slowest), differential backup (fast)
  • Duplication: full backup (highest level, stores duplicate files), incremental backup (no duplicate files), differential backup (no duplicate files)

Countermeasures

• Countermeasures are strategic or tactical actions taken to mitigate or neutralize a threat or problem.
• Examples of countermeasures:
  • Confidentiality: encryption, access controls, authentication, data classification, secure channels
  • Integrity: data validation, checksums, digital signatures, access controls, audits
  • Availability: redundancy, fault tolerance, disaster recovery planning, backup systems, load balancing, network resiliency

Risk Faced by IT Organizations

• Cybersecurity threats: malware, ransomware, phishing, DDoS attacks
• Data breaches: financial loss, reputation damage, legal consequences, loss of customer trust
• Unauthorized access: weak authentication mechanisms, improper access controls, insider threats
• System downtime: hardware failures, software glitches, cyberattacks, natural disasters
• Regulatory compliance: fines, legal action, reputational harm from non-compliance with industry regulations and data protection laws
• Third-party risks: risks related to data security, service reliability, and contractual obligations from outsourcing IT services or working with third-party vendors