System Design Security Fundamentals

Questions and Answers

What are the fundamental components of a system that present distinct security risks?

input, output, and rule-based tasks

What is the significance of a security policy in system design?

establishes what is valuable and allowable in the system

What is the primary goal of normalization in database systems?

to minimize connections and contradictions while verifying presumptions

What are some methods used to prevent threats in computer system environments?

redundancy, protocols, feedback regulation, safeguards, access control, and monitoring

Why is it essential to consider the time or money that may be lost during a recovery process in case of a disaster?

to minimize losses and ensure business continuity

Why is each component of a network compared to a piece of a jigsaw puzzle?

each component has a specific function

What are the benefits of RAID solutions?

Improved performance and fault tolerance

What is the importance of maintaining multiple copies of data?

To prevent data loss due to accidents, technical failures, natural disasters, or sabotage

Why is it important to store backups at a different physical location?

To mitigate risks such as fire or natural disasters

What factor determines the frequency of backups?

The rate of data changes and the importance of the data

Why is it unnecessary to back up certain parts of the operating system distribution?

Because they can be easily recovered from the source

What is a key consideration when deciding which files to back up?

The relevance of the files

What is the primary purpose of encryption in a VPN connection?

To preserve privacy

What is a potential weakness in VPN security?

Its weakest endpoint

What is the purpose of role-based security in a system?

To provide users with specific permissions based on their roles or tasks

What is a potential drawback of using POSIX 'Capabilities' in the Linux kernel?

Administrative challenges

What is the purpose of the Virtual Private Network Consortium?

To provide tools and insights for VPN deployment

How does a firewall function in a network?

A firewall functions as a gate-keeper, restricting access to and from a network, allowing only network data with appropriate credentials to pass.

What is the primary challenge faced by network-level analysis in detecting network break-in activity?

Large data volumes and packet fragmentation.

What type of attack does encryption protect against in a VPN connection?

Password interception in network packets

What is the primary goal when handling a compromised system?

To gather as much information as possible while minimizing further damage.

What is the significance of process monitoring in network security?

It compares normal software behavior against expected patterns to detect anomalies.

Why is it important to exercise caution when responding to a system compromise?

To avoid immediate shutdown or network disconnection until volatile information can be secured.

What is the primary purpose of network forensics in network security?

To identify the intruder and assess damage.

What is the main reason why redundancy is essential in a system?

Because a system that is more dependent on one component is weaker, and redundancy allows for a quicker recovery.

What should a rehabilitation plan consider when creating a recovery strategy?

Elements outside of one's immediate control and include the temporary or permanent replacement of crucial components.

What is the primary purpose of encryption in data security?

To scramble data so that only authorized parties can understand the information.

What is the function of integrity checksums in data security?

To detect errors or tampering in data by generating checksums for data and comparing them against known values.

What is the main benefit of having backup copies of data?

To provide a minimal level of protection against unintentional harm, natural calamities, and accidents, and to simplify the process of recovery.

What is the main focus of Chapter 12.3?

Securing data throughout the system to ensure data integrity and resilience against different threats.