352CISChapter-1 MCQ

Questions and Answers

What are the three essential elements that a malicious attacker must have to ensure the success of an attack?

Technique, access, and skill

Method, target, and resources

Method, opportunity, and motive (correct)

Plan, timing, and execution

Which aspect of security ensures that only authorized parties can modify an asset?

Authentication

Availability

Confidentiality

Integrity (correct)

Which control strategy involves making an attack harder but not impossible?

Prevent

Mitigate

Deter (correct)

Deflect

What is the primary goal of availability in computer security?

Making sure an asset is accessible to authorized parties

What does the integrity of an asset ensure?

It is consistent and modified only by authorized parties

What best defines a vulnerability in a computer security context?

A weakness in the system that can be exploited.

What is a characteristic of physical controls in security?

They stop or block an attack using tangible methods

What characterizes an advanced persistent threat (APT)?

A stealthy threat actor that remains undetected.

Which of the following poses a data disclosure threat?

Sending an email to the wrong recipient.

What is an insider threat?

Potential harm from someone with authorized access.

Which of the following is an example of alteration threat?

A hacker changes financial records maliciously.

What does sabotage threat encompass?

Harming physical or virtual infrastructure.

Which of the following statements is false regarding threats?

All threats result in immediate harm.

What is the primary focus of controls in the context of computer security?

To prevent unauthorized access and mitigate risks.

Study Notes

Introduction to Computer Security

• Computer security protects valuable computer assets and systems, including hardware, software, and data.
• Key concepts include vulnerabilities, threats, attacks, and controls.

Vulnerabilities

• A vulnerability is a system's weakness in procedures, design, or implementation that can lead to loss or harm.

Threats

• Threats represent circumstances that could cause loss or harm to computing systems.
  • Assess potential harm by identifying bad outcomes and the responsible entities.
• Types of threats include:
  • Insider Threats: Authorized individuals misusing access to harm an organization.
  • Advanced Persistent Threats (APTs): State-sponsored or organized cyberattacks remaining undetected for long periods for targeted objectives.
  • Data Disclosure Threats: Unauthorized sharing of sensitive data, often due to human error.
  • Alteration Threats: Unauthorized changes to information or systems.
  • Sabotage Threats: Actions aimed at damaging an organization’s infrastructure or operations.

Attacks

• Attacks exploit vulnerabilities, carried out by human hackers or automated systems.
• Successful attacks require method, opportunity, and motive.

Security Goals

• Confidentiality: Ensures only authorized parties can access protected information.
• Integrity: Ensures only authorized modifications to data are allowed; retains accuracy and consistency.
• Availability: Guarantees that authorized users can access the data as needed.

Controls and Countermeasures

• Controls prevent threats from exploiting vulnerabilities.
• Methods to manage harm include:
  • Prevent: Block attacks by closing vulnerabilities.
  • Deter: Impede attackers by increasing difficulty.
  • Deflect: Redirect attackers to less valuable targets.
  • Mitigate: Reduce the severity of impacts.
  • Detect: Identify threats during or after the event.
  • Recover: Restore systems post-attack.
• Types of controls:
  • Physical Controls: Tangible measures to block attacks.