Understanding Computer and Information Security

Questions and Answers

Which of the following best describes the primary goal of computer security?

• Ensuring the safe and uninterrupted operation of computer systems. (correct)
• Maximizing the processing speed of computer hardware.
• Developing new software applications.
• Providing unrestricted access to all data files.

Which of the following highlights a key difference between cybersecurity and information security?

• Cybersecurity deals specifically with digital threats, while information security covers all forms of data protection, including physical security. (correct)
• There is no practical difference between these fields.
• Cybersecurity is concerned with protecting hardware, while information security protects software.
• Cybersecurity involves protection against physical threats, while information security focuses on digital threats.

Why is security in computing essential in today's environment?

• To prevent unauthorized access, data theft, and malicious damage. (correct)
• To reduce the cost of hardware maintenance.
• To simplify software installation.
• To ensure computers run faster.

In the context of computer security, what does 'availability' primarily ensure?

Legitimate users have continuous access to data and services. (D)

What is the primary purpose of 'access control' in computer security?

To limit and control access to host systems and applications. (A)

Which of the following best describes 'non-repudiation' in the context of computer security?

Preventing the denial of a transmitted message by either the sender or receiver. (C)

In the relationship between threats, vulnerabilities, and controls, what role does a 'control' play?

A control blocks a threat by addressing a vulnerability. (B)

Which of the following scenarios exemplifies a security threat that is classified as 'interruption'?

A computer's hard drive is physically destroyed, causing data loss. (B)

Which scenario is an example of 'interception' as a security threat?

A hacker uses wiretapping to capture confidential data transmitted over a network. (D)

Which of the following is an example of 'modification' as a security threat?

A hacker gains access to a database and changes salary information. (C)

Which of the following scenarios exemplifies a security threat categorized as 'fabrication'?

An intruder adds fake user accounts to a system to gain unauthorized access. (A)

In the context of security threats, what do the elements of Method, Opportunity, and Motive (MOM) represent collectively?

The key aspects required for an attack to be successful. (D)

Which of the following is the best example of a hardware vulnerability that could be exploited in a security attack?

Leaving a server room door unlocked. (D)

Which of the following exemplifies a software vulnerability that could be exploited by an attacker?

Using an outdated operating system without security patches. (B)

Identify the scenario that presents a vulnerability related to data security.

Storing sensitive data on an unencrypted USB drive. (B)

What is the role of “Encryption” as a security control?

To prevent unauthorized access by converting data into an unreadable format. (B)

From a computer security perspective, what best describes 'amateurs' in the context of computer criminals?

Normal people who exploit a security weakness for personal gain. (C)

Which definition most accurately describes 'Crackers' or 'hackers' in the context of computer security?

Technically skilled individuals who attempt to gain unauthorized access to computing facilities. (B)

Which of the following is a primary characteristic of 'Career criminals' in the realm of computer security?

They understand the targets of computer crime. (A)

What is the first step in methods of defense?

By blocking the attack or closing the vulnerability. (B)

Regarding methods of defense, what is 'Deter'?

Making the attack harder, but not impossible. (A)

Which action aligns with the principle of 'Deflect' in computer security defense strategies?

Making an alternative target more appealing to redirect an attack. (B)

What does the 'Detect' method of defense mean?

Either as it happens or some time after the fact. (D)

What is 'Recover' in methods of defense?

Return to original state. (D)

What kind of controls will protect confidentiality, integrity and availability?

All of them. (D)

Which of the following is classified as a physical control in computer security?

Locks on doors. (C)

What is an 'Overlapping Control'?

A control that can do more than one thing. (A)

What is a periodic review?

Audits done periodically. (B)

What is involved in data integrity?

Detection rather than prevention. (C)

According to the objectives of computer security, what must security controls address?

Computing risks, the goals of secure computing, threats to security and the controls available to address the threats. (C)

Which of data transfers is considered as protection?

All of the above. (D)

Which of the following should be in place to protect from traffic analysis?

Do not observe the destination, source, frequency, or length. (B)

Which industries or areas are concerned with security?

All of the above. (D)

How about viruses, trojan horses and worms?

The internet is the host. (B)

Which example is considered as a physical security?

Environmental protection. (C)

Which example is considered as a logical technique for security?

Secure communication. (B)

Which example is considered as a procedural protection against threats?

Security policy. (B)

What is the opposite of denial of service attacks?

Availability. (C)

Flashcards

Cybersecurity

Protecting systems, networks, and digital data from cyber threats like hacking and malware.

Information Security (InfoSec)

Focuses on protecting data, both digital and physical, from unauthorized access, modification, or destruction; ensuring confidentiality, integrity, and availability (CIA triad).

Computer Security

The protection of a company's assets by ensuring the safe, uninterrupted operation of the system and the safeguarding of its computer, programs, and data files.

Computer Security

The protection of information and physical assets of a computer system; involves measures and controls ensuring confidentiality, integrity, and availability.

Confidentiality

Ensuring data is protected from unauthorized disclosure to third parties, often called secrecy or privacy, and involves protection from passive attacks.

Integrity

Assuring that data is not altered or destroyed in an unauthorized manner, applicable to streams or single messages, focused on detecting active attacks.

Availability

Ensuring continuous operation of computing systems so legitimate users can access data and services at appropriate times, the opposite of denial of service.

Authentication

Positively identifying a person or system seeking access to secured information or services; assuring that communication is authentic.

Access Control

Limiting and controlling access to host systems and applications via communication links; requires identification and authentication to tailor access rights.

Non-repudiation

The guarantee that something came from the claimed source; prevents senders or receivers from denying a transmitted message.

Threats

A set of circumstances with the potential to cause loss or harm to a computing system.

Vulnerability

A weakness in a security system that could be exploited to cause loss or harm.

Control

A protective measure, action, device, procedure, or technique that removes or reduces a vulnerability.

Interruption

An asset of the system is destroyed or becomes unavailable or unusable.

Interception

An unauthorized party gains access to an asset.

Modification

An unauthorized party not only gains access but also tampers with an asset.

Fabrication

An unauthorized party inserts counterfeit objects into the system.

Method

Skills, knowledge, tools to pull off the attack.

Opportunity

Time and ability to accomplish attack.

Motive

A reason to want to perform attack against system.

Prevent

Blocking the attack or closing the vulnerability.

Deter

Making the attack harder.

Deflect

Making the other target more attractive.

Detect

Detecting by either when it happens or after some time.

Recover

Recovering from its effects.

Study Notes

• Computer security involves examining risks, understanding security goals, examining threats, and identifying controls.
• "Secure" means protecting valuable assets, including physical assets, money, and confidential data.
• Computer security is the protection of a company's assets by ensuring safe, uninterrupted system operation and safeguarding computers, programs, and data files
• Computer security protects information and physical assets of a computer system.
• It involves ensuring confidentiality, integrity, and availability of processed and stored information
• Measures include policies, procedures, hardware, and software tools which protect systems and information.
• Cybersecurity protects systems, networks, and digital data from cyber threats like hacking and malware.
• Information security (InfoSec) focuses on protecting both digital and physical data, ensuring confidentiality, integrity, and availability (CIA triad).
• Cybersecurity deals with digital threats, while information security covers all forms of data protection (including physical security).
• The internet hosts numerous threats, including viruses, worms, Trojan Horses, hacking, denial of service attacks, masquerading, spoofing, fraud, data theft, and malicious damage.

The need for security is paramount in areas like:

• Banking
• Education
• Government
• Healthcare
• Retail
• Telecommunications

Types of security

• Physical: Environmental protection.
• Logical/System/Technical: Authentication, secure communications.
• Procedural/Personnel: Security policy.

Principles and Concepts

• Security Requirements
• Security Threats/Attacks
• Security Controls

Core tenets of information security

• Confidentiality: Protecting data from unauthorized disclosure.
• Integrity: Ensuring data isn't altered or destroyed in an unauthorized manner.
• Availability: Ensuring continuous operation of computing systems so legitimate users can access data.

More concepts

• Authentication: Positive identification of person/system seeking access.
• Access Control: Limiting and controlling access to host systems.
• Non-repudiation: Guaranteeing data's origin and preventing sender/receiver from denying a transmitted message.

Threat and vulnerability

• Threats are circumstances that could cause loss or harm to a computing system.
• Vulnerabilities are weaknesses exploitable to cause loss or harm.
• Controls refers to protective measures.

Note:

• A threat is blocked by control of a vulnerability.

Threats can be accidental or deliberate:

• Physical: Fire, flood, power failure.
• Human: Operator errors, misuse of resources, hacking, viruses.
• Equipment: CPU, network, storage failure.
• Failure to preserve CIA can result in disclosure, denial, destruction, or modification of data, leading to consequences.

Consequences of security breaches include:

• Financial loss
• Embarrassment
• Breach of commercial confidentiality
• Breach of personal privacy
• Legal liability
• Disruption to activities
• Threats to personal safety

Security threats fall into four general categories

• Interruption: An asset is destroyed or unusable.
• Interception: An unauthorized party gains access to an asset.
• Modification: An unauthorized party gains access to and tampers with an asset.
• Fabrication: An unauthorized party inserts counterfeit objects into the system.

MOM

• Method refers to the skills, knowledge, tools to pull off an attack
• Opportunity refers to the time and access to accomplish an attack
• Motive refers to the reason to want to perform attack against system.

Vulnerabilities exist across hardware, software, and data components

• Hardware vulnerabilities include physical damage or traffic interception.
• Software vulnerabilities include malicious software changes, accidental modification, logic bombs, and unauthorized copying.
• Data vulnerabilities encompass wiretapping, planting bugs, monitoring electromagnetic radiation, bribery, theft, and modification.
• Security controls include legal restrictions, physical controls, encryption, plus software, and hardware controls.
• Security controls also encompass policies/procedures needed to preserve confidentiality, integrity and availability.

Computer criminals include:

• Amateurs: Normal people exploiting security weaknesses for cash or valuables.
• Crackers/hackers: Often students attempting to access unauthorized computing facilities.
• Career criminals: Those who understands the targets of computer crime.

Methods of Defense

• Prevent - by blocking the attack or closing the the vulnerability.
• Deter - by making the attack harder, but not impossible.
• Deflect - by making the other target more attractive (or this one less so).
• Detect - by either as it happens or some time after the fact.
• Recover from its effects.

Types of Controls

• Physical controls
• Encryption
• Software controls
• Hardware controls
• Policies and procedures

Effectiveness of Controls

• Awareness of problem
• Likelihood of use
• Overlapping controls
• Periodic review