Understanding Computer Security

Questions and Answers

Which of the following best describes the primary goal of computer security?

• Ensuring uninterrupted access to social media platforms.
• Developing new software applications and hardware technologies.
• Protecting a company's assets by ensuring safe, uninterrupted operation of computer systems and safeguarding data. (correct)
• Maximizing the speed of data processing and network communication.

What three key principles are ensured by the measures and controls within computer security?

• Confidentiality, Integrity, Availability (correct)
• Innovation, Development, Marketing
• Accessibility, Usability, Functionality
• Speed, Efficiency, Reliability

What is the key difference between cybersecurity and information security?

• Cybersecurity focuses on the physical security of computer hardware, while information security deals with digital threats.
• Cybersecurity covers all forms of data protection, including physical security, while information security deals specifically with digital threats.
• There is no difference; the terms are interchangeable.
• Cybersecurity deals specifically with digital threats, while information security covers all forms of data protection, including physical security. (correct)

Which of the following is NOT typically considered a threat that necessitates computer security?

Software updates and patches (A)

In the context of computer security, what does 'availability' ensure?

Legitimate users have continuous operation of computing systems and access to data. (A)

What is the primary goal of 'authentication' in computer security?

To verify the identity of a person or system seeking access. (A)

Which security principle ensures that neither the sender nor the receiver of a message can deny its transmission or receipt?

Non-repudiation (A)

In security terms, what is a 'vulnerability'?

A weakness in a system that could be exploited. (B)

What type of security threat involves an unauthorized party gaining access to an asset?

Interception (A)

Which security threat category involves an unauthorized party tampering with an asset?

Modification (A)

What is the definition of 'interruption' as a security threat?

An asset of the system is destroyed or becomes unavailable. (A)

An attacker adds spurious records to a file. Which type of security threat does this represent?

Fabrication (A)

What is the relationship between a threat, a vulnerability, and a control in computer security?

A control blocks a threat of a vulnerability. (D)

In the context of the 'MOM' acronym, what does 'Opportunity' refer to?

The time and access needed to accomplish an attack. (C)

Which of the following is an example of a hardware vulnerability?

Flooding devices with traffic (B)

Which of the following is considered a software vulnerability?

Logic bomb (D)

What is an example of a data vulnerability?

Planting bugs in output devices. (A)

What is the purpose of security controls?

To preserve confidentiality, integrity, and availability. (C)

Which of the following is a method of defense that involves blocking an attack or closing the vulnerability?

Prevent (D)

Which of the following aspects enhances the effectiveness of security controls?

Awareness of problem (A)

Which type of security control involves putting locks on doors?

Physical controls (A)

An organization implements a policy requiring all employees to use strong, unique passwords and change them every 90 days. What type of security controls does this represent?

Procedural / Personnel (B)

Why is security needed in areas like banking, healthcare and government?

To maintain public trust and ensure the integrity of sensitive information. (C)

An intrusion detection system (IDS) is put in place to monitor network traffic for suspicious activity. This aligns to which method of defense?

Detect (C)

An organization decides to move its servers to a cloud provider that offers better physical security and redundancy. Under which defense method does this fall?

Deflect (B)

After a successful ransomware attack, a company restores its systems from a recent backup. This action exemplifies which method of defense?

Recover (B)

Implementing multi-factor authentication can be regarded as which type of security?

Logical security (D)

Which of the following would be an example of physical security?

Environmental protection (D)

Which of the following would be an example of procedural security?

Security policy (B)

Which of the following activities best exemplifies 'integrity' in the context of computer security?

Using checksums to verify the integrity of transferred files. (C)

A disgruntled employee modifies critical data in a company database, leading to incorrect financial reports. Which principle has been violated?

Integrity (A)

A hospital's computer network is infected with ransomware, preventing doctors from accessing patient records. Which security principle has been MOST directly compromised?

Availability (A)

An attacker intercepts network communications and copies sensitive data being transmitted between two servers. This is an example of a violation of:

Confidentiality (D)

What is the main intention behind access control?

The limit and control to host systems and applications. (A)

Why is it important to consider ethical restrictions on computer-based crime?

To do what is morally right. (D)

What do the letters of the acronym CIA stand for?

Confidentiality, Integrity, Availability (A)

Which type of individual normally attempts to observe a weakness in a security system, to access cash or other valuables?

Amateur (D)

Flashcards

Computer Security

Ensuring the safe, uninterrupted operation of computer systems and safeguarding computer programs and files.

Cybersecurity

The practice of protecting computer systems, networks, and digital data from cyber threats.

Information Security

Protecting data, both digital and physical, from unauthorized access, modification, or destruction.

Confidentiality

The protection of data from unauthorized disclosure to a third party.

Integrity

Assurance that data is not altered or destroyed in an unauthorized manner.

Availability

Continuous operation of computing systems, ensuring legitimate users have access to data and services.

Authentication

Positive identification of a person or system seeking access to secured information or services.

Access Control

Limiting and controlling access to host systems and applications via communication links.

Non-Repudiation

Guaranteeing that something came from the source it claims, preventing denial of transmitted messages.

Threat

A set of circumstances with the potential to cause loss or harm to a computing system.

Vulnerability

A weakness in a security system that might be exploited to cause loss or harm.

Control

A protective measure against threats, removing or reducing a vulnerability.

Interruption

An asset of the system is destroyed, unavailable, or unusable.

Interception

An unauthorized party gains access to an asset.

Modification

An unauthorized party gains access and tampers with an asset.

Fabrication

An unauthorized party inserts counterfeit objects into the system.

Method (in MOM)

The skills, knowledge, tools, and other resources needed to perform an attack.

Opportunity

The time and access needed to accomplish an attack.

Motive

A reason to want to perform an attack against a system.

Security Control

Legal and ethical restrictions on computer-based crime.

Prevent

Blocking the attack or closing the vulnerability.

Deter

Making the attack harder, but not impossible.

Deflect

Making another target more attractive.

Detect

Detect the attack as it happens.

Recover

Recover from the effects of the attack.

Study Notes

Objectives of Computer Security

• Aims to examine risks, understand security goals, study threats, and identify controls.

Defining Computer Security

• Involves protecting valuable assets like houses, cars, offices, money in the bank, and confidential data such as emails.
• Definition: Protecting a company's assets by ensuring safe, uninterrupted system operation and safeguarding computers, programs, and data files
• Protects information and physical assets, ensuring confidentiality, integrity, and availability
• Achieved through policies, procedures, hardware, and software tools which secure processed, stored, and transmitted information

Cybersecurity vs Information Security

• Cybersecurity protects systems, networks, and digital data from cyber threats like hacking and malware

• Information security (InfoSec) focuses on protecting both digital and physical data from unauthorized access and ensuring confidentiality, integrity, and availability

• Cybersecurity focuses on digital threats, while information security encompasses all forms of data protection, including physical security

The Importance of Security

• The Internet is exposed to numerous threats, including viruses, worms, Trojan Horses, hacking, denial of service attacks, masquerading, spoofing, fraud, data theft and malicious damage.
• Security is needed in banking, education, government, healthcare, retail, and telecommunications.

Types of Security

• Physical: Environmental protection.
• Logical/System/Technical: Authentication and secure communications.
• Procedural/Personnel: Security Policy.

Principles and Concepts

• Involves security requirements, threats/attacks, and security controls.
• Key aspects includes confidentiality, integrity, availability, authentication, access control, and non-repudiation.

Confidentiality

• Protecting data from unauthorized disclosure to third parties
• Offers protection from passive attacks.
• Acts as secrecy or privacy
• Secures all user data, individual messages, or traffic flow by hiding source, destination, and traffic characteristics

Integrity

• Assures that data is not altered or destroyed without authorization
• Applies to message streams, single messages, or selected message fields
• Focuses on detecting rather than preventing active attacks.

Availability

• Continuous operation of computing systems so legitimate users can access data
• Applies to both data and services.
• Ensures assets are accessible at suitable times
• Aims to prevent denial of service.

Authentication

• Positively identifies individuals or systems requesting access to secured information or services
• Assures that communications are authentic.

Access Control

• Limits entry to host systems and applications through communication links
• Requires identification/authentication of entities so that access rights are specific to the individual.

Non-Repudiation

• Guarantees claimed source authenticity.
• Prevents senders or receivers from denying transmitted messages
• Allows message recipients to prove the message was sent by the alleged sender
• Allows senders to prove the message was received by the alleged receiver.

Security Attacks

• Threats can cause harm to computing systems.
• Vulnerabilities are system weaknesses that can be exploited to cause harm.
• Controls provide protective measures.
• A threat can be blocked by controlling a vulnerability.

MOM (Method, Opportunity, Motive)

• Method: Skills, knowledge, and tools needed for an attack.
• Opportunity: Time and access required for an attack.
• Motive: Reason for wanting to attack a system.

Security Threats

• Security threats are categorized into:
  • Interruption: An asset becomes unusable.
  • Interception: Unauthorized access to an asset.
  • Modification: Unauthorized tampering with an asset.
  • Fabrication: Inserting counterfeit objects into the system.

Vulnerabilities

• Hardware vulnerabilities include interruption (DoS), modification and interception (theft).
• Software vulnerabilities includes interruptions (deletion), interception, and modification (logic bomb)
• Data vulnerabilities include interceptions, modification, and fabrication.

Hardware Vulnerabilities

• Include adding, changing, or removing devices and intercepting traffic
• Actions, such as flooding devices, or physical damage are considered hardware vulnerabilities.

Software Vulnerabilities

• Malicious actions (replace, change, destroy)
• Accidental actions (modify, delete, misplace)
• Introduce logic bombs, trojans, viruses, or information leaks.
• Unauthorized copying of software (pirated).

Data Vulnerabilities

• Wiretapping, planting bugs, filtering through trash, electromagnetic radiation monitoring
• Involves stealing, buying, finding or hearing data
• Modifying data.

Security Control

• Achieved through legal/ethical restrictions, preserving confidentiality, integrity, and availability
• Achieved through physical controls, encryption, software/hardware controls, and policies/procedures.

Computer Criminals (People Involved)

• Amateurs exploits weaknesses for financial gain.
• Crackers/hackers attempts to access unauthorized computer facilities.
• Career criminals understands the targets of computer crime.

Methods of Defense

• Prevent by blocking attacks
• Deter by making attacks harder
• Deflect by making other targets more attractive
• Detect as it is happening
• Recover from its effects.

Controls

• Physical, Encryption, Software, Hardware, and Policies/Procedures

Effectiveness of Controls

• Enhanced by awareness, likelihood of use, using overlapping controls, and periodic review.