CI607 Information Security Management Exam Revision PDF

08/01/2025 CI607 Information Security Management Exam revision 1 The Exam Thursday 23rd January in W507 3:00pm – 1.5 hours 3 questions – answer all 3 Check again for any change in time 08/01/2025 Risk management methods 2 2 08/01/2025 What is a contingency plan? Management policy and procedures designed to maintain or restore business operations, including computer operations, possibly at an alternate location, in the event of emergencies, system failures, or disasters 3 Components of a contingency plan Incident Response (IR) plan Disaster Recovery (DR) plan Business Continuity (BC) plan 4 08/01/2025 What is an incident? Event is any observable occurrence in a system and/or network Incident is an assessed occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system; or the information the system processes, stores, or transmits; or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies Events sometimes provide indication that an incident is occurring 5 Incident Response Incident response (IR) plan: a detailed set of processes and Incident response planning procedures that anticipate, (IRP): IR must be carefully planned detect, and mitigate the effects and coordinated the preparation for such an of an unexpected event that event might compromise information and assets Organizations heavily depend on the quick and efficient containment and resolution of incidents 6 08/01/2025 Incident Response Policy Key components of a typical IR policy: Statement of management commitment Purpose and objectives of the policy Scope of the policy Definition of InfoSec incidents and related terms Organizational structure and definition of rules, responsibilities, and levels of authority Prioritization or severity ratings of incidents Performance measures Reporting and contact forms 7 Example of IRP incident- handling procedures 8 08/01/2025 Detecting Incidents Incident classification: process of examining a possible incident, or incident candidate And determining whether it constitutes an actual incident Possible Indicators: Presence of unfamiliar files Presence or execution of unknown programs or processes Unusual consumption of computing resources Unusual system crashes 9 Cost balancing 10 08/01/2025 Risk management methods Disaster Recovery Disaster recovery planning Disaster recovery (DR) plan: (DRP): often activated when the IR plan no longer can handle entails the preparation for the effective and efficient and recovery from a disaster recovery from loss Example: a malicious program evades containment Whether natural or human actions and infects/disables caused many or most of an organization’s systems and its ability to function 08/01/2025 11 11 Risk management methods Business Continuity Business continuity planning Most properly managed by the CEO (BCP) ensures that critical business functions can It is activated and executed concurrently with the continue if a disaster occurs DR plan when the disaster is major or long term If a disaster renders the There must be a plan to allow the business to current business location unusable continue to function 08/01/2025 12 12 08/01/2025 Risk management methods Security design principles Psychology: the security mechanism must be ‘psychologically acceptable’ to the humans who have to apply it Human Factors and Economics: each individual user, and the organisation as a whole, should have to deal with as few distinct security mechanisms as possible Crime Science and Economics: the effort required to beat a security measure should exceed the resources and potential rewards for the attacker [The Protection of Information in Computer Systems, Jerome Saltzer and Michael Schroeder, 1975] 08/01/2025 13 13 Risk management methods Usable security- understanding the cause Research has shown that non-compliance, which we now refer to as ‘rule-bending’, is caused by people facing a stark choice between doing what is right by security, and reducing their productivity Most choose productivity over security, because that is what the organisation also does ‘The way to make security that works is to make security that works for people’ (UK’s National Cyber Security Centre (NCSC)) 08/01/2025 14 14 08/01/2025 Risk management methods Usable security – key elements 1. the capabilities and limitations of the target users; 2. the goals those users have, and the tasks they carry out to achieve them; 3. the physical and social context of use; 4. the capabilities and limitations of the device on which the security mechanism is used. 08/01/2025 15 15 Risk management methods Human error 1. Individual factors include fatigue, but also inexperience and a risk-taking attitude 2. Human Factors include the limitations of memory but also common habits and widely shared assumptions 3. Task factors include time pressure, high workload and multiple tasks, but monotony and boredom are equally error-inducing because people shift their attention to diversions. Uncertainty about roles, responsibilities and rules also lead to incorrect choices. 4. Work environment factors include interruptions to tasks and poor equipment and information. People are also particularly prone to error when rules and procedures change. 08/01/2025 16 16 08/01/2025 CI607 Information Security Management - Privacy Privacy paradigms Privacy as Privacy as Privacy as confidentiality informational control transparency 17 17 CI607 Information Security Management - Privacy Privacy as confidentiality The privacy goal is to hide information from the adversary Technological approaches to hide both data and metadata Technological approaches to hinder the adversary’s ability to perform inferences using the data that cannot be hidden Explicit data The objective is to enable the use of services while minimising the amount of exposed information Metadata associated with the use of services (e.g. frequency of usage) 18 18 08/01/2025 CI607 Information Security Management - Privacy Cryptography based access control Focus on protecting the data through the use of cryptography Recipient is considered trusted, so protect data only in transit 2 adversarial models: Recipient is not trusted, so protect data both in transit and when processed 19 19 CI607 Information Security Management - Privacy Obfuscation based inference control The protocols discussed in the Such strong protection, however, previous section provide strong Techniques that are based on comes at the cost of efficiency and cryptographic guarantees regarding obfuscating the data to the adversary flexibility the confidentiality of data Instead, their goal is to provide a way However, they cannot completely to control the extent to which an conceal information adversary can make inferences about users’ sensitive information 20 20 08/01/2025 CI607 Information Security Management - Privacy Obfuscating techniques Anonymisation However, achieving full Anonymity is extremely difficult There may be many combinations of the information released in a dataset that are unique to an individual These are called quasi-identifiers Thus, anonymisation is commonly combined with the obfuscation techniques to limit the risk of re-identification k-Anonymity Generalisation Suppression Dummy addition Perturbation – Differential Privacy 21 21 CI607 Information Security Management - Privacy k-anonymity The concept of k-anonymity was first introduced by Latanya Sweeney and Pierangela Samarati in a paper published in 1998 The release of data is said to have the k-anonymity property if the information for each person contained in the release cannot be distinguished from at least k - 1 individuals whose information also appear in the release 22 22 08/01/2025 CI607 Information Security Management - Privacy Classification of Attributes Key attributes/identifiers An attribute that contains explicitly identity-revealing in- formation Name, address, phone number - uniquely identifying! Always removed before release 23 23 CI607 Information Security Management - Privacy Classification of Attributes Quasi-identifiers Attributes that contain information that may partially reveal identity through the linking of these quasi- identifiers with external data that share the same quasi-identifiers (5-digit ZIP code, birth date, gender) uniquely identify 87% of the population in the U.S. Can be used for linking anonymized dataset with other datasets 24 24 08/01/2025 Re-identification by Linking Microdata Voter registration data ID QID SA Name Zipcode Age Sex Name Zipcode Age Sex Disease Alice 47677 29 F Alice 47677 29 F Ovarian Cancer Betty 47602 22 F Ovarian Cancer Bob 47983 65 M Charles 47678 27 M Prostate Cancer Carol 47677 22 F David 47905 43 M Flu Dan 47532 23 M Emily 47909 52 F Heart Disease Fred 47906 47 M Heart Disease Ellen 46789 43 F CI607 Information Security Management - Privacy slide 25 25 K-Anonymity: Intuition The information for each person contained in the released table cannot be distinguished from at least k-1 individuals whose information also appears in the release Example: you try to identify a man in the released table, but the only information you have is his birth date and gender. There are k men in the table with the same birth date and gender. Any quasi-identifier present in the released table must appear in at least k records slide 26 26 08/01/2025 Generalization Goal of k-Anonymity Each record is indistinguishable from at least k-1 other records These k records form an equivalence class Generalization: replace quasi-identifiers with less specific, but semantically consistent values 476** 2* 47677 47602 47678 29 22 27 ZIP code Age slide 27 27 Achieving k-Anonymity Generalization Replace specific quasi-identifiers with less specific values until get k identical values Partition ordered-value domains into intervals Suppression When generalization causes too much information loss This is common with “outliers” * Male Female Sex slide 28 28 08/01/2025 Generalization in Action slide 29 29 Example of a k-Anonymous Table slide 30 30 08/01/2025 Example of Generalization (1) Released table External data Name Source Birth Gender ZIP Race Andre 1964 m 02135 White Beth 1964 f 55410 Black Carol 1964 f 90210 White Dan 1967 m 02174 White Ellen 1968 f 02237 White By linking these 2 tables, you still don’t learn Andre’s problem slide 31 31 Example of Generalization (2) Microdata Generalized table QID SA QID SA Zipcode Age Sex Disease Zipcode Age Sex Disease 47677 29 F Ovarian Cancer 476** 2* * Ovarian Cancer 47602 22 F Ovarian Cancer 476** 2* * Ovarian Cancer 47678 27 M Prostate Cancer 476** 2* * Prostate Cancer 47905 43 M Flu 4790* [43,52] * Flu !! 47909 52 F Heart Disease 4790* [43,52] * Heart Disease 47906 47 M Heart Disease 4790* [43,52] * Heart Disease Released table is 3-anonymous If the adversary knows Alice’s quasi-identifier (47677, 29, F), he still does not know which of the first 3 records corresponds to Alice’s record CI607 Information Security Management - Privacy slide 32 32 08/01/2025 Employment Policies and Practices Including InfoSec responsibilities in every employee’s job description can make an entire organization take InfoSec more seriously The following sections examine many aspects of human resources, including: Recruiting Hiring Firing Managing Releasing 33 Personnel Security Practices Two-person control - requires that two individuals review and approve each other’s work before the task is considered complete Separation of duties - information security principle that requires significant tasks to be split up in such a way as to require more than one individual for completion 34 08/01/2025 Personnel Security Practices (continued) Job rotation - requires that every employee be able to perform the work of at least one other employee Both of these ensure that no Task rotation - all critical one employee is performing tasks can be performed by actions that cannot be multiple individuals knowledgeably reviewed by another employee Mandatory vacation policy - Gives the organization a requires employees to take chance to review everyone’s at least one week of work vacation a year 35 35 Hiring Part 1 The CISO, in cooperation with the CIO and relevant InfoSec managers, should establish a dialogue with human resources personnel Job Descriptions - elements of the job description that describe access privileges should be omitted when advertising open positions Interviews - tours of facilities should avoid secure and restricted sites New Hire Orientation - new employees should receive an extensive InfoSec briefing 36 08/01/2025 Hiring Part 2 On-the-Job Security Training - periodic security awareness and training activities should be conducted Security Checks - background checks should be conducted before an offer is extended to any candidate, regardless of job level 37 Termination Issues When an employee leaves an organization: Employee’s access to the organization’s systems must be disabled Employee must return all removable media Employee’s hard drives must be secured File cabinet locks must be changed Office door locks must be changed Employee’s keycard access must be revoked Employee should be escorted from the premises, once business property has been returned 38 08/01/2025 39 39

CI607 Information Security Management Exam Revision PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue