Ch2 - 2.03 - Understanding Security Principles & Terminologies

Question 1

List Types of Security

Answer 1

1. Physical Security
2. Communication Security
3. Computer Security
4. Network Security

Question 2

List Some Important Security Principles - p1

Answer 2

1. Separation of Duties
   Separation of duties means that you ensure that all critical tasks are broken down into different processes and that each process is performed by a different employee
2. Least Privilege
   Least privilege means that you give a user only the minimum level of permissions needed to perform their tasks or duties.
3. Rotation of Duties
   Rotation of duties is the principle of rotating multiple employees through different job roles.
   Rotation of duties offers multiple benefits.
   First, it is a way to ensure accountability for employee actions.
   The other benefit of rotation of duties is that the organization does not depend on one person being the only person able to perform a job role.

Question 3

List Some Important Security Principles - p2

Answer 3

4. Concept of Need-to-know
   Need to know means that you give employees access only to information that they need to know about.
5. Layered Security and Diversity of Defense
   Layered security is the concept of not putting all of your eggs in one basket by relying on one type of security solution to create a secure environment.
   Diversity of defense is the concept that you should use different products to increase the level of security in your environment
6. Due Care and Due Diligence
   Due care is the concept of doing the right thing. When it relates to security, due care is about implementing the correct security controls to ensure the protection of the organization’s assets.
   Due diligence is about identifying your risk so that you know what security controls to put in place (due care). Due diligence involves performing regular assessments and analyzing the assessment results to identify security issues in the environment.

Question 4

Vulnerability and Exploit

Answer 4

A vulnerability is a weakness in a piece of software or hardware that was created by the manufacturer by accident. Hackers spend quite a bit of time evaluating new software and hardware to try to locate vulnerabilities. Once the hackers find a weakness, they work on a way to exploit the weakness and compromise the system security.

Question 5

Reasons for Vulnerabilities

Answer 5

1. End-of-life systems
2. Embedded systems
3. Lack of vendor support

Question 6

Types of Vulnerabilities

Answer 6

1. Use of open-source intelligence
2. Race conditions
3. Improper input handling
4. Improper error handling
5. Misconfiguration/weak configuration
6. Default configuration
7. Resource exhaustion
8. Untrained users
9. Improperly configured accounts
10. Vulnerable business processes
11. Weak cipher suites and implementations
12. Memory/buffer vulnerability
    12a. Memory leak
    12b. Integer overflow
    12c. Buffer overflow
    12d. Pointer dereference
    12e. DLL injection
13. System sprawl/undocumented assets
14. Architecture/design weaknesses
15. New threats/zero day
16. Improper certificate and key management

Question 7

List Threat Actors

Answer 7

1. White-hat hacker
2. Black-hat hacker
3. Gray-hat hacker
   A gray-hat hacker is a person who figures out
   vulnerabilities in a product or web site, and how to exploit them, but instead of hacking into the systems themselves they disclose the information to the public. The gray-hat hacker may give the vendor some notice before disclosing the information in order to give the vendor a chance to correct the problem.

Question 8

List Types of Actors

Answer 8

1. Script kiddies
2. Hacktivists
3. Organized crime
4. Nation states/APT
5. Insiders
6. Competitors

Question 9

Name Attributes of Actors

Answer 9

1. Internal/external
2. Level of sophistication
3. Resources/funding
4. Intent/motivation