Lecture 0: 17th September 2019 Flashcards
Introduction
What does computer security aim to protect?
Physical hardware, data/info, networks, and software
What is a threat?
A circumstance with the potential to cause harm to a system, such as a human attack or natural disaster.
What is a vulnerability?
A weakness in a system that an attacker may seek to exploit.
What is a threat agent?
An attacker who may seek to exploit a threat in a system, which causes an increase to risk.
How does people’s decision making change with respect to gains and losses?
People will choose a smaller but certain gain over a larger but uncertain one, but will choose a larger but uncertain loss over a smaller and certain loss.
What is the basic protection model from ISO?
- Prevent: lock out unauthorised users
- Detect: discover when an intrusion has been made or an asset is missing
- React: recover from the attack
What is the CIA triad?
CIA:
- Confidentiality (= privacy = secrecy) = controlling who can access info
- Integrity = controlling who can modify info
- Availability = controlling who can access info
What are the 6 main aims of security with respect to information?
- Confidentiality (= privacy = secrecy) = controlling who can access info
- Integrity = controlling who can modify info
- Availability = controlling who can access info
- Authenticity = Assurance that a message, transaction, or other exchange of information is from the source it claims to be from.
- Accountability = Every individual who works with an information system should have specific responsibilities for information assurance, and their responsibilities and work should be traceable to them.
- Reliability = The reliability (trustworthiness and quality) of information.
What are the 4 fundamental types of threats to a system?
- Interruption: This type of attack is due to the obstruction of any kind during the communication process between one or more systems. So the systems which are used become unusable after this attack by the unauthorized users which results in the wastage of systems.
- Interception: Confidentiality plays an important role in this type of attack. The data or message which is sent by the sender is intercepted by an unauthorized individual where the message will be changed to the different form or it will be used by the individual for their malicious intent. So the confidentiality of the message is lost in this type of attack.
- Modification: As the name indicates the message which is sent by the sender is modified and sent to the destination by an unauthorized user. The integrity of the message is lost by this type of attack. The receiver cannot receive the exact message which is sent by the source which results in the poor performance of the network.
- Fabrication: In this type of attack a fake message is inserted into the network by an unauthorized user as if it is a valid user. This results in the loss of confidentiality, authenticity and integrity of the message.
How can we define computer security?
Computer Security is protecting one’s (computer) assets from harm. This includes software, hardware, and data, and is done through controls and countermeasures after considering threats and vulnerabilities. These include technical measures as well as user education.
What are the steps of the NIST cybersecurity framework?
- Identify
- Protect
- Detect
- Respond
- Recover
What are the 4 principles of computer security?
- Principle of Easiest Penetration: An intruder must be expected to attempt any available means of penetration and the one that succeeds may not be the obvious one.
- Principle of Adequate Protection: Computer items must be protected until they lose their value and they must be protected to a degree consistent with their value.
- Principle of Weakest Link: Security is as strong as the weakest link
- Principle of Effectiveness: Controls must be used, be appropriate and be applied properly
