Lecture 1

Question 1

What is Computer Security according to NISTIR 7298?

Answer 1

Measures and controls that ensure confidentiality integrity and availability of information processed and stored by a computer including hardware software firmware information data and telecommunications.

Question 2

What is Confidentiality?

Answer 2

Preserving authorized restrictions on information access and disclosure including means for protecting privacy and information

Question 3

What is Integrity?

Answer 3

Guarding against improper information modification or destruction including ensuring information nonrepudiation and authenticity

Question 4

What is Availability?

Answer 4

Ensuring timely and reliable access to and use of information

Question 5

What is Authenticity?

Answer 5

Ensuring trustworthiness and confidence in the source of information

Question 6

What is Accountability?

Answer 6

Allowing to trace actions to the actual originator supporting non-repudiation deterrence intrusion detection and prevention and legal action

Question 7

What is Low Impact?

Answer 7

The loss could be expected to have a limited adverse effect on organizational operations organizational assets or individuals

Question 8

What is Moderate Impact?

Answer 8

The loss could be expected to have a serious adverse effect on organizational operations organizational assets or individuals

Question 9

What is High Impact?

Answer 9

The loss could be expected to have a severe or catastrophic adverse effect on organizational operations organizational assets or individuals

Question 10

What is a key challenge in Computer Security?

Answer 10

Attackers only need to find a single weakness while the designer must find and eliminate all weaknesses to achieve perfect security

Question 11

What is a common perception problem in Computer Security?

Answer 11

There is a natural tendency on the part of users and system managers to perceive little benefit from security investment until a security failure occurs

Question 12

What type of monitoring is required for security?

Answer 12

Security requires regular and constant monitoring

Question 13

What is an adversary threat agent?

Answer 13

Individual group organization or government that conducts or has the intent to conduct detrimental activities.

Question 14

What is an attack?

Answer 14

Any kind of malicious activity that attempts to collect disrupt deny degrade or destroy information system resources or the information itself.

Question 15

What is a countermeasure?

Answer 15

A device or technique that has as its objective the impairment of the operational effectiveness of undesirable or adversarial activity or the prevention of espionage sabotage theft or unauthorized access to or use of sensitive information or information systems.

Question 16

What is risk?

Answer 16

A measure of the extent to which an entity is threatened by a potential circumstance or event and typically a function of 1 the adverse impacts that would arise if the circumstance or event occurs and 2 the likelihood of occurrence.

Question 17

What is a security policy?

Answer 17

A set of criteria for the provision of security services. It defines and constrains the activities of a data processing facility in order to maintain a condition of security for systems and data.

Question 18

What is a system resource asset?

Answer 18

A major application general support system high impact program physical plant mission critical system personnel equipment or a logically related group of systems.

Question 19

What is a threat?

Answer 19

Any circumstance or event with the potential to adversely impact organizational operations including mission functions image or reputation organizational assets individuals other organizations or the Nation through an information system via unauthorized access destruction disclosure modification of information andor denial of service.

Question 20

What is a vulnerability?

Answer 20

Weakness in an information system system security procedures internal controls or implementation that could be exploited or triggered by a threat source.

Question 21

What is hardware in computer systems?

Answer 21

Devices and equipment you use in your environment

Question 22

What is software in computer systems?

Answer 22

Code you run in any instance in your environment

Question 23

What is data in computer systems?

Answer 23

Any information that you collect process create log

Question 24

What are communication facilities and networks in computer systems?

Answer 24

The infrastructure that allows devices and users to cooperate in any digital form

Question 25

What does corrupted mean?

Answer 25

loss of integrity

Question 26

What does leaky mean?

Answer 26

loss of confidentiality

Question 27

What does unavailable or very slow mean?

Answer 27

loss of availability

Question 28

What are attacks?

Answer 28

threats carried out

Question 29

What is an active attack?

Answer 29

attempt to alter system resources or affect their operation

Question 30

What is a passive attack?

Answer 30

attempt to learn or make use of system information that does not affect system resources

Question 31

What is an insider attack?

Answer 31

initiated from the inside

Question 32

What is a Passive Attack?

Answer 32

Attempts to learn or make use of information from the system but it does not affect system resources. Eavesdropping on or monitoring of transmissions. Goal of attacker is to obtain information that is being transmitted. Two types: Release of message contents Traffic analysis.

Question 33

What is an Active Attack?

Answer 33

Attempts to alter system resources or affect their operation. Involve some modification of the data stream or the creation of a false stream. Four categories: Replay Masquerade Modification of messages Denial of service.

Question 34

What are Countermeasures?

Answer 34

Means used to deal with security attacks: Prevent Detect Recover. May itself introduce new vulnerabilities. Residual vulnerabilities may remain. Goal is to minimize residual level of risk to the assets.

Question 35

What is NIST?

Answer 35

U.S. federal agency that deals with measurement science standards and technology related to U.S. government use and to the promotion of U.S. private sector innovation.

Question 36

What is ISO?

Answer 36

A nongovernmental organization to achieve international agreements published as International Standards.

Question 37

What is Access Control?

Answer 37

Limit information system access to authorized users and processes.

Question 38

What is Awareness and Training?

Answer 38

Ensure that personnel are aware of security risks associated with their activities and of the applicable laws regulations and internal policies. Ensure that personnel are adequately trained.

Question 39

What is Audit and Accountability?

Answer 39

Keep audit records to enable monitoring analysis investigation and reporting of unlawful.

Question 40

What are some security requirements?

Answer 40

Uniquely traced accountability contingency planning identification and authentication incident response and maintenance.

Question 41

What are the elements of contingency planning?

Answer 41

Establish maintain and implement plans for emergency response backup operations and post-disaster recovery to ensure availability of critical resources

Question 42

What does incident response include?

Answer 42

Preparation detection analysis containment recovery and user-response activities. Also tracking documenting and reporting incidents to organization officials and/or authorities.

Question 43

What does security requirements maintenance involve?

Answer 43

Performing periodic and timely maintenance on organization systems and providing effective controls on tools techniques mechanisms and personnel used for system maintenance

Question 44

What are the three types of attack surfaces?

Answer 44

Network attack surface software attack surface and human attack surface.

Question 45

What are the four aspects required for security policy implementation?

Answer 45

Prevention detection response and recovery.

Question 46

What are the fundamental security design principles?

Answer 46

Economy of mechanism fail-safe defaults complete mediation open design separation of privilege least privilege least common mechanism psychological acceptability isolation encapsulation modularity layering and least astonishment.