LECTURE NOTE 1 Flashcards by Thembie Tembo

the immunity from any risk or danger that may have undesired outcome

security

How well did you know this?

Not at all

Perfectly

put in place to safeguard what is valuable from potential harm

security measures

How well did you know this?

Not at all

Perfectly

the ability to be able to look for and identify potential or actual compromise

security mindset

How well did you know this?

Not at all

Perfectly

refers to specifically the protection from computer systems and devices from threats such as unauthorized access, use, modification, or destruction; involves protecting the hardware, software, and data that make up a
computer system

computer security

How well did you know this?

Not at all

Perfectly

A term covering the protection of information and systems from threats like hacking, malware, theft, or hardware damage, ensuring the confidentiality, integrity, and availability of information throughout its lifecycle. includes the protection of all types of information
and information systems, not just computers

information security

How well did you know this?

Not at all

Perfectly

CIA Triad

fundamental concept/security model in information
security and stands for three core principles: confidentiality, integrity,
and availability

How well did you know this?

Not at all

Perfectly

Restricting access to systems and data to only authorized parties, protecting
sensitive information from unauthorized disclosure

confidentiality

How well did you know this?

Not at all

Perfectly

protecting data from unauthorized or improper modification, maintaining
the trustworthiness and accuracy of the information.

integrity

How well did you know this?

Not at all

Perfectly

Ensuring that systems and resources are accessible to authorized users when
needed, and that services are not denied to them, particularly during
emergencies or disasters.

availability

How well did you know this?

Not at all

Perfectly

What additional characteristics are important in modern information security?

Authenticity, Accountability, Non-repudiation, Reliability

How well did you know this?

Not at all

Perfectly

loss of confidentiality

the unauthorized disclosure of information.

How well did you know this?

Not at all

Perfectly

loss of integrity

the unauthorized modification or destruction of information

How well did you know this?

Not at all

Perfectly

loss of availability

the disruption of access to or use of information or
an information system

How well did you know this?

Not at all

Perfectly

informational self-determination

you get to control information about you

How well did you know this?

Not at all

Perfectly

the entire set of hardware, software data,
people, procedures, and networks that enable a business to use
information.

information system (IS)

How well did you know this?

Not at all

Perfectly

is the practice of
protecting information by mitigating information risks

information security

How well did you know this?

Not at all

Perfectly

things we might want to protect (anything of value)

asset

How well did you know this?

Not at all

Perfectly

the assets of a computer system

hardware, software, data, communcation facilities and networks

How well did you know this?

Not at all

Perfectly

weaknesses or gaps in the security system that could be
exploited to cause loss or harm

vulnerabilites

How well did you know this?

Not at all

Perfectly

example of loss of integrity

system can be corrupted, does the wrong thing or gives wrong answers

How well did you know this?

Not at all

Perfectly

example of loss of confidentiality

system can become leaky

How well did you know this?

Not at all

Perfectly

example of loss of availability

system can become unavailable or very slow

How well did you know this?

Not at all

Perfectly

potentials for vulnerabilities to turn into attacks on systems

threats

How well did you know this?

Not at all

Perfectly

an actions which exploits a vulnerability to execute a threat ( threats carried out ); lead to compromises ot security breaches

attacks

How well did you know this?

Not at all

Perfectly

Who is the entity that attacks or threatens a system?

Adversary, attacker, or malicious user—anyone who carries out an attack or poses a threat to a system

What is a hacktivist and what is their motivation?

Hacktivists are activists who attack systems to draw attention to a cause, inspire action, or drive social or political change

what type of attack is one that attempt to learn or make use of information from the system that does not affect system resources

passive attack

active attack

attempt to alter system resources or affect their operation

inside attack

initiated by entity with authorized access to system

outside attack

initiated by unauthorized user of system

risk

the likelihood that a threat will exploit a vulnerability to cause damage to an asset; example of a risk: - Financial losses - Loss of privacy - Damage to your reputation - Legal implications - Even loss of life

principle of easiest penetration

A security principle that states: - a system is only as secure as its weakest link, and - an attacker will often target the easiest point of entry in a system rather than the most obvious one.

principle of adequate protection

Using security measures that match the risk and value of the information or system. if something is worth spending money on

security vs. accessibility trade-off.

Balancing information security and access requires a balance between protection and availability.

name the five ways to defense of computer systems

cryptography, software controls, hardware controls, physical controls, policies and procedures

the practice of protecting data by converting it into an unreadable format (encryption) that can only be accessed by someone who has the proper decryption key

cryptography

common uses of cryptography

- Encryption: Protects data by making it unreadable to attackers. - Authentication: Uses digital signatures and SSL/TLS to verify identities and secure transactions. - Integrity: Uses MACs to detect unauthorized changes to data. - Privacy: Makes personal information unreadable after a set time.

Security measure that are used to protect computer systems and networks from unauthorized access and other types of threats

software controls

What are some common examples of software controls?

- Access control: Passwords, biometrics, user accounts, and permissions - Malware protection: Virus scanners - Development controls: Quality measures on source code - Network security: Personal firewalls monitoring traffic

security measure that use separate hardware devices to protect computer systems and networks

hardware controls

What are some common examples of hardware controls?

Biometric readers, smart tokens for one-time codes, hardware firewalls, and intrusion detection systems.

security measure that are designed to protect the hardware itself and prevent physical access to the console, storage media, and other critical components of a computer system or network

physical controls

What are some common examples of physical controls?

Locks, security guards, off-site backups, and location-based controls (e.g., avoiding disaster-prone areas).

a set of instructions that everyone in the organization follows to make sure everything stays secure.

security policy

it provides a systematic and comprehensive framework for organizations to address evolving security challenges by focusing on attacks, mechanisms, and services to protect data, systems, and networks

The (open systems interconnection -- osi) security architecture

Any action that aims to compromise the security of information owned by an organization

security attack

Methods designed to detect, prevent, or recover from security attacks.

Security Mechanism

common security mechanisms are as follows

- Cryptography - Message digests and digital signatures - Digital certificates - Public Key Infrastructure (PKI): A framework that manages digital keys and certificates, facilitating secure communication

security service

functionalities offered by security mechanisms to enhance the security of a system. can include authentication, access control, data confidentiality, data integrity, and non-repudiation

security services that organizations often utilize

- Authentication - Access Control - Data Confidentiality - Data Integrity - Non-repudiation - Availability

Used to assure the identity of the sender or creator of the data.

authentication

this service is used to authenticate the identity of other entities with which the system is communicating

peer entity authentication

this service is used to authenticate the origin of a message or data, to ensure that it was sent by the entity that it claims to be from.

data origin authentication

Used to prevent misuse of resources and ensure that only authorized users have access to the available resources.

.access control

allows the owner or administrator of a resource to decide who is allowed to access it.

Discretionary Access Control (DAC)

allows access based on the role of the user within the organization.

Role-based Access Control (RBAC)

the access is granted based on a set of predefined rules.

Mandatory Access Control (MAC)

the access is granted based on the attributes of the requestor, the resource, and the context in which the access request is made.

Attribute-based access control (ABAC)

Responsible for ensuring that the data is kept extremely safe from third-party intruders. important for maintaining the privacy and security of sensitive information,

data confidentiality

confidentiality services: used to protect data that is being transmitted between two parties, such as over a network or through the internet. This can include both passive and active protection measures, such as encryption, to prevent unauthorized access or eavesdropping.

protecting data in transit

confidentiality services: used to protect data that is stored on a device or system, such as on a HD or in a DB. This can include access controls, encryption, and backups to prevent unauthorized access or data loss

protecting data at rest

confidentiality services: used to protect the characteristics of the traffic flow, such as the source and destination, frequency, length and other characteristics of the traffic on a communication facility. This can include measures such as traffic padding and traffic encryption, to prevent an attacker from observing the traffic flow.

Protecting traffic flow from analysis

Ensure that the transmitted information received by the receiver is well- authenticated and there is no tampering with the information received

data integrity

used to ensure that the data integrity of a specific message, it uses a digital signature, or message authentication code (MAC) which provides a hash of the data and a secret key, and appending that to the message

Message integrity

Used to Prevent either sender or receiver of a transmitted message from denying that the message was sent or received

non-repudiation

System is accessible and usable on demand by authorized users according to intended goal

availability

Assure data received are exactly as sent by authorized entity (has not been altered)

data integrity

Protect data from unauthorized disclosure

data confidentiality

examples of passive attack

1. release message contents 2. traffic analysis (hard to detect, but easier to prevent ( usaully by encryption)

four categories fo active attack

1. Masquerade 2. Replay 3. Modification of messages 4. Denial of service Relatively hard to prevent (because it would require physical protection of all communications facilities and paths at all times), but easier to detect

the type of passive Attack that involves the intruder stealing all the message/data transmitted. Here, the information gathered by the intruder is stolen unethically.

message content

this type of passive Attack involves messages/data being encrypted before transmission. Here, the message being masked/encrypted the intruder can’t read the message but only understand the pattern and length of encryption.

masked traffic analysis

a type of active attack, the attacker tampers the information received by the receiver by claiming itself as the sender. Takes place when one entity pretends to be a different entity Usually includes one of the other forms of active attack. For example, authentication sequences can be captured and replayed after a valid authentication sequence has taken place

masquerade

a type of active attack, the attacker attacks the transmitted message through a passive channel and make the final message received by the receiver may appear to be authorized and safe Involves the passive capture of a previously transmitted message and replaying it to produce an unauthorized effect

replay

Some portion of a legitimate message is altered, or messages are delayed or reordered to produce an unauthorized effect

modification attack

is a type of active attack, the receiver is prevented from receiving the transmitted message as there is an overflow of requests to the receiver, which makes the services hampered from their usual behavior. Prevents/inhibits the normal use or management of communications facilities

denial of service (DOS)

This organization is focused on the development of security professionals and the certification of IT security professionals worldwide

The International Association of IT Security Professionals (ISC)

This organization is focused on the development of best practice guidelines and standards for IT security

The Center for Internet Security (CIS):

This organization is focused on the development of standards for protecting cardholder data for the payment card industry.

The Payment Card Industry Security Standards Council (PCI SSC):

This organization is focused on the development of best practice guidelines and standards for web application security.

The Open Web Application Security Project (OWASP)

This organization is focused on the development of standards for the Internet’s infrastructure and protocols.

The Internet Engineering Task Force (IETF)

LECTURE NOTE 1 Flashcards

(82 cards)