LO6 Flashcards Preview

Software Engineering > LO6 > Flashcards

Flashcards in LO6 Deck (7)
Loading flashcards...
1

What are the different sides of the McCumber Cube?

Safeguards
CIA
Asset State

2

What is CIA?

Confidentiality, Integrity and Availability.

Confidentiality - Keeps users data private

Integrity - Assurance the system preserves data

Availability - Assurance users can access resources

3

What are safeguards?

Policy and Practices - The controls an organisation puts in to ensure people mitigate risks

Human Factors - The training provided by an organisation to avoid risks such as viruses and social engineering tactics

Technology - The software and hardware solutions used to protect systems

4

What is Asset State?

Storage - Most valuable but easiest to protect as is in a hard drive, memory or an external device

Transmission - Data being moved between systems

Processing - The data is currently being used so considered vulnerable

5

What is an attack vector?

A path an attacker takes to access an asset.

6

Provide an example of an attack vector?

Phishing
Code injection
Malware

7

What does STRIDE stand for and what does each letter mean?

Spoofing - Pretending to be someone else

Tampering - Changing data in some manner

Repudiation - Hiding your tracks

Information Disclosure - Exposure of users data

Denial of Service - Target service availability i.e setting off a fire alarm to stop an exam

Elevation of Privilege - Finding a method of performing tasks that the user isn't authorised to do so.