module 20 Flashcards
What does it mean if a system is completely secure.
No one has access to it and it’s therefore unstable.
What does CIA stand for?
Confidentiality, Integrity, and Availability.
(CIA) This means the information should only be know to authorized users.
confidentiality
(CIA) This means that the information is stored and transferred as intended and that any modification is authorized.
integrity.
(CIA) This means that the information is accessible to those authorized to view or modify it.
availability
We’ve gone over “active” security threats. What is a “passive” security threat?
A screw up or oversight on my part.
Confidentiality concerns are made up of 3 categories. (Snooping, Eavesdropping/wiretapping, and social engineering/ dumpster diving). Which of the 3 is being described below?
This is any attempt to get access to information on a host or storage device (data at rest) that you are not authorized to view. An attacker might steal a password or find an unlocked workstation with a logged-on user account, or they might install some sort of spyware on the host.
snooping
Confidentiality concerns are made up of 3 categories. (Snooping, Eavesdropping/wiretapping, and social engineering/ dumpster diving). Which of the 3 is being described below?
This is snooping on data or telephone conversations as they pass over the network. Snooping on traffic passing over a network is also often called sniffing. It can be relatively easy for an attacker to “tap” a wired network or intercept unencrypted wireless transmissions. Networks can use segmentation and encryption to protect data in-transit.
eavesdropping/ wiretapping
Confidentiality concerns are made up of 3 categories. (Snooping, Eavesdropping/wiretapping, and social engineering/ dumpster diving). Which of the 3 is being described below?
This means getting users to reveal information or finding printed information. We’ll discuss this topic in more detail later in this unit.
Social engineering/dumpster diving
Integrity concerns is comprised of 3 categories (On-path attack, replay, and impersonation). Which of the 3 is being described below?
A host sits between two communicating nodes, and transparently monitors, captures, and relays all communications between them. This type of attack may be able to change the messages exchanged between a sender and receiver without them realizing. To protect against this, senders and receivers must authenticate themselves and use encryption to validate messages.
on-path attack
Integrity concerns is comprised of 3 categories (On-path attack, replay, and impersonation). Which of the 3 is being described below?
Where a host captures another host’s response to some server and replays that response in an effort to gain unauthorized access. These attacks often involve exploiting an access token generated by an application. The application needs to use encryption and time-stamping to ensure that the tokens cannot be misused.
replay
Integrity concerns is comprised of 3 categories (On-path attack, replay, and impersonation). Which of the 3 is being described below?
A common attack is where a person will attempt to figure out a password or other credentials to gain access to a host. The attacker can then hijack the authorizations allocated to the account and generally masquerade as that user. There are numerous ways to perform these types of attacks, but an obvious one is to capture password packets in transit and work out which bit the password is. Many vendors have addressed this issue, to some extent, by encrypting the password packets. But the encryption systems used are not strong enough, and various utilities are available that allow users to break even encrypted password packets through brute force, given enough time.
impersonation
What does DoS stand for?
Denial of Service
What does DDoS stand for?
Distributed Denial of Service
What does UPS stand for?
Uninterrupted Power Supply
Availability concerns are compromised of 5 categories (Denial of Service [DoS], Power outage, Hardware failure, Destruction, and Service outage). Which of the 5 categories is being described below?
Any situation where an attacker targets the availability of a service. This type of attack might tamper with a system or try to overload it in some way. On the web, another variant of this attack uses hosts compromised with bot malware to launch a coordinated attack against a web service. The size of the botnet determines how easily the attacker can overwhelm the service.
DoS Denial of Service
Availability concerns are compromised of 5 categories (Denial of Service [DoS], Power outage, Hardware failure, Destruction, and Service outage). Which of the 5 categories is being described below?
If you lose power, then clearly your computers cannot run. Using standby power can help mitigate this issue. It’s also common for data corruption to occur when a computer is turned off rather than being shut down. Using an Uninterruptible Power Supply (UPS) can provide a means to safely close down a server if building power is interrupted.
power outage
Availability concerns are compromised of 5 categories (Denial of Service [DoS], Power outage, Hardware failure, Destruction, and Service outage). Which of the 5 categories is being described below?
If a component in a server fails, then the server often fails. A hard disk contains moving parts and will eventually fail. If a disk fails, you will likely lose access to the data on the failed disk and quite possibly lose the data. You can compensate against this type of threat by provisioning redundant components and servers. The service is then configured to failover to a working component or server without interruption.
hardware failure
Availability concerns are compromised of 5 categories (Denial of Service [DoS], Power outage, Hardware failure, Destruction, and Service outage). Which of the 5 categories is being described below?
The loss of service through this threat can occur for a number of reasons. At one extreme, you might lose a data center through a fire or even an act of terrorism. At the other end of the spectrum, you might lose access to a server when a person accidentally spills coffee on a server or a malicious person deliberately smashes a computer. Either way, putting your servers in a physically secure room and controlling access to that room can help protect against these issues.
destruction
Availability concerns are compromised of 5 categories (Denial of Service [DoS], Power outage, Hardware failure, Destruction, and Service outage). Which of the 5 categories is being described below?
Many organizations use online, cloud-based apps and services these days. You need to consider how third-party service failures may affect your data processing systems. When you decide which cloud provider to use, consider the options they provide for service availability and fault tolerance.
service outage
There are three types of “access control” discussed in COMPTIA itf+. (authentication, authorization, and accounting). Which of these are being described below?
One or more methods of proving that a user is who they say they are and associates that person with a unique computer or network user account.
authentication
There are three types of “access control” discussed in COMPTIA itf+. (authentication, authorization, and accounting). Which of these are being described below?
Creating one or more barriers around the resource such that only authenticated users can gain access. Each resource has a permissions list specifying what users can do. Resources often have different access levels, for example, being able to read a file or being able to read and edit it.
authorization
There are three types of “access control” discussed in COMPTIA itf+. (authentication, authorization, and accounting). Which of these are being described below?
Recording when and by whom a resource was accessed.
accounting
What refers to means of getting users to reveal confidentiality information or obtaining unauthorized physical access to a resource.
social engineering
