Flashcards in Module 5 - Security Concerns Deck (18)
What are the three properties of secure information?
Confidentiality, Integrity, and Availability (the CIA Triad)
What is security?
The practice of controlling access to something (a resource)
List three confidentiality concerns in the context of security.
3. Social engineering/Dumpster Diving
If someone attempts to get access to information or a host or storage device (data at rest) that they are not authorized to view (e.g., by stealing password, using an unlocked workstation, or installing spyware), breaking confidentiality, what is this called?
What is it called when someone snoops on data or telephone conversations as they pass over the network? Also what is another name for it?
Eavesdropping/wiretapping. Also called sniffing.
How can networks protect data in transit from eavesdropping/wiretapping (sniffing)?
Segmentation and encryption
What is it called when someone gets users to reveal secure information or finds vulnerable printed information, sometimes posing as IT professionals or technical support?
Social engineering/dumpster diving
What are some passive threats to security?
Copying data to an unsecure storage location or attaching the wrong file to an email
What are three types of integrity attacks that threaten security?
1. Man in the Middle
What is the security concern dealing with information being known only to authorized users?
What is the security concern that protects information being stored and transferred as intended and not being modified without authorization?
What is the security concern that ensures that information is accessible to those authorized to view or modify it?
What is it called when a host sits between two communicating notes and transparently monitors, captures, and relays all communication between them? The attacker may change messages between a sender and receiver without the team’s knowledge.
What policies/processes can be used to protect against an MitM attack?
Authentication of users and encryption to validate messages
When a host captures another host’s response to some server and replays that response to gain authorized access, what is it called? This may involve exploiting an access token generated by software.
How can an encryption protect against replay?
With encryption and timestamping so that tokens cannot be misused
What is a common attack where someone attempts to figure out a password or other credentials to gain access to a host through, for example, interception of password packets or brute force?