Security Functions/Countermeasures Flashcards
(23 cards)
What is security in the context of information protection?
Security is the means to protect information in storage and transit, ensuring integrity, reliability, availability, and authorization.
What do integrity and reliability mean for data security?
Integrity ensures data is received in the same state it was sent. Reliability means you can trust the data’s integrity, regardless of transmission method or medium.
What are availability and authorization in data security?
Availability ensures data is reliably accessible when needed. Authorization ensures data is protected from unauthorized access.
What constitutes an attack on information security?
An attack violates security, integrity, or availability of data. It can be caused by hackers, poorly trained users making errors, or equipment failure.
What is a denial of access attack?
A type of attack that makes data unavailable to authorized users.
What is an information asset?
An information asset is a valuable data resource, such as a database record or file server.
Which security functions are open to attacks?
Identification and authentication, access control, accountability, and object reuse.
What is the role of identification and authentication in security?
These functions identify a user or group on a system to verify their legitimacy.
What does access control do in a security system?
Access control defines and controls a user’s access rights to objects, ensuring only authorized access.
What is accountability in security systems?
Accountability tracks security-relevant actions to monitor and record user activities.
What is object reuse, and what risks does it pose?
Object reuse allows an OS to efficiently reuse resources like memory or storage. Risks include malicious users scavenging data from un-cleared space (disk, memory, registers), leading to data leakage.
What is magnetic remanence, and why is it a security threat?
Magnetic remanence is the threat of restoring previously recorded data from magnetic media, potentially exposing sensitive information.
What are accuracy and element accuracy in security?
Accuracy ensures information assets remain secure from tampering. Element accuracy ensures only correct values are written into database tables.
What is reliability of service in the context of information security?
Information is available on demand, with software (e.g., DBMS) running for long periods without failure, ensuring reliable data access.
What is the avoidance countermeasure, and how is it applied?
Avoidance uses security measures like firewalls to completely avoid threats to assets.
What is the transfer countermeasure, and how does it work?
Transfer applies measures like goat (sacrificial) files to divert threats away from critical assets.
How does the reduction of threat countermeasure function?
Applies measures like a UPS to reduce the threat itself, allowing graceful shutdown of systems like file servers.
What is the reduction of vulnerability countermeasure?
Applies measures like system patches, temporary workarounds, or server redundancy to reduce an asset’s vulnerability to threats.
What is real-time detection, and how is it implemented?
Uses measures like memory-resident antivirus software to detect and interdict threats (e.g., viruses) as they occur.
What is non-real-time detection in security?
Uses measures like virus scanning software to detect threats (e.g., infected executables) after they have occurred.
How does the reduction of impact countermeasure work?
Applies measures like periodical autosave to minimize the impact of a successful threat on an asset.
What is real-time recovery, and how is it applied?
Uses measures like RAID (mirrored) or duplexed drives to recover assets as a threat is realized.
What is non-real-time recovery in security?
Uses measures like backups to recover assets at a later time after a threat has occurred.
