Slides from Hell

Question 1

What is computer security?

Answer 1

Protection of computer systems from theft or damage.
This covers the hardware, software, and data stored on the system.

Misdirection and disruption of the services that the systems provide can also be counted as “damage”.

Question 2

How is the protection of computer systems achieved?

Answer 2

Includes but is not limited to:

1. Controlling physical access to the hardware.
2. Controlling malpractice by users, whether intentional or unintentional, such as accidental damage or being mislead by a malicious third party.
3. Protecting against outside threats such as attacks on the network e.g code injection.

Question 3

What is the CIA triad?

Answer 3

The triad involving the three key properties of computer security:

1. Confidentiality (only authorised users can access private data)
2. Integrity (Data should be kept authentic, accurate and reliable)
3. Availability (Data is easily accessible)

Good systems must strike a balance between these factors, but achieving one of them normally comes at the cost of others.

Question 4

What is authentication?

Answer 4

Determining if someone is who they say they are.

Question 5

What is non-repudiation?

Answer 5

The inability to refute responsibility.

Not much use knowing a malicious act happened if you didn’t record who did it - keep track of who is causing damage so you can blame it on them later.

Question 6

What is a threat?

Answer 6

A potential negative action or event that has the potential to harm a computer system.

Question 7

What is a vulnerability?

Answer 7

A weakness in an IT system that can be exploited by a threat to deliver a successful attack.

Question 8

What is “Risk”?

Answer 8

The potential for loss or damage when a threat exploits a vulnerability.

So: Risk = Threat * Vulnerability

“Risk” is what security programmers attempt to eliminate.

Question 9

Why are computer systems valuable targets?

Answer 9

They often contain sensitive material which is in turn worth a lot of money.

This could be protected health information, intellectual property, governmental systems ect..

Someone would either pay for this data, or pay for it to not be public knowledge.

Question 10

What costs are associated with the effects of cybercrime?

Answer 10

Economic Cost - Theft of intellectual property, repairing damaged hardware.

Reputational Cost - Loss of consumer trust, poor media coverage.

Regulatory Cost - Cost of GDPR fines ect..

Question 11

What are the risks of allow data input online?

Answer 11

1. Data can be unknown, untrusted, and insecure, and may be malicious. Nothing can be trusted.
2. Text input allows malicious parties to enter malicious code that can run on your system.
3. Its difficult to detect and/or identify malicious users attempting to damage web apps.
4. Improper handling of data and/or not checking inputted data is a leading cause of critical vulnerabilities in todays webapps and systems.

Question 12

What is an injection attack?

Answer 12

Attacker supplies untrusted bad input to application.
Input gets processed and affects system in negative manner.
Oldest and dangerous method of attack.
Can lead to:
Data theft and loss, data integrity loss, DoS, system compromise.

Question 13

What are examples of injection attacks?

Answer 13

1. Cross-Site Scripting (XSS)
2. SQL Injection
3. Buffer Overflow

Question 14

What is Cross-Site Scripting (XSS)

Answer 14

Attacker uses compromised webapp to send users their malicious code which often gives them access to session cookies which can be used to steal their identity.

Question 15

What is SQL Injection?

Answer 15

Attacker sends SQL through text input which can return sensitive data from the DB and can also allow them to commit operations or drop the whole DB.