Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CYB2200 - L2
Basic Security Concepts
| Question | Answer |
|---|---|
| Computer Security | is the protection of the items you value (called the assets of a computer system) |
| Computer System | Hardware, Software, Data |
| Assets of a information system (computer system) | hardware, software, data |
| hardware | computer, devices (disk drives, memory, printers), network gear |
| software | operating systems, utilities (antivirus), commercial applications (word processing, photo editing), individual applications |
| data | documents, photos, music, videos, email, class projects |
| Security Goals | CIA Triad |
| C in CIA | Confidentiality |
| Confidentiality | the ability of a system to ensure that an asset is viewed only by authorized parties |
| Integrity | the ability of a system to ensure that an asset is modified only by authorized parties |
| I in CIA | Integrity |
| Availability | the ability of a system to ensure that an asset can be used by any authorized parties |
| A in CIA | Availability |
| Computer security seeks to | prevent unauthorized viewing (confidentiality) or modification (integrity) of data while preserving access (availability) |
| vulnerability | a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source |
| threat | to a computing system is a set of circumstances that has the potential to cause loss or harm |
| harm | negative consequence of an actualized threat |
| risk | possibility for harm to occur |
| exploit | is a piece of software, a chunk of data, or a sequence of commands that take advantage of a vulnerability to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic |
| attack | A human who exploits a vulnerability perpetrates this on the system |
| Control | prevents threats from exercising vulnerabilities. |
| countermeasure | prevents threats from exercising vulnerabilities. |
| An attack is | an attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity |
| attack can be classified into what groups | passive attack, active attack, insider attack, outsider attack |
| Passive attack | attempt to collect, learn or use the information from a system, does not affect the system |
| Active attack | attempt to alter system resources or change their operations |
| Insider attack | attacks initiate by an insider who is authorized to access system resources |
| Outsider attack | attacks initiate by an outsider, usually an unauthorized user of the target system |
| control does | prevents threats from exercising vulnerabilities |
| countermeasure does | prevents threats from exercising vulnerabilities |
| controls | prevent, deter, deflect, mitigate, detect, recover |
| describe prevent it as a control | by blocking the attack or closing the vulnerability |
| describe deter it as a control | by making the attack harder but not impossible. |
| describe deflect it as a control | by making another target more attractive |
| describe mitigate it as a control | by making its impact less severe |
| describe detect it as a control | either as it happens or sometime after the fact |
| describe recover it as a control | from its effects |
| the basis of computer security is | controlled access |
| what does it mean by controlled access | Someone is authorized to take some action on something |
| how do we determine who someone is | identification and authentication |
| Identification | is the act of asserting who a person is |
| Identity | The set of physical and behavioral characteristics by which an individual is uniquely recognizable |
| Identities can be | pubic or well known or predictable |
| what is used as identities | Email address, Student ID, employee ID |
| Authentication | is the act of proving that asserted identity. |
| Authentication should be | private and well protected |
| authentication mechanisms are based on | Something the user has, Something the user knows, Something the user is |
| describe something the user has | A physical object in your possession. Passport, identity badges, physical keys, driver’s license |
| describe something the user knows | Passwords, DoB, PIN, SSN |
| describe something the user is | Based on a physical characteristic of the human body. Fingerprints, retina, etc |
| Multifactor authentication | Authentication using two or more factors to achieve authentication. |
| what are the factors used in multifactor authentication | (i) something you know (e.g. password/PIN); (ii) something you have (e.g., cryptographic identification device, token); or (iii) something you are (e.g., biometric) |
| examples of multifactor authentication | duo , withdraw money from ATM |
| what is the most common thing used for authentication on information systems. | Password |
| describe the aspects of access control | subject, object, access right |
| access control | A subject is permitted to access an object in a particular mode, and only such authorized accesses are allowed |
| Subjects | human users. |
| Objects | are things on which an action can be performed. |
| examples of objects | files, tables, users |
| Access mode | are any controllable actions |
| Access mode example | owrx |
| access control policy | indicates what types of access are permitted, under what circumstances, and by whom |
| Authorization | the process of determining whether a user on the system is permitted to perform a specific operation |
| Authentication establishes | who a user is |
| authorization determines | what that user is permitted to do. |
| Software development life cycle | SDLC |
| Software development life cycle | describes phases of the software development cycle and the order in which those phases are executed |
| Each phase in the SDLC produces | deliverables required by the next phase in the life cycle |
| when should be security be considered in the software development life cycle | Security should be considered as early as possible – from the planning phase. |
| SDLC phase 1 | Planning |
| SDLC phase 2 | Analysis |
| SDLC phase 3 | Design |
| SDLC phase 4 | Implementation |
| SDLC phase 5 | Testing and Integration |
| SDLC phase 6 | Maintence |
| Software bugs | are errors, flaws, mistakes, or oversights in programs that result in unexpected and typically undesirable behaviors |
| Software vulnerabilities | are specific flaws or oversights in a piece of software that allows attackers to do something malicious |
| software vulnerabilities malicious attacks | expose or alter sensitive information, disrupt or destroy a system, or take control of a computer system or program |
| Malware | Malicious Software |
| Malware | is software that has a malicious intent |
| Robust Programming | A style of programming that prevents abnormal termination or unexpected actions. |
| how to do robust programming | Handles bad input gracefully, Detects internal errors and handles them gracefully. |
| what is the philosophy of secure programming | 1. remember what you have learned in programming classes 2. defensive programming 3. understanding the environment in which your program will be used 4. understand the procedures under which people will use your program |
| explain why remembering what you have learned in programming class is used as a core philosophy of secure programming | check user input, check bounds, assume an error will occur and handle it properly. use adversary thinking and acknowledge that people make mistakes |
| Adversary thinking | What could someone deliberately do to compromise your program? |
| People make mistakes | What could someone unintentionally do to compromise your program |
| explain why Defensive Programming is used as a core philosophy of secure programming | input validation, type checking, cover all cases (use defaults to handle cases not explicitly covered), catch and handle exceptions at the lowest level possible |
| explain why Understand the environment in which your program will be used is used as a core philosophy of secure programming | Programs interact with people and with the system |
| explain why Understand the procedures under which people will use your program is used as a core philosophy of secure programming | The best program if installed incorrectly can compromise the system. The best program if configured incorrectly can also cause problems. |
| how do we manage software vulnerabilities | * Design and implement systems to avoid them. • Analyze and test systems to find them. • Add mitigation techniques to address them. |
| COMPUTER SECURITY | is the protection of the items you value, called the assets of an information system |
| CONFIDENTIALITY, INTEGRITY AND AVAILABILITY CIA TRIAD | are the three basic security objectives. |
| COMPUTER SECURITY | Computer security seeks to prevent unauthorized viewing (confidentiality) or modification (integrity) of data while preserving access (availability) |
| DEFINTIONS VULNERABILITY | a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source |
| DEFINTIONS THREAT | to a computing system is a set of circumstances that has the potential to cause loss or harm |
| DEFINITION CONTROL/COUNTERMEASURE | prevents threats from exercising vulnerabilities. |
| DEFINTION HARM | negative consequence of an actualized threat |
| DEFINTION RISK | possibility for harm to occur |
| DEFINITION ATTACK | A human who exploits a vulnerability perpetrates this on the system; an attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity |
Created by:
user-1830624
Popular Computers sets