IAS QUIZ 1 LESSON 1-2 QUIZ

Security

- “The quality or state of being secure – to be free from danger”

- To be protected from adversaries

Information Assurance (IA)

Digital Forensic and Cyber Security Center (DFCSC) defines IA as:

- Information assurance includes protection of the integrity, availability, authenticity, non-

repudiation, and confidentiality of user data.

Information Security (InfoSec)

- Practice of defending information from unauthorized access, use, disclosure, disruption,

modification, perusal, inspection, recording, or destruction.
- “well-informed sense of assurance that the information risks and controls are in balance” – Jim
Anderson, Inovant (2002)

History of Information Security

- Computer security began immediately after the first mainframes were developed
- Groups developing code-breaking computations during World War II created the first modern
computers
- Physical controls were needed to limit access to authorized personnel in sensitive military
locations
- Only rudimentary controls were available to defend against physical theft, espionage, and
sabotage

Study of Computer Security Begins

- Began with Rand Report R-609

- The scope of computer security grew from physical security to include
- Safety of the data
- Limiting unauthorized access to that data

The 1990s

- As networks of computers became more common, so did the need to interconnect the networks
- Internet, the first manifestation of a global network of networks
The Present

- Ability to secure each now influenced by the security on every computer to which it is
connected

Why do we need Information Security?

- The protection of information and its critical elements, including the systems and hardware that
use, store, and transmit that information
- The CIA triad embodies the three concepts of “fundamental security objects for both data,
information and computing services.”

The CIA Triad

Confidentiality

- Is about preventing the disclosure of data to unauthorized parties

Integrity

- Refers to protecting information from being modified by unauthorized parties

Availability

- Is making sure that authorized parties are able to access the information when needed

Critical Characteristics of Information

- The value of information comes from the characteristics it possesses.

- Availability
- Accuracy
- Authenticity
- Confidentiality
- Integrity
- Utility
- Possession

Balancing Security and Access

- Impossible to obtain perfect security – security is not absolute; it is a process

- Level of security must allow reasonable access, yet protect against threats
Asset

- Refers to any pieces of information, device, or some other parts related to them that support
business activities
- Should be put under strict security measures

List of Assets:

1. Customer Data
2. IT and Network Infrastructure
3. Intellectual Property
4. Finances and Financial Data
5. Service Availability and Productivity
6. Reputation

Protecting the Ability to Function

- Information security is a management or a people issue

Enabling Safe Operation

- Must create integrated, efficient, and capable applications

Protecting Data

- Without data, an organization loses its record of transactions and/or its ability to deliver value
to its customer

Safeguarding Technology Assets

- Must have secure infrastructure services based on the size and scope of the enterprise

Risk, Threats and Vulnerabilities

- Characteristic that describes something that needs to be taken care

Risk

- Probability that bad things will happen to a specific asset

Threat

- Defined as an object, person, or other entity that represents a constant danger to an asset

Vulnerability

- A weakness that may harm systems or networks

Acts of Human Error or Failure

- Employee mistakes can easily lead to:

 Revealing classified data
 Entry of erroneous data
 Accidental deletion or modification of data
 Storage of data in unprotected areas
 Failure to protect information

Internet Services Issues

- Can lead to a considerable loss in the availability of information

Physical and Environmental Threats

- Energy – electricity
- Equipment – mechanical or electronic component failure
- Fire and chemical – explosion, smoke, or industrial pollution
- Human – riot, war, terrorist attack, etc.
- Natural Disaster – earthquake, volcano, landslide, etc.
- Pandemic disease – bacteria or virus
- Weather – sandstorm, flood, etc.
Hackers

Expert hacker

- Develops software scripts and codes exploit

- Often create attack software and share with others

Script kiddies

- Limited skill
- Do not usually fully understand the systems they hack

Different types of Hackers

Black Hat Hackers

- Have advanced knowledge, can create malware that intends to gain access to the systems to
steal personal and financial assets

White Hat Hackers

- Hackers that being employ by big companies to work for them

Grey Hat Hackers

- Combinations of ethical and unethical hackers

Hackers/Crackers

- Cracker – “cracks” or removes protection designed to prevent unauthorized duplication

- Phreaker – hacks the public telephone network

Types of Active Threats

Brute-Force Password Attacks

- Attacker submitting many passwords or passphrases, hoping to guess correctly

Dictionary Password Attacks

- Is a form of brute force attack used for defeating a cipher or authentication mechanism
IP Addressing Spoofing

- Creation of IP packets with a false source of IP address to impersonate another computing

system

Hijacking

- When an intruder takes control of a session between a server and the client

Replay Attacks

- A network attack in which valid data transmission is maliciously or fraudulently repeated or

delayted

Man-In-The-Middle Attacks

- Type of eavesdropping attack, attackers interrupt an existing conversation or data transfer

Masquerading

- Uses a fake identity, to gain unauthorized access to personal computer information

Social Engineering

- Psychological manipulation of people into performing actions or divulging confidential

information

Phishing

- Attacker sends a fraudulent message designed to trick a human victim into revealing sensitive
information

Denial-of-service (DoS)

- Attacker sends a large number of connection or information requests to a target

Malicious Software (MalWare)

1. Causes damage
2. Escalates security privileges
3. Divulges private data
4. Modifies or deletes data
General Classification of Malware

Virus

- System or assets can be infected by virus

Worm

- Program that is self-contained. Duplicates and send itself to other hosts without any user
intervention. Does not need an application.

Trojan

- Malware that hides into a useful program. Collects sensitive information. Can actively upload
and download files.

Rootkit

- Applications get access to a machine unauthorized and hide their existence from other app

Spyware

- Targets confidential data.