16-A Flashcards
What is information security?
The practice of controlling access to data in any format, including computer data and paper records
Information security aims to ensure confidentiality, integrity, and availability (CIA triad) of the data.
Define the CIA triad in information security.
Confidentiality, Integrity, Availability
These are the three core properties that secure information should maintain.
What does confidentiality mean in the context of information security?
Certain information should only be known to certain people.
What is the meaning of integrity in information security?
Data is stored and transferred as intended, and any modification is authorized.
Explain availability in information security.
Information is accessible to those authorized to view or modify it.
How does cybersecurity differ from information security?
Cybersecurity specifically refers to controls that protect against attacks on computer storage and processing systems.
What is a vulnerability?
A weakness that could be accidentally triggered or intentionally exploited to cause a security breach.
Define a threat in the context of security.
The potential for someone or something to exploit a vulnerability and breach security.
What is risk in information security?
The likelihood and impact of a threat actor exercising a vulnerability.
What is a configuration baseline?
A set of recommendations for deploying a computer in a hardened configuration to minimize vulnerabilities.
What does the term ‘non-compliant system’ refer to?
A system that has drifted from its hardened configuration.
What is an unprotected system?
A system missing or improperly configuring at least one technical security control.
Define a software vulnerability.
A fault in design or code that can cause an application security system to be circumvented or cause the application to crash.
What is a zero-day vulnerability?
A vulnerability that is exploited before the developer knows about it or can release a patch.
What are unpatched systems?
Systems that have not been updated with OS and application patches.
What does BYOD stand for?
Bring Your Own Device.
What is social engineering?
Techniques that persuade or intimidate people into revealing confidential information.
Explain the concept of impersonation in social engineering.
Developing a pretext scenario to interact with an employee and gain their trust.
What is dumpster diving?
Combing through an organization’s garbage to find useful documents for an attack.
What is shoulder surfing?
Learning a password or PIN by watching the user type it.
Define tailgating in the context of security.
Entering a secure area without authorization by following someone who has access.
What is phishing?
Using social engineering techniques to make spoofed electronic communications seem authentic.
What distinguishes spear phishing from regular phishing?
Spear phishing targets specific individuals with personalized information to increase effectiveness.
What is whaling in cybersecurity?
An attack directed specifically against upper levels of management.
Define vishing.
Phishing conducted through voice channels like telephone or VoIP.
What is an evil twin attack?
Using a rogue wireless access point to harvest credentials from users.
What is footprinting?
An information-gathering threat where the attacker learns about the configuration of the network and security systems.
What is a spoofing threat?
An attack where the threat actor masquerades as a trusted user or computer.
Define an on-path attack.
A specific type of spoofing where the threat actor intercepts traffic between two hosts.
What is a denial of service (DoS) attack?
An attack that causes a service to fail or become unavailable to legitimate users.
What is a distributed denial of service (DDoS) attack?
A DoS attack launched from multiple compromised systems, known as a botnet.
What does DDoS stand for?
Distributed Denial of Service
DDoS attacks are launched from multiple compromised systems referred to as a botnet.
What is a botnet?
A network of compromised systems used to launch coordinated attacks
Botnets are established by compromising machines and installing bots on them.
What is the primary function of command & control (C&C) hosts in a DDoS attack?
To coordinate attacks using compromised devices
C&C hosts manage the botnet and direct the attack.
How can plaintext passwords be captured?
By obtaining a password file or sniffing unencrypted traffic
Unencrypted protocols make it easy for threat actors to intercept credentials.
What is a cryptographic hash?
A fixed-length string produced from a variable-length input using a one-way function
Hashing is used for secure storage of data where recovery of the original input is not needed.
What are two common techniques used by password cracking software?
- Dictionary attack
- Brute force attack
Dictionary attacks use common words, while brute force tries all combinations.
What is Cross-site Scripting (XSS)?
An attack that exploits input validation vulnerabilities in web applications
XSS allows attackers to inject malicious scripts that run in the client’s browser.
What distinguishes a nonpersistent XSS attack from a persistent XSS attack?
Nonpersistent XSS does not change server data, while persistent XSS does
Persistent XSS inserts code into a back-end database that affects other users.
What is SQL Injection?
An attack that modifies SQL queries to execute unauthorized commands
SQL injection can extract, insert, or alter data in a database.
What are the three principal types of cryptographic technology?
- Symmetric encryption
- Asymmetric encryption
- Cryptographic hashing
Each type serves different roles in securing data.
What is symmetric encryption?
A method that uses a single secret key for both encryption and decryption
Security risks arise if the key is lost or stolen.
What is asymmetric encryption?
A method that uses a key pair (private and public keys) for encryption and decryption
Only the linked key can reverse the operation performed by the other key.
What is the main drawback of asymmetric encryption?
A message cannot be larger than the key size
This limitation necessitates the use of symmetric encryption for larger messages.
What is a digital signature?
A cryptographic method that verifies the integrity and authenticity of a message
It involves hashing the message and encrypting the hash with a private key.
What is the purpose of key exchange?
To allow two hosts to share a symmetric encryption key securely
Key exchange uses asymmetric encryption to protect the exchange of the secret key.
Fill in the blank: A threat actor can capture a password hash transmitted during user authentication using an _______.
on-path attack
On-path attacks can intercept data as it travels across the network.
True or False: The level of risk from zero-day attacks is only significant with respect to EOL systems.
False
Zero-day vulnerabilities can affect any system, not just those that are end-of-life.
What type of attack involves sending a crafted email to steal credentials?
Phishing attack
This attack often uses social engineering to entice users to click on malicious links.
What is the difference between tailgating and shoulder surfing?
Tailgating is unauthorized entry following an authorized user, while shoulder surfing is observing someone entering sensitive information
Both are physical security threats but target different aspects of security.
What type of password cracking attack is a five-character password vulnerable to?
Brute force attack
Short and non-complex passwords can be cracked quickly using brute force techniques.
What type of cryptographic key is delivered in a digital certificate?
Public key
Digital certificates bind a public key to an entity, enabling secure communication.
