1.6 Cyber Security Flashcards

1
Q

What is the aim of an information security system?

A

Confidentiality
Integrity
Availability
Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is risk a function of?

A

A - Asset Value
T - Threat Agent
V - Vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the 3 types of security controls?

A

Administrative
Logical
Physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are administrative controls?

A

Written policies, procedures, standards, and guidelines.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are logical controls

A

Use software and data to monitor and control access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are physical controls?

A

Control and monitor physical environment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the factors of access control?

A

Identification - who are you
Authentification - prove you are who you say you are (like two factor authentification)
Authorization - what do you have access to

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are 4 vulnerablities?

A

Network
Operating Systems
Applications
Physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Define Ciber Attack

A

Attempt to expose, alter, disable, destroy, steal, or gain access to an asset

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the 3 factors of a cyber attack?

A

Fear
Spectacularity
Vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the unified kill chain?

A

Attacks follow the chain, an attacker must complete each step, defender must break the chain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the phases of the unified kill chain?

A

Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command and Control
Actions on Objectives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Define Reconnaissance in the UKC

A

Gathering information about the target.

Eg. names, email, cameras, passkeys, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is Open Port Scanning

A

Send out packets to lots of ports to try to map out a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is OS Fingerprinting

A

A host response to some specifically crafted packets may reveal information about the OS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is application scanning?

A

Scanning an application for vulnerabilities.

Common targets are web servers, mail servers, databases.

17
Q

What are 3 attack vectors of a cyber attack?

A

Users - people are the weakest link
Corporate Services
Internet Services

18
Q

What must the payload do?

A

Install itself
Bypass defences
Reinitialize on start
Hide
Recieve Commands
Phones Home

19
Q

What is the Priviledge ring of escalating privileges?

A

Kernel - most
Device drivers
Applications - least

20
Q

What does Lateral Movement mean

A

Spreading through the network

21
Q

What are the 3 Cyber Attack categories

A

Active vs Passive
Insider vs Outsider
Syntactic vs Semantic

22
Q

What is an active attack

A

Attacker takes action on the system.

DoS, Man in the Middle

23
Q

What is a passive cyber attack?

A

Attacker pmonitors the system to gain information on the system. No direct action is taken.

Wire tapping, port scanning, keystroke logging

24
Q

What is a syntactic attack?

A

designed to disrupt or damage

25
What is a semantic attack
Cause the computer system to reproduce errors and unpredictable results
26
What is a virus?
Syntactic Attack Program that replicates itself when executed. Infects **a single computer.** Inserts its own code. Eg. Infector, Macro, Overwrite
27
What is a worm?
Syntactic attack Replicates itself to spread and infect computers on a **network** Eg. Mydoom
28
What is a Trojan?
Misleads users of its true intent to gain access.
29
What are the 3 factors to categorize a cyber event?
Scope Magnitude Duration
30
What is a cyber event?
An incident that involves the potential compromize of a computer network
31
What is Tempest?
A NATO security certification granted to equipment related to its emanations, including EM, electrical signals, sounds, and vibrations.
32
Describe Tempest Level 3
Most relaxed. 100m free-space atentuation or equivalent. Below deck usually meets requirement. Used in NATO Zone 2. Commercial equipment typically meets this.
33
Describe Tempest Level 2
Slightly relaxed. NATO Zone 1 environments. 20m of free-space attentuation or equivalent. Requires filtering on power and signal lines entering.
34
Describe Tempest Level 1
Most stringent. NATO Zone 0. Bridge is Zone 0 when alongside.