1.6 Cyber Security Flashcards
What is the aim of an information security system?
Confidentiality
Integrity
Availability
Non-repudiation
What is risk a function of?
A - Asset Value
T - Threat Agent
V - Vulnerability
What are the 3 types of security controls?
Administrative
Logical
Physical
What are administrative controls?
Written policies, procedures, standards, and guidelines.
What are logical controls
Use software and data to monitor and control access
What are physical controls?
Control and monitor physical environment
What are the factors of access control?
Identification - who are you
Authentification - prove you are who you say you are (like two factor authentification)
Authorization - what do you have access to
What are 4 vulnerablities?
Network
Operating Systems
Applications
Physical
Define Ciber Attack
Attempt to expose, alter, disable, destroy, steal, or gain access to an asset
What are the 3 factors of a cyber attack?
Fear
Spectacularity
Vulnerability
What is the unified kill chain?
Attacks follow the chain, an attacker must complete each step, defender must break the chain.
What are the phases of the unified kill chain?
Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command and Control
Actions on Objectives
Define Reconnaissance in the UKC
Gathering information about the target.
Eg. names, email, cameras, passkeys, etc.
What is Open Port Scanning
Send out packets to lots of ports to try to map out a network
What is OS Fingerprinting
A host response to some specifically crafted packets may reveal information about the OS.
What is application scanning?
Scanning an application for vulnerabilities.
Common targets are web servers, mail servers, databases.
What are 3 attack vectors of a cyber attack?
Users - people are the weakest link
Corporate Services
Internet Services
What must the payload do?
Install itself
Bypass defences
Reinitialize on start
Hide
Recieve Commands
Phones Home
What is the Priviledge ring of escalating privileges?
Kernel - most
Device drivers
Applications - least
What does Lateral Movement mean
Spreading through the network
What are the 3 Cyber Attack categories
Active vs Passive
Insider vs Outsider
Syntactic vs Semantic
What is an active attack
Attacker takes action on the system.
DoS, Man in the Middle
What is a passive cyber attack?
Attacker pmonitors the system to gain information on the system. No direct action is taken.
Wire tapping, port scanning, keystroke logging
What is a syntactic attack?
designed to disrupt or damage