1.6 Cyber Security

Question 1

What is the aim of an information security system?

Answer 1

Confidentiality
Integrity
Availability
Non-repudiation

Question 2

What is risk a function of?

Answer 2

A - Asset Value
T - Threat Agent
V - Vulnerability

Question 3

What are the 3 types of security controls?

Answer 3

Administrative
Logical
Physical

Question 4

What are administrative controls?

Answer 4

Written policies, procedures, standards, and guidelines.

Question 5

What are logical controls

Answer 5

Use software and data to monitor and control access

Question 6

What are physical controls?

Answer 6

Control and monitor physical environment

Question 7

What are the factors of access control?

Answer 7

Identification - who are you
Authentification - prove you are who you say you are (like two factor authentification)
Authorization - what do you have access to

Question 8

What are 4 vulnerablities?

Answer 8

Network
Operating Systems
Applications
Physical

Question 9

Define Ciber Attack

Answer 9

Attempt to expose, alter, disable, destroy, steal, or gain access to an asset

Question 10

What are the 3 factors of a cyber attack?

Answer 10

Fear
Spectacularity
Vulnerability

Question 11

What is the unified kill chain?

Answer 11

Attacks follow the chain, an attacker must complete each step, defender must break the chain.

Question 12

What are the phases of the unified kill chain?

Answer 12

Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command and Control
Actions on Objectives

Question 13

Define Reconnaissance in the UKC

Answer 13

Gathering information about the target.

Eg. names, email, cameras, passkeys, etc.

Question 14

What is Open Port Scanning

Answer 14

Send out packets to lots of ports to try to map out a network

Question 15

What is OS Fingerprinting

Answer 15

A host response to some specifically crafted packets may reveal information about the OS.

Question 16

What is application scanning?

Answer 16

Scanning an application for vulnerabilities.

Common targets are web servers, mail servers, databases.

Question 17

What are 3 attack vectors of a cyber attack?

Answer 17

Users - people are the weakest link
Corporate Services
Internet Services

Question 18

What must the payload do?

Answer 18

Install itself
Bypass defences
Reinitialize on start
Hide
Recieve Commands
Phones Home

Question 19

What is the Priviledge ring of escalating privileges?

Answer 19

Kernel - most
Device drivers
Applications - least

Question 20

What does Lateral Movement mean

Answer 20

Spreading through the network

Question 21

What are the 3 Cyber Attack categories

Answer 21

Active vs Passive
Insider vs Outsider
Syntactic vs Semantic

Question 22

What is an active attack

Answer 22

Attacker takes action on the system.

DoS, Man in the Middle

Question 23

What is a passive cyber attack?

Answer 23

Attacker pmonitors the system to gain information on the system. No direct action is taken.

Wire tapping, port scanning, keystroke logging

Question 24

What is a syntactic attack?

Answer 24

designed to disrupt or damage

Question 25

What is a semantic attack

Answer 25

Cause the computer system to reproduce errors and unpredictable results

Question 26

What is a virus?

Answer 26

Syntactic Attack Program that replicates itself when executed. Infects **a single computer.** Inserts its own code. Eg. Infector, Macro, Overwrite

Question 27

What is a worm?

Answer 27

Syntactic attack Replicates itself to spread and infect computers on a **network** Eg. Mydoom

Question 28

What is a Trojan?

Answer 28

Misleads users of its true intent to gain access.

Question 29

What are the 3 factors to categorize a cyber event?

Answer 29

Scope Magnitude Duration

Question 30

What is a cyber event?

Answer 30

An incident that involves the potential compromize of a computer network

Question 31

What is Tempest?

Answer 31

A NATO security certification granted to equipment related to its emanations, including EM, electrical signals, sounds, and vibrations.

Question 32

Describe Tempest Level 3

Answer 32

Most relaxed. 100m free-space atentuation or equivalent. Below deck usually meets requirement. Used in NATO Zone 2. Commercial equipment typically meets this.

Question 33

Describe Tempest Level 2

Answer 33

Slightly relaxed. NATO Zone 1 environments. 20m of free-space attentuation or equivalent. Requires filtering on power and signal lines entering.

Question 34

Describe Tempest Level 1

Answer 34

Most stringent. NATO Zone 0. Bridge is Zone 0 when alongside.