2. Understand Security Concepts Flashcards
What does CIA mean?
- Confidentiality
- Integrity
- Availability
What is the definition of confidentiality?
Confidentiality - “Keeping good data away from bad actors”.
For confidentiality to be maintained in a network, data must be protected at rest, in use and on the wire.
Violations of Confidentiality can come from ANYWHERE, at ANY TIME… bad decisions on the part of users, administrators and customers can all lead to a violation. Also, remember that security policies that are not implemented properly can lead to potential confidentiality violations.
Possible countermeasures include:
- Encryption
- Traffic padding
- Strict access controls/authentication
- Data classificatkon
- Awareness training
What are Confidentiality countermeasures?
- Encryption
- Traffic padding
- Strict access controls/authentication
- Data classification
- Awareness training
What does Integrity mean?
Integrity -“ Change control for data - no authorised modification without knowledge and consent of the data owner.”
Three ways in which we can understand Integrity:
1. Preventing unauhorised subjects from making modifications
2. Preventing authorised subjects from making unauthorised modifications
3. Maintaining consistency of objects so that they are true and accurate
Possible countermeasures include:
a. Strict access controls/authentication
b. IDS - Intrusion Detection System
c. Encryption
d. Hashing
e. Interface restrictions / controls
f. Input / function checks (validation)
What is traffic padding?
Traffic padding is a technique used i network security to add extra data to packets in order to make it more difficult for an observer to determine the actua size or timing of the packets being transmitted.
** (extra information) This can help to obscure the true nature of the network and make it harder for attackers to analyse or exploit the network. The purpose of traffic padding is to increase the security & privacy of network communications by making it more challenging for unauthorised parties to intercept, aalie, or manipulate the traffic.
TRUE or FALSE: Confidentiality & Interity depend on each other. One is not effective without the other.
TRUE
What are the 5 different concepts linked to confidentiality?
- sensitivity
- discretion
- criticallity
- concealment/ ocultación
- isolation/aislamiento
What are the 4 different additional concepts linked to Integrity?
- Accuracy
- Authenticity
- Validity
- Nonrpeudiation - user cannot deny having performed an action
What does availability mean?
Avalability is the continuous access to objects and data.
**(extra) Authorised subjects can access objects in a timely manner without interruption.
What are the 5 different countermeasures for availability?
- Strict access controls / authentication
- Continuous montoring
- Firewalls & routers to prevent DoS / DoS attacks
- Redundant system design
- Periodic testing of backup systems
The financial services company that Susan works for provides a web portal for its users. When users need to verify their identity, the company uses information from third‐party sources to ask questions based on their past credit reports, such as “Which of the following streets did you live on in 2007?” What process is Susan’s organization using?
A. Identity proofing
B. Password verification
C. Authenticating with Type 2 authentication factor
D. Out‐of‐band identity proofing
A. Identity proofing
Explanation
Verifying information that an individual should know about themselves using third‐party factual information (a Type 1 authentication factor) is sometimes known as dynamic knowledge‐based authentication and is a type of identity proofing. Out‐of‐band identity proofing would use another means of contacting the user, such as a text message or phone call, and password verification requires a password.
What access control scheme labels subjects and objects and allows subjects to access objects when the labels match?
A. DAC
B. MAC
C. Rule‐based access control (RBAC)
D. Role‐based access control (RBAC)
B. MAC
Explanation
Mandatory access control (MAC) applies labels to subjects and objects and allows subjects to access objects when their labels match. Discretionary access control (DAC) is controlled by the owner of objects, rule‐based access control applies rules throughout a system, and role‐based access control bases rights on roles, which are often handled as groups of users.
Which one of the following activities is an example of an authorization process?
A. User providing a password
B. User passing a facial recognition check
C. System logging user activity
D. System consulting an access control list
D. System consulting an access control list
Explanation
Authorization occurs when a system determines whether an authenticated user is permitted to perform an activity, such as by consulting an access control list. Authentication occurs when a user proves his or her identity to a system, such as by providing a password or completing a facial recognition scan. When a system logs user activity, this is an example of accounting.
What type of token‐based authentication system uses a challenge/response process in which the challenge must be entered on the token?
A. Asynchronous
B. Smart card
C. Synchronous
D. RFID
A. Asynchronous
Explanation
Asynchronous tokens use a challenge/response process in which the system sends a challenge and the user responds with a PIN and a calculated response to the challenge. The server performs the same calculations, and if both match, it authenticates the user. Synchronous tokens use a time‐based calculation to generate codes. Smart cards are paired with readers and don’t need to have challenges entered, and RFID devices are not used for challenge/response tokens.
