2. Understand Security Concepts

Question 1

What does CIA mean?

Answer 1

• Confidentiality
• Integrity
• Availability

Question 2

What is the definition of confidentiality?

Answer 2

Confidentiality - “Keeping good data away from bad actors”.

For confidentiality to be maintained in a network, data must be protected at rest, in use and on the wire.

Violations of Confidentiality can come from ANYWHERE, at ANY TIME… bad decisions on the part of users, administrators and customers can all lead to a violation. Also, remember that security policies that are not implemented properly can lead to potential confidentiality violations.

Possible countermeasures include:
- Encryption
- Traffic padding
- Strict access controls/authentication
- Data classificatkon
- Awareness training

Question 3

What are Confidentiality countermeasures?

Answer 3

• Encryption
• Traffic padding
• Strict access controls/authentication
• Data classification
• Awareness training

Question 4

What does Integrity mean?

Answer 4

Integrity -“ Change control for data - no authorised modification without knowledge and consent of the data owner.”

Three ways in which we can understand Integrity:
1. Preventing unauhorised subjects from making modifications
2. Preventing authorised subjects from making unauthorised modifications
3. Maintaining consistency of objects so that they are true and accurate

Possible countermeasures include:
a. Strict access controls/authentication
b. IDS - Intrusion Detection System
c. Encryption
d. Hashing
e. Interface restrictions / controls
f. Input / function checks (validation)

Question 5

What is traffic padding?

Answer 5

Traffic padding is a technique used i network security to add extra data to packets in order to make it more difficult for an observer to determine the actua size or timing of the packets being transmitted.
** (extra information) This can help to obscure the true nature of the network and make it harder for attackers to analyse or exploit the network. The purpose of traffic padding is to increase the security & privacy of network communications by making it more challenging for unauthorised parties to intercept, aalie, or manipulate the traffic.

Question 6

TRUE or FALSE: Confidentiality & Interity depend on each other. One is not effective without the other.

Answer 6

TRUE

Question 7

What are the 5 different concepts linked to confidentiality?

Answer 7

1. sensitivity
2. discretion
3. criticallity
4. concealment
5. isolation

Question 8

What are the 4 different additional concepts linked to Integrity?

Answer 8

1. Accuracy
2. Authenticity
3. Validity
4. Nonreudiation - user cannot deny aving performed an action

Question 9

What does availability mean?

Answer 9

Avalability is the continuous access to objects and data.
**(extra) Authorised subjects can access objeccs i a timely mmnner without interruption.

Question 10

What are the 5 different countermeasures for availability?

Answer 10

1. Strict access controls / authentication
2. Continuous montoring
3. Firewalls & routers to prevent DoS / DoS attacks
4. Redundant system design
5. Periodic testing of backup systems