5. Security

Question 1

What is Confidentiality?

Answer 1

prevention of the disclosure of information to

unauthorized individuals or systems

Question 2

What is Integrity?

Answer 2

maintenance and assurance of the accuracy and consistency of data over its entire life-cycle

Question 3

What is Availability?

Answer 3

Ensuring timely and readily access to and use of information

Question 4

What is Authenticity?

Answer 4

making sure data, transactions, communications are genuine

Question 5

What is Non-Repudiation?

Answer 5

the maker of a statement will not be able to successfully challenge the validity of the statement or contract

Question 6

What is Enforcement?

Answer 6

Methods like cryptography and access control are ways to enforce

Question 7

Breaches of Security can be…

Answer 7

• Intentional
• Accidental
• Internal
• External

Question 8

Parts of the system that can be vulnerable include…

Answer 8

• communications
• storage
• software (bugs can destroy availability or allow unauthorised access to
other software, hardware or data)
• hardware (failures)

Question 9

Name 6 Communications attacks

Answer 9

1- Eavesdropping: obtaining copies without authority
2- Masquerading: - sending and receiving messages using the identity of another person
3- Message tampering - intercepting messages and altering their contents before passing them on
4- Relaying: storing intercepted messages and sending them at a later date
5- Denial of service (DoS): flooding a channel or a specific machine with messages
6- Distributed DoS - TCP SYN attack

Question 10

What are three reasons why Digital Signatures are good?

Answer 10

• Authentic
• Unforgeable
• Non-repudiable