Ch1 Flashcards
Define Confidentiality
principle that objects are not disclosed to unauthorized subjects
Attacks on Confidentiality
- capture network traffic
- steal pwd files
- social engineering
- port scanning
- shoulder surfing
- eavesdropping
- sniffing
Countermeasures for Confidentiality
- encryption
- network traffic padding
- strict access control
- rigorous authentication
- data classification
- personnel training
Define Integrity
principle that objects retain their veracity and are intentionally modified by only authorized subjects
Attacks on Integrity
- virus
- logic bombs
- unauthorized access
- coding errors
- malicious modifications
- intentional replacement
- back doors
Countermeasures for Integrity
- strict access control
- rigorous authentication
- IDS
- Encryption
- Hash verification
Does Confidentiality & Integrity depend on each other
Yes - can’t maintain one without the other
Define Availability
principle that authorized subjects are granted timely and uninterrupted access to objects
Attacks on Availability
- device failures
- software errors
- environmental issues
- DOS
- object destruction
- communication interruption
Countermeasures for Availability
- intermediary delivery system
- effectively using access controls
- monitoring performance
- monitoring network traffic
- using firewalls/routers to prevent DOS
- implementing redundant systems
- maintain backup systems
Define Security Governance
collection of practices related to supporting, defining & directing the security efforts of an organization
define Abstraction
- used to collect similar elements into groups, classes or roles that are assigned security controls, restrictions or permissions as a collective
- adds efficiency to carrying out a security plan
COBIT (Control Objectives for Information and Related Technologies
security concept/guidelines used to organize complex security solutions of companies
Threat modeling
- security process where potential threats are identified, categorized and analyzed
- can be performed proactively during design and development
- can be performed re-actively once a product has been deployed
Name 3 Threat Modeling approaches
- focus on Assets
- focus on Attackers
- focus on Software
STRIDE
- threat categorization scheme developed by Microsoft
- used assess threats against applications or operating systems
- Spoofing
- Tampering
- Repudiation
- Information Disclosure
- DOS
- Elevation of Privilege
Threat Modeling - Reduction Analysis
- decomposing the application, system, or environment
Identify 5 key processes for Threat modeling - Reduction Analysis
- Trust Boundaries
- Data Flow paths
- Input points
- Privileged Operations
- Details about Security Stance & Approach
What can be used to rate/rank threats
- Probability x Damage Potential
- high/medium/low rating
- DREAD system
DREAD
- Damage potential
- Reproducibility
- Exploitability
- Affected users
- Discoverability
primary objective of Data Classification
formalize and stratify the process of securing data based on assigned labels of importance and sensitivity
