Chapter 1 Flashcards
The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications).
a. Data Integrity
b. Availability
c. Computer Security
d. Privacy
c. Computer Security
Assures that private or confidential information is not made available or disclosed to unauthorized individuals.
a. Data Integrity
b. Data Confidentiality
c. System Integrity
d. Accountability
b. Data Confidentiality
Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.
a. Privacy
b. Integrity
c. Availability
d. Computer Security
a. Privacy
Assures that information and programs are changed only in a specified and authorized manner.
a. Availability
b. Privacy
c. Data Integrity
d. Availability
c. Data Integrity
Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.
a. System Integrity
b. Privacy
c. Security Policy
d. Data Confidentiality
a. System integrity
Assures that systems work promptly and service is not denied to authorized users.
a. Computer Security
b. Data Confidentiality
c. Data Integrity
d. Availability
d. Availability
What is the CIA triad.These are the fundamental security objectives for both data and for information and computing services.
a. Communication, Interception, and Accountability
b. Confidentiality, Integrity, and Availability
c. Confidentiality, Interception, and Accountability
d. Communication, Integrity, and Availability
b. Confidentiality, Integrity, and Availability
Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. A loss of ____ is the unauthorized disclosure of information.
a. Data Integrity
b. Confidentiality
c. Availability
d. Communication
b. Confidentiality
Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity. a loss of ____ is the unauthorized modification or destruction of information.
a. Integrity
b. Availability
c. Confidentiality
d. Authenticity
a.Integrity
Ensuring timely and reliable access to and use of information. A loss of ___ is the disruption of access to or use of information or an information system.
a. Authenticity
b. Integrity
c. Availability
d. Confidentiality
c. Availability
The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. This means verifying their users are who they say they are and that each input arriving at the system came from a trusted source.
a. Accountability
b. Authenticity
c. Availability
b. Authenticity
The security tool that generates the requirement for actions of an entity to be traced uniquely to that entity. this supports nonrepudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action. Because truly secure systems aren’t yet an achievable goal, we must be able to trace a security breach to a responsible party. Systems must keep records of their activities to permit later forensic analysis to trace security breaches or to aid in transaction disputes.
a. Accountability
b. Availability
c. Authenticity
a. Accountability
Including computer systems and other data processing, data storage, and data communications devices
a. Software
b. Hardware
c. Data
b. Hardware
Including the operating system, system utilities, and applications.
a. Software
b. Hardware
c. Data
a. Software
Including files and databases, as well as security-related data, such as password files.
a. Software
b. Hardware
c. Data
c. Data
An entity that attacks, or is a threat to, a system
a. Adversary
b. Keylogger
c. Eavesdropping
d. Exploiting
a. Adversary (Threat Agent)
an assault on system security that derives from an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.
a. Threat
b. Vulnerability
c. Attack
d. Corruption
c. Attack
An action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken.
a. Countermeasure
b. Security Policy
c. Interception
d. Vulnerability
a. Countermeasure
An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability with a particular harmful result.
a. Attack
b. Misuse
c. obstruction
d. Risk
d. Risk
A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.
a. System Resource
b. Security Policy
c. Denial Of Service
b. Security Policy
Data contained in an information system; or a service provided by a system; or a system capability, such as processing power or communication bandwidth; or an item of system equipment (i.e., a system component - hardware, firmware, software, or documentation); or a facility that houses system operations and equipment.
a. encryption
b. OSI security architecture
c. System Resource
d. Threat
c. System Resource (Asset)
A potential for violation of security, which exists when there is a circumstance, capability, action, or event, that could breach security and cause harm. That is, a ___ is a possible danger that might exploit a vulnerability.
a. Threat
b. Attack
c. Risk
d. Corruption
a.Threat
A flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy.
a. Corruption
b. Vulnerability
c. Threat
d. System Resource
b. Vulnerability
When the computer system is ______ it does the wrong thing or gives wrong answers. for example, stored data values may differ from what they should be because they have been improperly modified. This is a vulnerability of the system.
a. Leaky
b. Corrupted
c. Unavailable
b. Corrupted
A computer system is ____ when someone who should not have access to some or all of the information available through the network obtains such access. This is a Vulnerability of the system
a. Leaky
b. Corrupted
c. Unavailable
a. Leaky
Another Vulnerability of a computer system is when it becomes ____. its when using the system or network becomes impossible or impractical.
a. Leaky
b. Corrupted
c. Unavailable
c. Unavailable
An attempt to alter system resources or affect their operation.
a. Passive Attack
b. Inside Attack
c. Active Attack
d. Outside Attack
c. Active Attack
An attempt to learn or make use of information from the system that does not affect system resources.
a. Passive Attack
b. Inside Attack
c. Active Attack
d. Outside Attack
a. Passive Attack
Initiated by an entity inside the security perimeter. the ____ is authorized to access system resources but uses them in a way not approved by those who granted the authorization.
a. Passive Attack
b. Inside Attack
c. Active Attack
d. Outside Attack
b. Inside Attack
Initiated from outside the perimeter, by an unauthorized or illegitimate user of the system. On the internet, potential _____ range from amateur pranksters to organized criminals, international terrorists, and hostile governments.
a. Passive Attack
b. Inside Attack
c. Active Attack
d. Outside Attack
d. Outside Attack
This results from the threat of unauthorized disclosure. is can be deliberate, as when an insider intentionally releases sensitive information, such as credit card numbers, to an outsider. it can also be the result of a human, hardware, or software error, which results in an entity gaining unauthorized knowledge of sensitive data.
a. Inference
b. Exposure
c. Interception
d. Intrusion
b. Exposure
This results from the threat of unauthorized disclosure. It is a common attack in the context of communications. On a shared LAN, such as a wireless LAN or a broadcast Ethernet, any device attached to the LAN can receive a copy of packets intended for another device. On the Internet, a determined hacker can gain access to e-mail traffic and other data transfers.
a. Inference
b. Exposure
c. Interception
d. Intrusion
c. Interception
This results from the threat of unauthorized disclosure. An example of _____ is known as traffic analysis, in which an
adversary is able to gain information from observing the pattern of traffic on
a network, such as the amount of traffic between particular pairs of hosts on
the network. Another example is the ______ of detailed information from
a database by a user who has only limited access; this is accomplished by
repeated queries whose combined results enable inference.
a. Inference
b. Exposure
c. Interception
d. Deception
a. Inference
This results from the threat of unauthorized disclosure. An unauthorized entity gains access to sensitive data by circumventing a system’s security protections.
a. Inference
b. Exposure
c. Interception
d. Intrusion
d. Intrusion
an attempt by an unauthorized
user to gain access to a system by posing as an authorized user; this could
happen if the unauthorized user has learned another user’s logon ID and
password. Another example is malicious logic, such as a Trojan horse, that
appears to perform a useful or desirable function but actually gains unauthorized
access to system resources or tricks a user into executing other malicious
logic.
a. Falsification
b. Masquerade
c. Repudiation
d. Intrusion
b. Masquerade
to the altering or replacing of valid data or the introduction
of false data into a file or database. For example, a student may alter
his or her grades on a school database.
a. Falsification
b. Masquerade
c. Repudiation
d. Intrusion
a. Falsification
, a user either denies sending data or a user denies
receiving or possessing the data. An entity deceives another by falsely denying responsibility for an act.
a. Falsification
b. Masquerade
c. Repudiation
d. Intrusion
c. Repudiation
A circumstance or event that may result in an authorized entity receiving false data and believing it to be true.
a. Deception
b. Unauthorized Disclosure
c. Disruption
d. Usurpation
a. Deception
A circumstance or event whereby an entity gains access to data for which the entity is not authorized.
a. Deception
b. Unauthorized Disclosure
c. Disruption
d. Usurpation
b. Unauthorized Disclosure
A circumstance or event that interrupts or prevents the correct operation of system services and functions.
a. Deception
b. Unauthorized Disclosure
c. Disruption
d. Usurpation
c. Disruption
A circumstance or event that results in control of system services or functions by an unauthorized entity.
a. Deception
b. Unauthorized Disclosure
c. Disruption
d. Usurpation
d. Usurpation
Prevents or interrupts system operation by disabling a system component.
a. Obstruction
b. Corruption
c. Falsification
d. Incapacitation
d. Incapacitation
This is an attack on system availability. This could occur as a
result of physical destruction of or damage to system hardware. More typically,
malicious software, such as Trojan horses, viruses, or worms, could operate in
such a way as to disable a system or some of its services.
Undesirably alters system operation by adversely modifying system functions or data.
a. Obstruction
b. Corruption
c. Falsification
d. Incapacitation
b. Corruption
This is an attack on system integrity. Malicious software in this
context could operate in such a way that system resources or services function
in an unintended manner. Or a user could gain unauthorized access to a system
and modify some of its functions. An example of the latter is a user placing
backdoor logic in the system to provide subsequent access to a system and its
resources by other than the usual procedure.
A threat action that interrupts delivery of system services by hindering system operation.
a. Obstruction
b. Corruption
c. Incapacitation
a. Obstruction: One way to obstruct system operation is to interfere with communications
by disabling communication links or altering communication
control information. Another way is to overload the system by placing excess
burden on communication traffic or processing resources.
An entity assumes unauthorized logical or physical control of a system resource.
a. Misuse
b. Masquerade
c. Misappropriation
d. Inference
c. Misappropriation
This can include theft of service. An example is a distributed
denial of service attack, when malicious software is installed on a number of hosts
to be used as platforms to launch traffic at a target host. In this case, the malicious
software makes unauthorized use of processor and operating system resources.
Causes a system component to perform a function or service that is detrimental to system security.
a. Misuse
b. Masquerade
c. Misappropriation
d. Inference
a. Misuse
Misuse can occur by means of either malicious logic or a hacker that
has gained unauthorized access to a system. In either case, security functions
can be disabled or thwarted.
What are the assets of a computer system?
Hardware, Software, Data, and Communication Lines and Networks.
_____is the most vulnerable to attack and the least susceptible to automated controls.
a. Hardware
b. Software
c. Data
d. Communication Lines
a. Hardware
A major threat to computer system hardware is the threat to
availability. Hardware is the most vulnerable to attack and the least susceptible to
automated controls. Threats include accidental and deliberate damage to equipment
as well as theft. The proliferation of personal computers and workstations and the
widespread use of LANs increase the potential for losses in this area. Theft of
CD-ROMs and DVDs can lead to loss of confidentiality. Physical and administrative
security measures are needed to deal with these threats.
A key threat to software is an attack on ______
a. Confidentiality
b. Integrity
c. Availability
c. Availability
programs are deleted, denying access to users. . Software, especially
application software, is often easy to delete. Software can also be altered or
damaged to render it useless. Careful software configuration management, which
includes making backups of the most recent version of software, can maintain high
availability.
A more difficult problem to deal with is software modification that
results in a program that still functions but that behaves differently than before,
which is a threat to ________
a. Confidentiality
b. Integrity
c. Availability
b. Integrity/authenticity
Computer viruses and related attacks fall
into this category.
Unauthorized copy of software is a threat to ______
a. Confidentiality
b. Integrity
c. Availability
a. Confidentiality
A confidentiality problem is protection against software piracy. Although
certain countermeasures are available, by and large the problem of unauthorized
copying of software has not been solved.
Attempt to learn or make use of information from the system but does not affect system resources.
a. Passive Attacks
b. Active Attacks
a. Passive Attack
Passive attacks are in the nature of eavesdropping on, or monitoring of,
transmissions. The goal of the attacker is to obtain information that is being transmitted.
Two types of passive attacks are release of message contents and traffic
analysis.
What are two types of passive attacks?
- Release of message contents
2. Traffic Analysis
_____involve modification of the data stream
a. Passive Attack
b. Active Attack
b. Active Attack
Active attacks involve some modification of the data stream or the creation
of a false stream and can be subdivided into four categories: replay, masquerade,
modification of messages, and denial of service.
What are the four categories of an Active Attack?
- Masquerade
- Replay
- Modification of messages
- Denial of service
Action that compromises the security of information owned by an organization.
a. security attacks
b. security mechanism
c. security service
a. security attacks
Designed to detect, prevent, or recover from a security attack.
a. security mechanism
b. security service
a. Security Mechanism
Intended to counter security attacks
a. security mechanism
b. security service
b. Security Service
A service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service
This type of service supports applications like email where there are no prior interactions between the communicating entities.
a. Data Origin Authentication
b. Peer Entity Authentication
a. Data Origin Authentication
• Data origin authentication: Provides for the corroboration of the source
of a data unit. It does not provide protection against the duplication or
modification of data units. This type of service supports applications like
electronic mail where there are no prior interactions between the communicating
entities.
Attempts to provide confidence that an entity is not performing either a masquerade or an unauthorized replay of a previous connection.
a. Data Origin Authentication
b. Peer Entity Authentication
b. Peer Entity Authentication
Peer entity authentication: Provides for the corroboration of the identity
of a peer entity in an association. Two entities are considered peer if they
implement the same protocol in different systems (e.g., two TCP users in two
communicating systems). Peer entity authentication is provided for use at the
establishment of, or at times during the data transfer phase of, a connection. It
attempts to provide confidence that an entity is not performing either a masquerade
or an unauthorized replay of a previous connection.
The ability to limit and control the access to host systems and applications via communications links
a. Access Control Service
b. Nonrepudiation Service
c. Data Confidentiality Service
d. Data Integrity Service
e. Availability Service
a. Access Control Service
In the context of network security, access control is the ability
to limit and control the access to host systems and applications via communications
links. To achieve this, each entity trying to gain access must first be identified, or
authenticated, so that access rights can be tailored to the individual.
Prevents either sender or receiver from denying a transmitted message
a. Access Control Service
b. Nonrepudiation Service
c. Data Confidentiality Service
d. Data Integrity Service
e. Availability Service
b. Nonrepudiation Service
NONREPUDIATION prevents either sender or receiver from
denying a transmitted message. Thus, when a message is sent, the receiver can
prove that the alleged sender in fact sent the message. Similarly, when a message
is received, the sender can prove that the alleged receiver in fact received the
message.
the property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system
a. Access Control Service
b. Nonrepudiation Service
c. Data Confidentiality Service
d. Data Integrity Service
e. Availability Service
e. Availability Service
A variety of attacks can result in the loss of or reduction in
availability. Some of these attacks are amenable to automated countermeasures,
such as authentication and encryption, whereas others require a physical action to
prevent or recover from loss of availability.
is the protection of transmitted data from passive attacks.
a. Access Control Service
b. Nonrepudiation Service
c. Data Confidentiality Service
d. Data Integrity Service
e. Availability Service
c. Data Confidentiality Service
The other aspect of confidentiality is the protection of traffic flow from
analysis. This requires that an attacker not be able to observe the source and
destination, frequency, length, or other characteristics of the traffic on a communications
facility.
can apply to a stream of messages, a single message, or selected fields within a message
a. Access Control Service
b. Nonrepudiation Service
c. Data Confidentiality Service
d. Data Integrity Service
e. Availability Service
d. Data Integrity Service
the most useful and straightforward approach is total
stream protection.
What three questions does the computer security strategy ask?
- Specification/policy: What is the security scheme supposed to do?
- Implementation/mechanisms: How does it do it?
- Correctness/assurance: Does it really work?
formal statement of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources
a. Assurance
b. Usurpation
c. Security Policy
d. System Resource
c. Security Policy factors to consider: *value of the assets being protected *vulnerabilities of the system *potential threats and the likelihood of attacks trade-offs to consider: *ease of use versus security *cost of security versus cost of failure and recovery
What are the four complementary courses of action for security implementation?
- Prevention
- Detection
- Response
- Recovery
the degree of confidence one has that the security measures work as intended to protect the system and the information it processes
a. Assurance
b. Evaluation
a. Assurance
encompasses both system design and system implementation
process of examining a computer product or system with respect to certain criteria
a. Assurance
b. Evaluation
b. Evaluation
involves testing and formal analytic or mathematical techniques
