Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CIPT > Chapter 9: Cybersecurity and Privacy > Flashcards

Chapter 9: Cybersecurity and Privacy Flashcards

1
Q

Provide examples of security failures that can result in a privacy breach

A

Unpatched software bugs
Poorly configured security mechanisms
Reuse of credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

List the NICE framework security categories

A
  • Securely provision
  • Operate and maintain
  • Protect and defend
  • Investigate
  • Analyze
  • Oversee and govern
  • Collect and operate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does securely provision encompass within the NICE framework?

A

The tasks narrowly focused on developing software to be secure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does operate and maintain encompass within the NICE framework?

A

The operation and maintenance of a system is just as critical to its security and privacy goals as the way the system is created in the first place

Other aspects of operating a system as defined by the NICE framework include systems analysis, which examines the interoperation of an organization’s systems, and knowledge management, which focuses on the processes and tools for ensuring that an organization can keep track of the systems it has created and how to operate them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does protect and defend encompass within the NICE framework?

A

Part of attempting to ensure that a system will not be compromised is actively protecting the system

This includes vulnerability assessment and management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does investigate encompass within the NICE framework?

A

(1) discovering what specific data may have been compromised
(2) discovering the specific method of compromise
(3) identifying who perpetrated an attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What infrastructure can be used to protect and defend?

A

Firewalls that prevent malicious network traffic and monitoring systems that make it possible to detect attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is cyber defense analysis?

A

Using defensive components to prevent or detect attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is incident management?

A

It is the process of documenting the details of the attack, determining the impact of the attack on the system and then deciding on the appropriate actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are software vulnerabilities?

A

The software bugs that an attacker can take advantage of to carry out an attack

Not every bug is a vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How does malware get on a computer?

A

Malware is installed on a victim user’s computer either by the exploitation of a software vulnerability or at a time when the attacker has unfettered access to the computer—for example, when software is being loaded onto the computer before the computer is sold

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What do you call malware that has modified system functions to disguise itself?

A

Rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a bot-net?

A

When malware coordinates with command-and-control servers to put large sets of computers under the control of a single organization; such a set of computers is called a botnet, and each of the infected computers a bot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How do bot-nets mount distributed denial-of-service (DDoS) attacks?

A

The computers that are part of a botnet are instructed to connect to or interact with a victim server; if the botnet is large enough, the victim server may be overwhelmed with requests and crash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is phishing?

A

A type of social engineering attack in which a victim is tricked into logging in to what they think to be a legitimate site

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is spear phishing?

A

Attackers customize their messages to include personal information they have already uncovered about the victim

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is whaling?

A

Spear phishing attacks directed at high-value individuals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Define the confidentiality property

A

Refers to keeping sensitive data away from unauthorized users, including attackers
Also called secrecy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Define the integrity property

A

Refers to preventing unauthorized modification of data, which could include replacing a correct value with an incorrect one or deleting data

20
Q

Define the availability property

A

Focuses on ensuring that computer systems are available to legitimate users even when they are under attack

21
Q

What are the 2 major parts of access control?

A

Authentication

Authorization

22
Q

Define the authentication step in access control

A

Determining the identity of the user who is attempting to access a resource

23
Q

Define the authorization step in access control

A

Determining whether a request to access a resource (typically, but not always, by an authenticated user) should be granted

24
Q

What does authorization consist of?

A

Mechanism - technical means for allowing or denying access

Policy - specification of who should be allowed or denied which kind of access and under what circumstances

25
Q

List the different access control models

A

Access-control lists (ACL)
Role-based access control (RBAC)
Attribute-based access control (ABAC)
Policy-based access control (PBAC)

26
Q

How do access-control lists (ACL) work?

A

Every object is annotated with a list of the subjects who are allowed to access it, as well as the type of access that they are allowed

27
Q

How do RBAC work?

A

Specifies who is allowed access in terms of roles

28
Q

How do attribute-based access control (ABAC) and policy-based access control (PBAC) work?

A

Allows access-control policy to be specified in terms of attributes that could describe users, objects or properties of the environment

For example, the policy “Charlie is allowed to access sensitive files related to his projects only from the corporate network, but may access nonsensitive files related to his projects from anywhere” might use roles to give Charlie access to specific projects and attribute-based rules to capture the constraint that sensitive files should be accessible only from the corporate network

29
Q

What 2 methods exist to control who makes changes to access levels?

A

Mandatory access control (MAC)

Discretionary access control (DAC)

30
Q

How does mandatory access control (MAC) work?

A

Policy is set by administrators; users have no ability to change the policy, even for their own data

31
Q

How do discretionary access control (DAC) work?

A

Allows users to change the access-control policies for the data they own

32
Q

What is federated identity management?

A

The practice of outsourcing authentication not just to a different service within an organization, but to a different organization
AKA single sign-on

33
Q

In federated identity management, what do you call the service that authenticates users?

A

The identity provider (IdP)

34
Q

In federated identity management, what do you call the services that rely on the IdP to authenticate users?

A

Service providers (SPs)

35
Q

How can IdPs be used to increase privacy?

A

They can store personal information in addition to authentication data
For example, if a service only cares that users are at least 18 years old, then the identity provider’s assertion to the service provider could include just this information, without any additional information about the user’s identity

36
Q

What are the advantages of federated identity management?

A

Users no longer have to remember multiple sets of authentication credentials
Service providers are relieved of the burden of implementing authentication and protecting user’s authentication information

37
Q

What are the risks of federated identity management?

A

Every time a service provider needs to authenticate a user, the identity provider will be consulted; hence, the identity provider learns all the service providers each user visits as well as in what order, at what times of day and from what locations

38
Q

What is cross-enterprise authentication and authorization?

A

Two enterprises may each run their own identity provider, primarily intended to authenticate users within each enterprise. For business reasons, however, the two (or more) enterprises may decide to trust each other’s identity providers

39
Q

List the 7 principles for building and operating systems to be more secure

A 
Economy of mechanism
Open design
Complete mediation
Least privilege
Multiple layers of defense
Psychological acceptability
Safe defaults
40
Q

Describe the economy of mechanism principle for building and operating systems to be more secure

A

A simpler mechanism is less likely to have flaws than a more complex one

41
Q

Describe the open design principle for building and operating systems to be more secure

A

The defender should not rely on the details of their security mechanisms remaining secret from the attacker—also called security by obscurity—as a means to keep their system secure

The open-design principle does not unequivocally point to using open-source software; it merely asserts that if closed-source software is used, then it should not be considered more resistant to attack merely because the attacker cannot readily access it

42
Q

Describe the complete mediation principle for building and operating systems to be more secure

A

Achieved when every avenue by which a resource can be accessed is protected by a security check (putting a lock on every door of the house)

Also implies that access-control policy must be carefully protected so that, for example, a user who is not authorized to change a file also cannot change the policy so as to allow themselves to change the file

43
Q

Describe the least privilege principle for building and operating systems to be more secure

A

Any user, computer system or component of a computer system should have only the privileges it needs to do its job, and no more

44
Q

Describe the multiple layers of defense principle for building and operating systems to be more secure

A

System should be protected redundantly or with complementary mechanisms that are unlikely to be all compromised by the same attack

45
Q

Describe the psychological acceptability principle for building and operating systems to be more secure

A

Security mechanisms that make unreasonable demands on the users—on their attention, their knowledge, or their ability—are likely to fail

46
Q

Describe the safe defaults principle for building and operating systems to be more secure

A

Systems should be configured to provide security out of the box, without any intervention

Systems that fail to do so run the risk of being attacked before they are reconfigured to be more secure; they also encourage users to leave them in an unsafe default state, since that may be more convenient for users, who may not have sufficient awareness of the consequences

CIPT (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions