Chapter 9: Cybersecurity and Privacy Flashcards
Provide examples of security failures that can result in a privacy breach
Unpatched software bugs
Poorly configured security mechanisms
Reuse of credentials
List the NICE framework security categories
- Securely provision
- Operate and maintain
- Protect and defend
- Investigate
- Analyze
- Oversee and govern
- Collect and operate
What does securely provision encompass within the NICE framework?
The tasks narrowly focused on developing software to be secure
What does operate and maintain encompass within the NICE framework?
The operation and maintenance of a system is just as critical to its security and privacy goals as the way the system is created in the first place
Other aspects of operating a system as defined by the NICE framework include systems analysis, which examines the interoperation of an organization’s systems, and knowledge management, which focuses on the processes and tools for ensuring that an organization can keep track of the systems it has created and how to operate them
What does protect and defend encompass within the NICE framework?
Part of attempting to ensure that a system will not be compromised is actively protecting the system
This includes vulnerability assessment and management
What does investigate encompass within the NICE framework?
(1) discovering what specific data may have been compromised
(2) discovering the specific method of compromise
(3) identifying who perpetrated an attack
What infrastructure can be used to protect and defend?
Firewalls that prevent malicious network traffic and monitoring systems that make it possible to detect attacks
What is cyber defense analysis?
Using defensive components to prevent or detect attacks
What is incident management?
It is the process of documenting the details of the attack, determining the impact of the attack on the system and then deciding on the appropriate actions
What are software vulnerabilities?
The software bugs that an attacker can take advantage of to carry out an attack
Not every bug is a vulnerability
How does malware get on a computer?
Malware is installed on a victim user’s computer either by the exploitation of a software vulnerability or at a time when the attacker has unfettered access to the computer—for example, when software is being loaded onto the computer before the computer is sold
What do you call malware that has modified system functions to disguise itself?
Rootkit
What is a bot-net?
When malware coordinates with command-and-control servers to put large sets of computers under the control of a single organization; such a set of computers is called a botnet, and each of the infected computers a bot
How do bot-nets mount distributed denial-of-service (DDoS) attacks?
The computers that are part of a botnet are instructed to connect to or interact with a victim server; if the botnet is large enough, the victim server may be overwhelmed with requests and crash
What is phishing?
A type of social engineering attack in which a victim is tricked into logging in to what they think to be a legitimate site
What is spear phishing?
Attackers customize their messages to include personal information they have already uncovered about the victim
What is whaling?
Spear phishing attacks directed at high-value individuals
Define the confidentiality property
Refers to keeping sensitive data away from unauthorized users, including attackers
Also called secrecy
Define the integrity property
Refers to preventing unauthorized modification of data, which could include replacing a correct value with an incorrect one or deleting data
Define the availability property
Focuses on ensuring that computer systems are available to legitimate users even when they are under attack
What are the 2 major parts of access control?
Authentication
Authorization
Define the authentication step in access control
Determining the identity of the user who is attempting to access a resource
Define the authorization step in access control
Determining whether a request to access a resource (typically, but not always, by an authenticated user) should be granted
What does authorization consist of?
Mechanism - technical means for allowing or denying access
Policy - specification of who should be allowed or denied which kind of access and under what circumstances
List the different access control models
Access-control lists (ACL)
Role-based access control (RBAC)
Attribute-based access control (ABAC)
Policy-based access control (PBAC)
How do access-control lists (ACL) work?
Every object is annotated with a list of the subjects who are allowed to access it, as well as the type of access that they are allowed
How do RBAC work?
Specifies who is allowed access in terms of roles
How do attribute-based access control (ABAC) and policy-based access control (PBAC) work?
Allows access-control policy to be specified in terms of attributes that could describe users, objects or properties of the environment
For example, the policy “Charlie is allowed to access sensitive files related to his projects only from the corporate network, but may access nonsensitive files related to his projects from anywhere” might use roles to give Charlie access to specific projects and attribute-based rules to capture the constraint that sensitive files should be accessible only from the corporate network
What 2 methods exist to control who makes changes to access levels?
Mandatory access control (MAC)
Discretionary access control (DAC)
How does mandatory access control (MAC) work?
Policy is set by administrators; users have no ability to change the policy, even for their own data
How do discretionary access control (DAC) work?
Allows users to change the access-control policies for the data they own
What is federated identity management?
The practice of outsourcing authentication not just to a different service within an organization, but to a different organization
AKA single sign-on
In federated identity management, what do you call the service that authenticates users?
The identity provider (IdP)
In federated identity management, what do you call the services that rely on the IdP to authenticate users?
Service providers (SPs)
How can IdPs be used to increase privacy?
They can store personal information in addition to authentication data
For example, if a service only cares that users are at least 18 years old, then the identity provider’s assertion to the service provider could include just this information, without any additional information about the user’s identity
What are the advantages of federated identity management?
Users no longer have to remember multiple sets of authentication credentials
Service providers are relieved of the burden of implementing authentication and protecting user’s authentication information
What are the risks of federated identity management?
Every time a service provider needs to authenticate a user, the identity provider will be consulted; hence, the identity provider learns all the service providers each user visits as well as in what order, at what times of day and from what locations
What is cross-enterprise authentication and authorization?
Two enterprises may each run their own identity provider, primarily intended to authenticate users within each enterprise. For business reasons, however, the two (or more) enterprises may decide to trust each other’s identity providers
List the 7 principles for building and operating systems to be more secure
Economy of mechanism Open design Complete mediation Least privilege Multiple layers of defense Psychological acceptability Safe defaults
Describe the economy of mechanism principle for building and operating systems to be more secure
A simpler mechanism is less likely to have flaws than a more complex one
Describe the open design principle for building and operating systems to be more secure
The defender should not rely on the details of their security mechanisms remaining secret from the attacker—also called security by obscurity—as a means to keep their system secure
The open-design principle does not unequivocally point to using open-source software; it merely asserts that if closed-source software is used, then it should not be considered more resistant to attack merely because the attacker cannot readily access it
Describe the complete mediation principle for building and operating systems to be more secure
Achieved when every avenue by which a resource can be accessed is protected by a security check (putting a lock on every door of the house)
Also implies that access-control policy must be carefully protected so that, for example, a user who is not authorized to change a file also cannot change the policy so as to allow themselves to change the file
Describe the least privilege principle for building and operating systems to be more secure
Any user, computer system or component of a computer system should have only the privileges it needs to do its job, and no more
Describe the multiple layers of defense principle for building and operating systems to be more secure
System should be protected redundantly or with complementary mechanisms that are unlikely to be all compromised by the same attack
Describe the psychological acceptability principle for building and operating systems to be more secure
Security mechanisms that make unreasonable demands on the users—on their attention, their knowledge, or their ability—are likely to fail
Describe the safe defaults principle for building and operating systems to be more secure
Systems should be configured to provide security out of the box, without any intervention
Systems that fail to do so run the risk of being attacked before they are reconfigured to be more secure; they also encourage users to leave them in an unsafe default state, since that may be more convenient for users, who may not have sufficient awareness of the consequences
