ChatGPT Chapter 1

Question 1

What are the three fundamental questions in cybersecurity?

Answer 1

1. What assets do we need to protect?
2. How are those assets threatened?
3. What can we do to counter those threats?

Question 2

Threat Model

Answer 2

Structured way of identifying potential threats, vulnerabilities and risks to a system

Question 3

Privacy

Answer 3

Individuals control what infromation rtelated to them may be collected, stored and who can access it.

Question 4

What is the NIST definition of computer security?

Answer 4

The protection afforded to an automated information system to preserve confidentiality, integrity and availability of its resources.

Question 5

What is the CIA Triad in cybersecurity?

Answer 5

Confidentiality: Ensuring information is not disclosed to unauthorized individuals; Ensure privacy
Integrity: Ensuring data/system isn’t modified or destroyed by unauthorized individuals
Availability: Ensuring timely access to data and services

Question 6

What are the two additional security concepts beyond the CIA Triad?

Answer 6

Authenticity: Ensuring genuinity and trustworthiness, ability to verify
Accountability: Tracing actions back to responsible entity

Authenticitity: Confidence in validity of message or message originator

Question 7

Define vulnerability, threat and attack

Answer 7

Vulnerability: Weakness in a system (Flaw in design, implementation or management that can be exploited)
Threat: A potential for security violation, causing harm
Attack: Deliberate action to breach security by exploiting vulnerability

Question 8

Define Risk

Answer 8

Probability of a threat exploiting a vulnerability (Rare - almost certain)
AND
Impact it would have on system (insig. - catostrophic)

Helps determine what to fix first.

Expectation of loss

Question 9

Levels of impact

Levels of impact

Answer 9

Low, Moderate, High

Question 10

Computer Security Challenges

Answer 10

1. Procedures often counterintuitive
2. Not as simple as appears (multiple algorithms or protocols)
3. Attackers only need to find a single weaknesses (developers must find all!)
4. Good Security is Invisible
5. Requires constant monitoring
6. Impediment to efficient and user-friendly operation

Question 11

What are the two types of attacks?

Answer 11

Passive: Eavesdropping system without altering resources
Active: Attempt to modify or disrupt the system

Question 12

What is a countermeasure?

Answer 12

Action or device that reduces vulnerability, threat or attack by eliminating it, preventing it or minimizng the harm it can cause

** Prevent Detect Recover**

May introduce new vulnerabilties or residuals remain

Question 13

Security Policy

Answer 13

Set of rules and practices that speicfy how a system or org. provides security services

Ex: Strong passwords and their expiration

Question 14

What are the 4 major threat consequences? (UDDU)

Answer 14

1. Unauthorized Disclosure: Breaching confidentiality (interception)
2. Deception: Tampering with integrity (masquerade, falsification)
3. Disruption: Affecting availability or integrity (incapacitation)
4. Usurpation: Gaining unauthorized control (misappropriation, misuse)

Question 15

Unauthorized Disclosure

Examples

Answer 15

1. Exposure (deliberate or error)
2. Interception (unauthorized access to data)
3. Inference (traffic analysis to get detailed information)
4. Intrusion (unauthorized access to sensitive data)

Question 16

Deception

Examples

Answer 16

1. Masquerade (trojan horse)
2. Falsification (alter or replace valid data, introduce false data)
   3.Repudiation (I didn’t do it)

*All impact integrity

Question 17

Disruption

Examples

Answer 17

1. Incapacitation (destroy or damage system hardware)
2. Corruption (unauthorized modification) Integrity
3. Obstruction (overload system to interfere with communications) availability

Question 18

Usurpation

*Examples

Answer 18

1. Misappropriation (enity takes control of system resource)
2. Misuse (Make system component perform damaging function or service)

*Integrity

Question 19

What is the attack surface?

Answer 19

Set of all reachable and exploitable vulnerabilities in a system

Open ports, firewall, APIs, SQL queries, web forms

Question 20

3 Main Attack Surface Categories

Answer 20

Network
Software
Human *social engineering

Question 21

What is an attack tree?

Answer 21

A hierarchical diagram representing possible attack methods, used for analyzing vulnerabilities and improving defenses.

used for attack surface analysis

Question 23

What is the principle of economy of mechanism in security?

Answer 23

Security mechanisms should be as simple as possible to reduce errors and vulnerabilities.

Question 24

What is the principle of fail-safe defaults?

Answer 24

The default state of a system should be to deny access, unless explicitly allowed.

Question 25

Define the principle of complete mediation

Answer 25

Every access request must be checked against the access control system without relying on cached decisions

Question 26

What is the principle of least privilege?

Answer 26

Users or processes should only have the minimum privileges necessary to perform their tasks.

Question 27

Least common mechanism principle

Answer 27

A design should minimize the functions shared by different users/entities

Sharing state among different software programs

Question 28

Define the principle of isolation

Answer 28

Critical resources should be separated from public access, and user files should be isolated from one another.

Question 29

What is the principle of psychological acceptability?

Answer 29

Security mechanisms should not interfere with usability, ensuring user acceptance.

Question 30

Open Design Principle

Answer 30

Keep design open not secret

Question 31

Separation of privileges principle

Answer 31

Multiple privileges should be required to achieve access to a restricted resource

Question 32

Encapsulation principle

Encapsulation principle

Answer 32

hide internal structures

similar to object-oriented programming concepts

Question 33

Modularity principle

Answer 33

security functions as separate, protected modules

Question 34

Layering principle

Answer 34

multiple overlapping protection approaches

multiple firewalls based on different technologies and approaches

Question 36

What is the scope of computer security?

Answer 36

Protecting data, processes, and applications on a single computer or device through measures like file security, user authentication, local network protections, and controlled access to resources.

EX: Encrypting hard drive

Question 37

Example of CIA Triad Affecting Hardware

Answer 37

1. Confidentiality - USB drive stolen
2. Integrity - ATM skimmers (physical tampering of ATM hardware)
3. Availability - Equipment is stolen

Question 38

Example of CIA Triad Affecting Software

Answer 38

1. Confidentiality - Copy of software made
2. Integrity - Program modified to cause it to fail
3. Availability - program deleted

Question 39

Example of CIA Affecting Data

Answer 39

1. Confidentiality - Unauthorized read of data
2. Integrity - Files modified or new ones fabricated
3. Availability - Files deleted

Question 40

Example of CIA Affecting Communication Lines

Answer 40

1. Confidentiality - messages read or traffic patterns observed
2. Integrity - messages modified, delayed, reordered, duplicated, fabricated
3. Availability - Messages destroyed or deleted

Question 41

4 Main Types of Active Attacks

Answer 41

1. Masquerade
2. Replay (gaining access by replaying message)
3. Modification of messages (change IBAN in bank transfer)
4. Denial of service (interuruption of an authorized user’s access to a computer network)