Cyber Security

Question 1

How a system is not just one thing

Answer 1

Operating system (environment of application, performs actions on hardware on behalf of application)

Network - many devices connected, layers communicate horizontally

The application

Enterprise - software for organisational use

Question 2

Zawinksis law , second system effect and tony hoare

Answer 2

Program attempts to expand until it can read mail, if it can’t it’s replaced by one that can

When designing a successor to a small system people get carried away and create a huge complex one

There’s two ways to construct a software design

1) so simple there’s obviously no Defects
2) so complex there’s no obvious defects

Question 3

Security misconfiguration

Answer 3

Most common gaps hackers look to exploit

Why does it happen

Bad default settings
Awareness / knowledge gap
Hard to Audi secure misconfigurations
Changing environment

Question 4

Incentives classic approach

Answer 4

Most businesses want to optimise time to market

Startups want to test ideas

Existing companies want to remain competitive

Software developers are rewarded for new features, change and as fast as possible

System admin are rewarded for stale system,being conservative and maintaining availabilityo

Question 5

System setup

Answer 5

User

Applications

Operating system

Hardware

(Each stage interacts with the stage before and after it)

Question 6

Cyber security

Answer 6

People process technology

Availability -( info/resource available for use )

Integrity - ( complete and in correct state)

Confidentiality (only authorised party can access)