IAS Flashcards
is the study of how to protect your information assets from destruction, degradation, manipulation and exploitation
Information Assurance (IA)
study on how to recover should any of those happen.
Information Assurance
5 aspects of information needed protection
Availability, Integrity, Confidentiality, Authentication, Non-repudiation
timely, reliable access to data and information services for authorized users;
Availability
protection against unauthorized modification or destruction of information;
integrity
assurance that information is not disclosed to unauthorized persons;
Confidentiality
security measures to establish the validity of a transmission, message, or originator.
Authentication
assurance that the sender is provided with proof of a data delivery
Non- repudiation
True or False: IT security cannot be accomplished in a vacuum
TRUE
Four Major categories of Information Assurance
Physical Security, personnel security, IT security, Operational Security
refers to the protection of hardware, software, and data against physical threats to reduce or prevent disruptions to operations and services and loss of assets.
Physical Security
6 Proper Practice of Information Assurance
-enforcing hard-to-guess passwords
- encrypting hard drives
- locking sensitive documents in a safe
- assigning security clearances to staffers
- using SSL for data transfer
- having off-site back up of documents
is a variety of ongoing measures taken to reduce the likelihood and severity of accidental and intentional alteration, destruction,
Personnel Security
action or inaction by insiders and known outsiders, such as business partners.
Personnel Security
is the inherent technical features and functions that collectively contribute to an IT infrastructure
IT security
involves the implementation of standard operational security procedures
Operational Security
Purpose of operational security
achieve and sustain a known secure system state at all times
-prevent accidental or intentional theft, release, destruction, alteration, misuse, or sabotage of system resources.
According to _________, a computing environment is made up of five continuously interacting components
Raggad’s taxonomy of information security
5 continuously interacting components
activities, people, data. technology and network
According to ______, IA can be thought of as protecting information at three distinct levels
Blyth and Kovacich
3 distinct levels
Physical
-information infrastructure
- perceptual
data and data processing activities in physical space;
Physical
information and data manipulation abilities in cyberspace;
information infrastructure
knowledge and understanding in human decision space.
Perceptual
What is the lowest level focus of IA?
Physical Level
Computers, physical networks, telecommunications and supporting systems such as power, facilities and environmental controls
Physical Level
At this level people are the one who manage the systems.
Physical Level
to affect the technical performance and the capability of physical systems, to disrupt the capabilities of the defender.
Desired effects(Physical level)
physical attack and destruction, including: electromagnetic attack, visual spying, intrusion, scavenging and removal, wiretapping, interference, and eavesdropping.
Attackers Operations ( Physical level)
physical security, OPSEC, TEMPEST
Defenders Operations ( Physical Level)
COMPSEC meaning:
Computer security
COMSEC:
Communications and network security
ITSEC
both COMPSEC and COMSEC
What is the second level focus of IA?
Infrastructure level
OPSEC
operations security
This covers information and data manipulation ability maintained in cyberspace, including: data structures, processes and programs, protocols, data content and databases.
Infrastructure Level
to influence the effectiveness and performance of information functions supporting perception, decision making, and control of physical processes.
Desired effects ( IL)
impersonation, piggybacking, spoofing, network attacks, malware, authorization attacks, active misuse, and denial of service attacks.
Attackers Operation (IL)
information security technical measures such as: encryption and key management, intrusion detection, anti-virus software, auditing, redundancy, firewalls, policies and standards.
Defenders Operation (IL)
What is the third level of IA?
Perceptual Level
This is abstract and concerned with the management of perceptions of the target, particularly those persons making security decisions.
Perceptual Level
to influence decisions and behaviors
Desired effects ( PL)
psychological operations such as: deception, blackmail, bribery and corruption, social engineering, trademark and copyright infringement, defamation, diplomacy, creating distrust.
Attackers Operation (PL)
personnel security including psychological testing, education, and screening such as biometrics, watermarks, keys, passwords
Defenders Operation (PL)
It is the flip side of information assurance
Information Warfare
involves managing an opponent’s perception through deception and psychological operations. In military circles, this is called Truth Projection.
TYPE I
gathers intelligence by exploiting the opponent’s use of information systems.
TYPE III
involves denying, destroying, degrading, or distorting the opponent’s information flows to disrupt their ability to carry out or coordinate operations.
TYPE II
6 offensive players of IW
Insiders, Hackers, Criminals, Corporations, Government and terrorists
consists of employees, former employees and contractors.
Insiders
one who gains unauthorized access to or breaks into information systems for thrills, challenge, power, or profit.
Hackers
target information that may be of value to them: bank accounts, credit card information, intellectual property, etc.
Criminals
actively seek intelligence about competitors or steal trade secrets.
Corporations
seek the military, diplomatic, and economic secrets of foreign governments, foreign corporations, and adversaries. May also target domestic adversaries.
Government and agencies
usually politically motivated and may seek to cause maximal damage to information infrastructure as well as endanger lives and property.
Terrorists
Protection Pillars f IA
“ensure the availability, integrity, authenticity, confidentiality, and non-repudiation of information”
IA is both proactive and reactive involving
protection, detection, capability restoration, and response.
“timely attack detection and reporting is key to initiating the restoration and response processes.”
Attack Detection
“relies on established procedures and mechanisms for prioritizing restoration of essential functions.
Capability Restoration
may rely on backup or redundant links, information system components, or alternative means of information transfer.”
Capability Restoration
the resource being protected, including: physical assets: devices, computers, people; logical assets: information, data (in transmission, storage, or processing),
Asset
the items being protected by the system (documents, files, directories, databases, transactions, etc.)
Objects
entities (users, processes, etc.) that execute activities and request access to objects.
Subjects
operations, primitive or complex, that can operate on objects and must be controlled
Actions
7 Critical Aspects: Information assets (objects) may have critical aspects:
Availability, accuracy, authenticity, confidentiality, integrity, utility, possession
in the Unix operating system, processes (___) may have permission to perform read, write or execute (____) on files (__)
Subjects, actions, objects
authorized users are able to access it;
Availability
the information is free of error and has the value expected
Accuracy
the information is genuine;
Authenticity
the information has not been disclosed to unauthorized parties;
Confidentiality
the information is whole, complete and uncorrupted;
Integrity
the information has value for the intended purpose;
utility
the data is under authorized ownership and control.
possession
may be conducted by criminals, but also by states for industrial
espionage, for economic damage to apply pressure, or to inflict real damage
to infrastructure as an act of war
Cyber Attack
requires some form of physical security, since physical
access to computer systems enables a whole class of attacks.
Cybersecurity
is the protection of computer systems from the damage to their hardware, software or information, as well as from disruption or misdirection of the services they provide.
Computer Security or IT security
may depend on cybersecurity to the extent that it uses
computer systems
Physical Security
is concerned with the absence of misbehavior, both in
normal and exceptional situations, but still in a neutral environment when no
one is trying to intentionally attack the system
Software safety
aims for the absence of misbehavior in an
adversarial environment,
Safety
aims for the absence of misbehavior in an
adversarial environment, where an attacker intentionally tries to misuse a
system, putting it in an erroneous state that is not part of its intended
specification
Software security
where an attacker intentionally tries to misuse a
system
Security
is an essential cornerstone in a digital world which increasingly
pervades every aspect of our daily lives, public and private. Without it, the world collapses.
Security
ability for individuals to control their personal data and decide what to reveal to
whom and under what conditions.
Privacy
CIA Triad stands for?
Confidentiality, Integrity, and Availability
Cybersecurity consists in ensuring three basic and essential
properties of information, services, and IT infrastructures well known as the?
CIA triad
confidentiality of the identity of the user or entity
Anonymity
a set of rules that specify how sensitive and critical resources are protected, i.e., how some or all of the previous properties are guaranteed.
Security Policy
initially defined as the ability of a system to return to its original
state after an attack
Resilience
related to scientific methods of identifying the authors of
a crime by examining objects or substances involved in the crime.
Forensic Analysis
aims to explain the state of a computing system
by extracting information and using it to reconstruct the series of actions undertaken
by the attacker
Forensic Analysis
has been given to practices where
governments or governmental organizations perform surveillance and data
collection at a national scale (or larger)
Mass Dataveillance
targets an individual of (supposed) interest.
Personal Dataveillance
are physical attacks based on the observation of the
circuit behavior during a computation
Side Channel analysis
a well-known class of physical attacks where a
device undergoes a modification of physical parameters in order to obtain an
incorrect behavior
Fault Attacks
can also be generated in multicore SoC using the
Dynamic Voltage and Frequency Scaling (DVFS), i.e
Perturbation
attacking this
basic and essential network service can, for instance, isolate a whole country or at
the opposite redirect all the traffic of a country through a surveillance point. Another
crucial network service, DNS, translates readable hostnames into IP addresses. An
attack against this service can redirect a user to a fake banking web site in order to
steal the user’s credentials
Routing
s a hierarchical decentralized naming system for the Internet, with
scalability and flexibility as key design goals.
Domain Name System(DNS)
used for address resolution,i.e.,
hostname to IP mapping (e.g., “www.example.com” resolves to IPv4 address “1.2.3.4”), as
well as the inverse mapping.
DNS
Type of routing thtat controlled by a single organization
Autonomous System
is the protocol currently in use on the Internet for the
exchange of routing and reachability information among autonomous systems.
Border Gateway Protocol
more advanced and leveraging higher social
intelligence to make people confident in the legitimacy of the request they
received
Spear Phishing
aims at convincing the user to perform an action,
such as revealing a password, by gaining their trust.
Social Engineering
usually aims at obtaining
information like passwords, credit card numbers etc. It is often based on massive
email campaigns (spam) or messages over other communication media (chats,
social media) requesting that people provide sensitive information either by
replying to the email or by connecting to a website
Phishing
convince a person to perform a forbidden or
sensitive action by gaining their trust
Social Engineering
aims at flipping memory bits while reading and writing
another cell.
Rowhammer Attack