Information Security

Question 1

What is the CIA triad?

Answer 1

Confidentiality
Integrity
Availability

Question 2

What does data Confidentiality mean?

Answer 2

This can refer to data confidentiality: private or confidential information is not made available or disclosed to unauthorized individuals

Privacy - individuals control or influence what information related to them is collected and stored and by whom. And who that information may be shared with.

Example: Student records kept private. FERPA

Question 3

What is Integrity?

Answer 3

Assures that information and programs are changed only in a specified and authorized manner.

Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.

Example: Incorrect data in a database could have negative impact.

Question 4

What is availability?

Answer 4

Assures that systems work promptly and service is not denied to authorized users.

Example: School website is up and available to users when they need it.

Question 5

What is Authenticity?

Answer 5

Verifying that users are who they say they are and that each input arriving at the system is from a trusted source.

Question 6

What is Accountability?

Answer 6

The security goal that generates the requirement for actions of that entity to be traced uniquely to that entity.

Question 7

What does it mean for something to have low breach impact?

Answer 7

The loss could be expected to have limited adverse effect on an organization’s operations, assets, or individuals.

Question 8

What does it mean for something to have medium or moderate breach impact?

Answer 8

The loss could be expected to have a serious adverse effect on organizational operations, assets, or individuals.

Question 9

What does it mean for something to have high breach impact?

Answer 9

The loss could be expected to have a severe or catastrophic adverse effect on organizational operations, assets, or individuals.

Question 10

What are some computer security challenges?

Answer 10

• Solutions are often complex
• require constant monitoring
• is often an afterthought
• little perceived benefit
• constant battle between perpetrators and the security specialist

Question 11

What is a security attack?

Answer 11

Any action that compromises the security of information owned by an organization.

Question 12

What is a security mechanism?

Answer 12

A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack.

Question 13

What is a security service?

Answer 13

A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization.

Intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.

Question 14

What is the difference between a threat and an attack?

Answer 14

Threat - A possible danger that might exploit a vulnerability

Attack- An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt to evade security services or policies.

Question 15

What are two different types of security attacks?

Answer 15

Passive - gathering information from the system but not physically affecting the resources themselves

Active- attempt to alter system resources or affect their operation.

Question 16

What is Nonrepudiation?

Answer 16

When someone can’t deny the authenticity of something.

Question 17

What is ISOC?

Answer 17

Internet Society - professional membership society responsible for internet infrastructure standards including the IETF

Question 18

What are some characteristics of a firewall?

Answer 18

All traffic must pass through it

Only authorized traffic will be allowed to pass.

The firewall itself should be immune to penetration

There can be more than one in an organization.

Question 19

What is IP address spoofing?

Answer 19

The intruder transmits packets from the outside with a source IP address field containing the address of an internal host.

Question 20

What is a countermeasure for IP spoofing?

Answer 20

Discard packets with internal source IP if they arrive at external opening.

Question 21

What is a source routing attack?

Answer 21

The source station specifies the route that a packet should take as it crosses the internet, in the hopes that this will bypass security measures that do not analyze the source routing information

A countermeasure is to discard all packets that use this option.

Question 22

What is a tiny fragment attack?

Answer 22

The intruder uses the IP fragmentation option to create extremely small fragments and force the TCP header information into a seperate packer fragment.

A countermeasure is to enforce a rule that the first fragment of a packet must contain a predefined minimum amount of the transport header.

Question 23

What is an application level gateway or application proxy?

Answer 23

A filter of application-level traffic

Tend to be more secure than packet filters

Additional processing overhead necessary on each connection

Question 24

What is plaintext?

Answer 24

The original text of the message

Question 25

What is ciphertext?

Answer 25

The encoded message

Question 26

What is a cipher?

Answer 26

An algorithm for translating plaintext to ciphertext

Question 27

What is a key?

Answer 27

Info used in cipher known only to the sender or receiver

Question 28

What is cryptography?

Answer 28

The study of encryption principles and methods

Question 29

What is cryptanalysis?

Answer 29

Code breaking - study of principles or methods of deciphering ciphertext without knowing key

Question 30

What is cryptology?

Answer 30

The study of both encryption and decryption

Question 31

How does symmetric encryption work?

Answer 31

Both sender and receiver share a key used to both encrypt and decrypt the message being sent.

• A strong encryption algorithm is required
• sender and receiver must have received the key in a secret fashion.

Question 32

What is substitution in terms of cryptography?

Answer 32

elements of the plaintext are mapped to another element.

Question 33

What is transposition in terms of cryptography?

Answer 33

Elements of the plaintext are rearranged

Question 34

An encryption scheme is computationally secure if…

Answer 34

The cost of breaking the cipher exceeds the value of the information

The time required to break the cipher exceeds the useful lifetime of the information.

Question 35

What goes into a risk management process?

Answer 35

• Determine what is at risk
• Determine the rough value
• Determine for each asset the threats
• Determine an appropriate response

-monitor and control risk

Question 36

What is SLE ?

Answer 36

Single Loss Expectancy

Asset value * Exposure factor

Question 37

What is ALE?

Answer 37

Annualized Loss Expectancy

SLE * Rate of occurrence

Question 38

What is a rootkit?

Answer 38

A set of hacker tools used after attacker has broken into a computer system and gained root access.

Question 39

Malware can be classified into two broad categories…

Answer 39

Based on how it spreads or propagates

actions it takes once the target is reached.

Question 40

What is a auto rooter?

Answer 40

Malicious hacker tools used to break into new systems remotely.

Question 41

What is a kit (virus generator)?

Answer 41

set of tools for generating new viruses automatically.

Question 42

What is a backdoor?

Answer 42

A means of bypassing security measures to gain access to unauthorized functionalities.

Question 43

What is an infection vector?

Answer 43

The means by which a virus spreads or propagates

Question 44

What is the payload in terms of a virus?

Answer 44

What the virus does besides spreading. May involve damage or benign but noticeable activity.