InfoSec_Deck-0.11959936320610942 Flashcards
Elements of Information Security
Confidentiality, Integrity, Availability, Authenticity, Non-repudiation
What is confidentiality in information security?
Confidentiality is the assurance that information is accessible only to authorized individuals.
How can confidentiality be maintained?
Through data classification, data encryption, and proper disposal of equipment.
What is integrity in information security?
Integrity is the trustworthiness of data or resources, ensuring they are not improperly or unauthorizedly changed.
How can integrity be maintained?
Using checksums and access control.
What is availability in information security?
Availability is the assurance that systems are accessible when required by authorized users.
How can availability be maintained?
Using redundant systems, antivirus software, and DDoS prevention.
What is authenticity in information security?
Authenticity ensures that communication or data is genuine and uncorrupted.
How can authenticity be ensured?
Using biometrics, smart cards, and digital certificates.
What is non-repudiation in information security?
Non-repudiation guarantees that a message’s sender cannot deny having sent the message.
How is non-repudiation ensured?
Using digital signatures.
What motivates attackers in information security?
Disrupt business continuity, perform information theft, manipulate data, create fear, and more.
How are information security attacks classified?
Passive, active, close-in, insider, and distribution.
What is a passive attack?
Passive attacks involve intercepting and monitoring network traffic without tampering with data.
Examples of passive attacks?
Footprinting, sniffing, network traffic analysis.
What is an active attack?
Active attacks tamper with data in transit or disrupt communication to break into secured systems.
Examples of active attacks?
DoS attacks, malware attacks, spoofing, and more.
What are close-in attacks?
Close-in attacks are performed when the attacker is physically close to the target system.
Examples of close-in attacks?
Social engineering, eavesdropping, shoulder surfing.
What are insider attacks?
Insider attacks are performed by trusted individuals with physical access to critical assets.
Examples of insider attacks?
Data theft, eavesdropping, social engineering.
What are distribution attacks?
Distribution attacks occur when attackers tamper with hardware or software before installation.
Examples of distribution attacks?
Planting backdoors during production or distribution.
What is information warfare?
The use of ICT for competitive advantages over an opponent.
What are some forms of information warfare?
Command and control warfare, intelligence-based warfare, electronic warfare, and more.
What is the CEH hacking methodology?
A step-by-step process followed by ethical hackers to perform hacking.
What is footprinting in hacking?
Footprinting involves gathering information about a target to identify vulnerabilities.
What is scanning in hacking?
Scanning identifies active hosts and open ports in the target network.
What is enumeration in hacking?
Enumeration involves making active connections to a target system to gather information.
What is vulnerability analysis?
The examination of a system’s ability to withstand assault by identifying security vulnerabilities.
What is the cyber kill chain methodology?
A framework for identifying and preventing malicious intrusion activities.
What is reconnaissance in the cyber kill chain?
The adversary collects information about the target to probe for weak points.
What is weaponization in the cyber kill chain?
The adversary creates a tailored malicious payload based on identified vulnerabilities.
What is delivery in the cyber kill chain?
The transmission of the malicious payload to the intended victim.
What is exploitation in the cyber kill chain?
The malicious code exploits a vulnerability in the target system.
What is installation in the cyber kill chain?
The adversary installs malicious software on the target system to maintain access.
What is command and control in the cyber kill chain?
The adversary establishes a communication channel with the victim’s system.
What are tactics in TTPs?
Tactics describe the way an attacker performs their attack from beginning to end.
What are techniques in TTPs?
Techniques are the methods used by an attacker to achieve intermediate results during an attack.
What are procedures in TTPs?
Procedures involve the sequence of actions performed by the threat actors to execute different steps of an attack.
