Introduction Flashcards
Define assets
An item of value to stakeholders. An asset may be tangible (e.g., a physical item such as hardware, firmware, computing platform, network device, or other technology component) or intangible (e.g., humans, data, information, software, capability, function, service, trademark, copyright, patent, intellectual property, image, or reputation).
Define a threat
Any circumstance or event with the potential to adversely impact organizational operations, organizational assets, individuals, other organizations, or the Nation through a system
Define a vulnerability
Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.
Define an attack
Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.
Define risk
The probability of exposure or loss resulting from a cyber attack or data breach on an organization and the potential adverse impacts to organizational operations (i.e., mission, functions, image, or reputation) and assets, individuals, other organizations, and the Nation.
Discuss each of the AAA triad
Authentication, authorization, and accounting (AAA) is a security framework that controls access to computer resources, enforces policies, and audits usage.
-Authentication provides a way of identifying a user, typically by having the user enter a valid user name and valid password before access is granted.
-Authorization is the process of enforcing policies: determining what types or qualities of activities, resources, or services a user is permitted.
-Accounting measures the resources a user consumes during access. This can include the amount of system time or the amount of data a user has sent and/or received during a session. Accounting is carried out by logging of session statistics and usage information and is used for authorization control, billing, trend analysis, resource utilization, and capacity planning activities.
Provide the definition of confidentiality in the CIA triad, giving possible attacks that affect it and possible countermeasures
Confidentiality means that only authorized individuals/systems can view sensitive or classified information.
ATTACKS
Interception attacks allow unauthorized users to access our data
data breaches and leaks
escalation of system privileges
network reconnaissance
electronic eavesdropping
man-in-the-middle attacks
Phishing Attacks
COUNTERMEASURES
cryptography
Employee Training- Train employees to recognize phishing attempts, use multi-factor authentication, and verify sender authenticity.
Provide the definition of integrity in the CIA triad, giving possible attacks that affect it and possible countermeasures
Integrity means data is trustworthy, complete, and has not been accidentally or intentionally altered or modified by both authorized and unauthorized users in unauthorized ways.
ATTACKS
-Defacement attack, in which hackers alter a website’s HTML to vandalize it for fun or ideological reasons.
-Data Tampering
-Insider Threats
- SQL Injection
COUNTERMEASURES
-Digital Signatures and Hashing- Implement digital signatures to verify data integrity and use cryptographic hashing to detect data tampering
-Access Controls and Monitoring
-Input Validation and Parameterized Queries
Provide the definition of availability in the CIA triad, giving possible attacks that affect it and possible countermeasures
Availability means information should be consistently and readily accessible for authorized parties in accordance to the service level agreement
ATTACKS
denial-of-service (DoD) or DDoS attack
Ransomware
Physical Destruction or Damage
COUNTERMEASURES
Redundancy
rate limiting
data recovery
