Lesson 1 Flashcards
study of how to protect information from destruction, degradation, manipulation, and exploitation, and also how to recover it
information assurance
what are the aspects of information needing protection
availability, integrity, confidentiality, authentication, non-repudiation
timely, reliable access to data and information for authorized users
availability
protection against unauthorized modification of information
integrity
assurance that information is not disclosed to unauthorized persons
confidentiality
assurance that the sender is provided with proof of a data delivery and recipient is provided with proof of sender’s identity
non-repudiation
four major categories of information assurance
physical security, personnel security, it security, operational security
give examples of proper practice of information assurance
- hard to guess passwords
- encrypting hard drives
- locking sensitive documents
- assigning security clearances to staffers
- using SSL for data transfers
- having off-site backup of documents
what does SSL mean
secure socket layer protocol; websites that are safe or have https
category of IA: protection of hardware, software, and data against physical threats to prevent loss of assets
physical security
variety of ongoing measures taken to reduce the likelihood and severity of accidental and intentional alteration, destruction,
misappropriation, misuse, misconfiguration, unauthorized distribution, and
unavailability of an organization’s logical and physical assets, as the result
of action or inaction by insiders and known outsiders, such as business
partners.
personnel security
inherent technical features and functions that collectively contribute to an IT infrastructure
IT security
involves the implementation of standard operational security procedures that define the nature and frequency of interaction between users, systems, and system resources
operational security
the objective of operational security is to
- achieve a known secure system state at all times
- prevent accidental or intentional theft, release destruction, alteration, misuse, or sabotage of system resources
according to raggad’s taxonomy of information security, what are the five interacting components in a computing envi
activities, people, data, technology, networks
three levels of information security
physical, information infrastructure, perceptual
desired effect: to affect the technical performance and the capability of physical systems, to disrupt the capabilities of the defender
physical level
attacker’s operation: physical attack and destruction–electromagnetic attack, visual spying, intrusion, scavenging and removal, wiretapping, interference, eavesdropping
physical level
defender’s operation: COMPSEC, COMSEC (communications and network security), ITSEC, OPSEC
physical level
covers information and data manipulation ability maintained in cyberspace
information infrastructure level
desired effects: influence the effectiveness and performance of information functions
information infrastructure level
attackers operations: impersonation, piggybacking, spoofing, network attacks, malware, authorization attacks, active misuse, and denial of service
information infrastructure level
defender’s operation: encryption and key management, intrusion detection, anti-virus software, auditing, redundancy, firewalls, policies and standards
infrastructure level
perceptual level is also called
social engineering
desired effects: to influence decisions and behaviors
perceptual level
attacker’s operations: deception, blackmail, bribery and corruption, social engineering, trademark and copyright infringement, defamation, diplomacy, creating distrust
perceptual level
defender’s operations: psychological testing, education, biometrics, watermarks, keys, passwords
perceptual level
flip side of information assurance
information warfare
info warfare - type 1
managing an opponent’s perception through psychological operations/truth projection
information warfare - type 2
denying, destroying, degrading, or distorting the opponent’s information flows to disrupt their ability to carry out operations
information warfare - type 3
gathers intelligence by exploiting the opponent’s use of information systems
who are the offensive players in the world of IW
insiders, hackers, criminals, corporations, governments, terrorists
consists of employees
insiders
gains unauthorized access to information systems for thrills, challenge, power, or profit
hackers
target information that may be of value to them
criminals
IW Player: actively seek intelligence on competitors or steal trade secrets
corporations
seek military, diplomatic, and economic secrets of foreign governments
governments
IW Player: politically motivated and may seek to cause maximal damage to information and infrastructure
terrorists
relies on established procedures and mechanisms for prioritizing restoration of essential functions
capability restoration
a resource being protected
asset
devices, computers, people
physical assets
logical assets
information, data, intellectual property
any software, hardware, data, administrative, physical, communications, or personnel resource
system assets
the items being protected by the system (files, data, directories, documents, databases, transactions)
objects
entities that execute activities and request access to objects
subjects
operations, primitive or complex, that can operate on objects must be controlled
actions
the information is free of error and has the value expected
accuracy
the information is genuine
authenticity
the information has not been disclosed to unauthorized parties
confidentiality
the information is whole, complete, and uncorrupted
integrity
the information has value for the intended purpose
utility
the data is under authorized ownership and control
possession
security measures to establish the validity of a transmission, message, or originator
authentication
what is necessary for information warfare?
motive, means, and opportunity
