Lesson 2 Flashcards
True or False: Cyberattacks may be conducted by criminals, but also by states for industrial espionage, for economic damage to apply pressure, or to inflict real damage to infrastructure as an act of war
True
True or False: Our protection level is still considered largely insufficient compared to the risks and potential damages
True
This is the protection of computer systems from the damage to their hardware, software or information, as well as from disruption or misdirection of the services they provide
Computer Security or Cybersecurity
Duplicating and exchanging data and code is a fast process with zero cost. Hence, an attack or malware launched by a single person can spread worldwide, at a large-scale, in less than an hour.
Q: What idea is being implied?
Digital information is immaterial
A single bit flip may introduce a critical failure and turn a perfectly working system into a malfunctioning one. Digital information ignores borders, and may even play with contradictions between the legislations of different countries.
Q: What idea is being implied?
Digital information is discrete in nature
this is concerned with the absence of misbehavior, both in normal and exceptional situations, but still in a neutral environment when no one is trying to intentionally attack the system.
software safety
this aims for the absence of misbehavior in an adversarial environment, where an attacker intentionally tries to misuse a system
software security
this can be approached by modeling the environment. this requires us to keep up-to-date with attackers’ progress in all areas
security
this refers to accidental threats, due to internal misbehaviors or non-intentional misuse of the system; this deals with fault-tolerance
safety
this refers to intentional threats; it deals with resistance to attacks
security
security or safety: car crashing because of a software specification or an implementation bug
safety issue
security or safety: a car crashes because an attacker took remote control of the vehicle
security issue
this ransomware attack was a global epidemic on may 2017. this spread through computers operating microsoft windows. user’s files were held hostage, and a bitcoin ransom was demanded for their return.
wannacry ransomware attack
this is a malware designed to hijack Internet of Things (IoT) devices and turn them into remotely controlled “bots” capable of launching distributed denial of service (DDoS) attacks.
Mirai Botnet
True or False: Education is essential to security
True
True or False: The security of a system is always limited by that of its weakest component
True
what was attacked in the case of wannacry ransomware?
windows server message block (smb) protocol
True or False: Large, complex systems cannot be totally validated through human inspection
True, automatic verification tools are needed to find security protocol
flaws as well as implementation flaws.
True or False: Security and privacy are closely related
True, It is essential that security and privacy be considered
together at the design stage so that, for instance, malicious intrusions do not
put data at risk.
What malware quickly followed WannaCry in June 2017, which disguised itself as ransomware in order to muddy attribution and potentially to delay investigation
NotPetya, a state-sponsored malware
True or False: Zero risk cannot exist
True
True or False: The early detection and mitigation of attacks is as important as the attempt to reduce the risk of successful attacks
True
True or False: Security comes at a cost
True
what is the CIA triad?
confidentiality, integrity, and availability
this is the assurance that information is disclosed only to authorized persons, entities, or processes
confidentiality
assurance that the system or information are modified only by a voluntary and legitimate action
integrity
assurance that a system or information is accessible in a timely manner to those who need to use it
availability
assurance that a message is from the source it claims to be from
authenticity
ability for individuals to control their personal data and decide what to reveal to whom and under what conditions
privacy
defined as the right of individuals, groups, institutions to determine how and to what extent information about them is communicated to others
privacy
confidentiality of the identity the user or entity; this aims at hiding who performs some action
anonymity
a set of rules that specify how sensitive and critical resources are protected
security policy
defined as the ability of a system to return to its original state after an attack; capacity of a system to deliver its services continuously, even while under attack
resilience
this involves precisely defining which entity may access what information and in which way: permissions, prohibitions, or obligations to read or write information are to be defined; so-called security policy
prevention
this can take place before the definition of a policy
prevention
detecting early source and binary code vulnerabilities that could be exploited to violate the security properties
security by design principle
proving that a given property is guaranteed by the software
formally proved security
this refers to the capacity to tolerate attacks; ability for a computer system to deliver the intended outcome despite adverse cyber events
cyber-resilience
this policy is concretely enforced through these security services:
- entity identification and authentication
- control of access to information
- control of information flows
- detection of attempts to exploit potential vulnerabilities of the system
- response to these attempts
security policy
this deals with hazardous hardware failures or software bugs
fault-tolerance
what is the basic principle of cyber-resilience?
replication of data and backups in the context of a distributed system to avoid a single point of failure
