M1: Security concepts and principles - C.1 Flashcards
What are the fundamental goals of computer security?
- Confidentiality,
- Integrity,
- availability,
- authorization,
- authentication,
- accountability.
What does confidentiality mean in computer security?
It means keeping non-public information accessible only to authorized parties.
How is integrity defined in computer security?
Integrity ensures that data, software, or hardware remains unaltered except by authorized parties.
What is authorization in the context of computer security?
Authorization means that computing resources are accessible only by authorized entities.
What does availability refer to in computer security?
Availability ensures that information, services, and resources are accessible for authorized use.
What is authentication in computer security?
Authentication assures that a principal, data, or software is genuine and as asserted.
What does accountability mean in computer security?
Accountability is the ability to identify principals responsible for past actions.
What is the difference between trusted and trustworthy?
Trusted means having confidence in something, deserved or not;
Trustworthy means it reliably meets expectations.
How is confidentiality different from privacy?
Confidentiality protects information from unauthorized disclosure… while privacy involves protecting personally sensitive information.
What is a security policy?
A security policy specifies the rules and practices for protecting assets and what is allowed or not.
What is an attack in computer security?
An attack is a deliberate action intended to cause a security violation.
What is a vulnerability in computer security?
A vulnerability is a weakness that can be exploited to cause a security breach.
What is a threat in computer security?
A threat is any circumstance or entity that might harm assets or cause security violations.
What is risk in computer security?
Risk is the expected loss due to harmful future events, considering assets, threats, and vulnerabilities.
What is risk assessment?
Risk assessment involves analyzing factors to estimate risk and prioritize defensive measures.
What is the risk equation?
Risk (r) = Threat (t) x Vulnerability (v) x Cost (c).
What is adversary modeling?
Adversary modeling identifies and analyzes potential attackers and their capabilities.
What are some attributes of an adversary?
- Objectives,
- Methods,
- Capabilities,
- Funding level
- Insiders or outsiders.
What is penetration testing?
Penetration testing involves finding vulnerabilities by simulating attacks on a system.
What is security analysis?
Security analysis identifies vulnerabilities and overlooked threats to improve defenses.
What is a threat model?
A threat model identifies threats, threat agents, and attack vectors that a system defends against.
What is diagram-driven threat modeling?
It uses architectural diagrams to identify and analyze potential threats and attack vectors.
What is an attack tree?
An attack tree is a diagram that breaks down an attack goal into smaller, actionable steps.
What is the purpose of attack trees?
To identify and prioritize potential attack vectors and help in forming security policies.
What are attack/threat checklists?
Pre-constructed lists of known attacks used to ensure no threats are overlooked.
What is the difference between insider and outsider attacks?
Insider attacks come from within the organization, while outsider attacks come from external entities.
What is the role of security controls?
Security controls prevent, detect, and react to security violations to limit damage and recover.
What is the significance of security policies in risk management?
Security policies help determine when a violation occurs and guide the implementation of controls.
What is the goal of security analysis in the software development lifecycle?
To provide confidence in a system’s ability to resist attacks by identifying and addressing threats.