Module 1 Flashcards
CIA Triad
Confidentiality, Integrity, Availability
Availability
The quality of being able to be used or obtained.
Availability concerns occur when operating systems, equipment, and data are not functioning correctly, limiting access to those who need it.
Integrity
The quality of being honest, whole, or undivided.
The integrity of info refers to protecting info from being modified by unauthorized parties.
Hashing is a big word for this, if you see hashing it is almost always due to integrity.
Confidentiality
The state of being kept secret or private. Ensuring that sensitive info does not reach unauthorized people.
“Need to know base”
A hospital only allows authorized healthcare personnel within one department to access patient Personal Identifiable Information. When employees move to another department, they lose access.
Confidentiality
A cybercriminal launches a DDoS attack that floods a website with unwanted traffic from multiple computers and takes the site offline.
Availability
A cybercriminal cracks a hashed message and changes its contents.
Integrity
A company’s network infrastructure uses load balancers, which distribute the “load” of tasks, such as file requests and data routing, to a variety of servers. This ensures that no single device is overburdened.
Availability
Employees need key cards in order to enter their company offices.
Confidentiality
Brute Force Attack
An Attacker can use brute force attack to continuously attempt username and password combos.
How to mitigate Brute Force
Strong Password Policies: Require complex passwords that must be changed regularly.
Failed Login Attempts:
Implement automatic account lockout after a set number of unsuccessful login attempts to deter brute-force attacks.
Time-Based Lockout:
Consider a temporary lockout period after failed logins, allowing users to retry after a short time.
Phishing
An attacker can attempt a phishing attack, where users are redirected to fake a login pages that capture user credentials.
How to mitigate Phishing
Phishing Training and Awareness Programs: Educate employees about the dangers of phishing and how to recognize fraudulent emails
Security Training:
Regularly educate users about phishing scams, password hygiene, and the importance of protecting their login credentials.
Phishing Simulation Tests:
Conduct periodic phishing simulation exercises to evaluate user awareness and identify areas for improvement.
Keylogging
An Attacker can deploy malware such as keyloggers to capture daily user activity.
How to mitigate Keylogging
Use of Anti-Keylogging Software: Install security software that detects and prevents keyloggers.
Log Analysis:
Regularly review system logs for anomalies that could indicate unauthorized access or malicious activity.
Intrusion Detection/Prevention Systems (IDS/IPS):
Monitor network traffic for suspicious activity and actively block potential threats.
Stolen Hardware/ Session Hijacking
An Attacker can simply exploit a valid computer session to gain unauthorized access to info or services.
How to mitigate Stolen Hardware/ Session Hijacking
Session Management Security: Implement secure session management practices like HTTPS and secure cookies.
Person-in-the-middle Attack
An Attacker can create a person in the middle attack by providing a free WiFi hotspot to capture credentials.
How to mitigate Person-in-the Middle
Encryption: Use end-to-end encryption for data in transit to prevent MITM attacks.
Credential Stuffing
An Attacker can find and steal users’ login and password info from other websites to gain unauthorized access to a system.
How to mitigate Credential Stuffing
Multi-Factor Authentication (MFA): Require additional verification methods beyond just passwords to access accounts.
SQL Injection
An attacker can use a code-injection attack to inject malicious code directly into username or password fields.
How to mitigate SQL Injection
Regular Security Audits and Code Reviews: Conduct periodic audits and reviews to identify and mitigate SQL injection and XSS vulnerabilities.
A big one for this one is INPUT VALIDATION.
Cross-site scripting (XXS)
An Attacker can inject malicious scripts into webpages viewed by other users and use these as a backdoor into their system.
How to mitigate Cross-site Scripting (XXS)
Regular Security Audits and Code Reviews: Conduct periodic audits and reviews to identify and mitigate SQL injection and XSS vulnerabilities.
A big one for this one is INPUT VALIDATION.
Exploiting outdated software
Attackers can use known vulnerabilities in outdated software to breach security.
How to mitigate Outdated Software
Software and Patch Management: Regularly update all software to the latest versions to fix known vulnerabilities.
Social Engineering
An Attacker can ask users for their credentials by pretending to be an administrator.
How to mitigate Social Engineering
Employee Security Training: Conduct regular training sessions to improve security awareness and reduce the risk of social engineering.
Advanced Intrusion Detection Systems (IDS): Deploy IDS to monitor network and system activities for malicious activities and policy violations.
