Module 1 Flashcards
Overview of Computer Security
Computer
An electronic device that can be programmed to carry out a set of arithmetic or logical operations and may be used for storing and processing data/information. Examples include desktop computers, mobile devices, IoT devices, and industrial controllers.
Data
Raw statistics and facts collected from either analysis or reference. It lacks context and can be stored in an electronic format.
Information
Processed data that offers context and can influence decisions.
Information System
An entire set of data, software, hardware, network, people, procedures, and policies dealing with processing and distributing information in an organization.
Computer Security
Measures and controls ensuring the confidentiality, integrity, and availability of information system assets, including hardware, software, firmware, and information being processed, stored, and communicated.
Confidentiality
Only authorized parties can view private/confidential information.
Integrity
Information is changed only in a specified and authorized manner.
Availability
Information is accessible to authorized users whenever needed.
Data at Rest
Data being stored in memory or on disk.
Data in Transit
Data being transferred between systems, in physical or electronic form.
Data in Use
Data being actively examined or modified, usually decrypted.
Security Threat
Any action/inaction that could cause disclosure, alteration, loss, damage, or unavailability of information assets.
Target
Organization’s assets such as hardware, software, data, and communication lines and networks.
Agent
Entity (people and/or organizations) originating the threat (intentional or unintentional).
Event
Malicious or accidental disclosure/alteration of information, misuse of authorized information, etc.
Vulnerability
Weakness in an information system, security procedure, internal controls, or implementation that could be exploited or triggered by a threat source.
Attack
A threat event deliberately executed by an agent against an asset with vulnerability.
Inside Attack
Initiated by an entity inside the security perimeter with authorized access but uses resources improperly.
Outside Attack
Initiated from outside the perimeter by an unauthorized or illegitimate user of the system.
Active Attack
An attempt to alter system resources or affect their operation, compromising integrity or availability.
Passive Attack
An attempt to learn or make use of information without affecting system resources, compromising confidentiality.
Deliberate Software Attacks
A deliberate action aimed at violating/compromising a system’s security using specialized software.
Malware
A program covertly inserted into a victim’s system with the intent to compromise CIA of data or disrupt operations.
Password Cracking
Discovering a password through methods like brute force, dictionary attacks, or guessing.
Denial of Service (DoS)
An attack that overwhelms a target system with requests, rendering it unavailable to legitimate users.
Spoofing
The insertion of forged identification data to gain illegitimate advantages, such as IP or email spoofing.
Sniffing
Use of a program or device to monitor data traveling over a network, often undetectable.
Man-in-the-Middle Attack
An attack where two computers believe they are communicating directly, but a third party is intercepting the data.
Phishing
An attempt to gain sensitive information by posing as a legitimate entity, often through email or fake websites.
Pharming
Redirecting users to a false website without their knowledge, typically through DNS poisoning.
White Hat
Ethical hackers hired to discover security vulnerabilities.
Gray Hat
Hackers who illegally access systems but typically do not exploit vulnerabilities.
Black Hat
Criminal hackers who use their skills for malicious activities.
Elite Hacker
Hackers capable of discovering new vulnerabilities and writing scripts to exploit them.
Script Writer
Hackers who write scripts to exploit known vulnerabilities.
Script Kiddies
Hackers with minimal knowledge, relying on scripts written by others to conduct attacks.
Economy of Mechanism
Design security mechanisms as simple and small as possible for easier testing and verification.
Fail-safe Defaults
Access should be based on permission rather than exclusion, with the default being lack of access.
Complete Mediation
Every access request must be checked against the control mechanism, without relying on cached decisions.
Open Design
Security mechanism design should be open rather than secret, avoiding ‘security by obscurity.’
Separation of Privilege
Multiple privilege attributes are required to achieve access to a restricted resource (e.g., multi-factor authentication).
Least Privilege
Users should operate with the minimum privileges necessary to perform their tasks.
Least Common Mechanism
Minimize shared functions across users to enhance mutual security.
Psychological Acceptability
Security mechanisms should not unduly interfere with users’ work and should meet the needs of access authorizers.
Encapsulation
Encapsulating a collection of procedures and data objects in its own domain to restrict access.
Modularity
Develop secure functions as separate modules and use modular architecture for security design.
Layering
Use multiple, overlapping protection strategies addressing people, technology, and operations.
Least Astonishment
Systems should behave in ways that are least likely to surprise the user.
Attack Surface
The reachable and exploitable vulnerabilities in a system.
Network Attack Surface
Vulnerabilities over networks, such as denial-of-service attacks or communication link disruptions.
Software Attack Surface
Vulnerabilities in software code, especially in web servers.
Human Attack Surface
Vulnerabilities created by personnel or outsiders, like social engineering and human error.