Module 5 - Security Concerns

Question 1

What are the three properties of secure information?

Answer 1

Confidentiality, Integrity, and Availability (the CIA Triad)

Question 2

What is security?

Answer 2

The practice of controlling access to something (a resource)

Question 3

List three confidentiality concerns in the context of security.

Answer 3

1. Snooping
2. Eavesdropping/Wiretapping
3. Social engineering/Dumpster Diving

Question 4

If someone attempts to get access to information or a host or storage device (data at rest) that they are not authorized to view (e.g., by stealing password, using an unlocked workstation, or installing spyware), breaking confidentiality, what is this called?

Answer 4

Snooping

Question 5

What is it called when someone snoops on data or telephone conversations as they pass over the network? Also what is another name for it?

Answer 5

Eavesdropping/wiretapping. Also called sniffing.

Question 6

How can networks protect data in transit from eavesdropping/wiretapping (sniffing)?

Answer 6

Segmentation and encryption

Question 7

What is it called when someone gets users to reveal secure information or finds vulnerable printed information, sometimes posing as IT professionals or technical support?

Answer 7

Social engineering/dumpster diving

Question 8

What are some passive threats to security?

Answer 8

Copying data to an unsecure storage location or attaching the wrong file to an email

Question 9

What are three types of integrity attacks that threaten security?

Answer 9

1. Man in the Middle
2. Replay
3. Impersonation

Question 10

What is the security concern dealing with information being known only to authorized users?

Answer 10

Confidentiality

Question 11

What is the security concern that protects information being stored and transferred as intended and not being modified without authorization?

Answer 11

Integrity

Question 12

What is the security concern that ensures that information is accessible to those authorized to view or modify it?

Answer 12

Availability

Question 13

What is it called when a host sits between two communicating notes and transparently monitors, captures, and relays all communication between them? The attacker may change messages between a sender and receiver without the team’s knowledge.

Answer 13

Man-in-the-Middle (MitM)

Question 14

What policies/processes can be used to protect against an MitM attack?

Answer 14

Authentication of users and encryption to validate messages

Question 15

When a host captures another host’s response to some server and replays that response to gain authorized access, what is it called? This may involve exploiting an access token generated by software.

Answer 15

Replay

Question 16

How can an encryption protect against replay?

Answer 16

With encryption and timestamping so that tokens cannot be misused

Question 17

What is a common attack where someone attempts to figure out a password or other credentials to gain access to a host through, for example, interception of password packets or brute force?

Answer 17

Impersonation

Question 18

What are some threats against availability from a security standpoint?

Answer 18

1. Accidents
2. Oversights
3. Denial of Service (DoS)/Distributed Denial of Service (DDoS)
4. Power Outage
5. Hardware Failure
6. Destruction
7. Service Outage