Prelim Flashcards
What is E-commerce?
Any transaction online, including online banking, software services, remote service providers, or online course platforms.
What are the key specifications of Real-world Security?
- Specifications/policy : What is the system supposed to do
- Implementation mechanism : How does it do it?
- Correctness/assurance : Does it really work?
- Human Nature : Can the system survive “clever users”?
What you might want in a software?
*Privacy
*Protection against phishing, vishing
*Integrity
*Authentication
*Authorization
*Confidentiality
*Non-repudiation
*Availability
It is the protection against unauthorized modification or destruction of information.
Integrity
Ensures that information is not disclosed to unauthorized persons.
Confidentiality
The process of verifying the identity of a user, message, or originator.
Authentication
Provides proof of data delivery and sender identity, so that neither party can later deny having processed the information.
Non-repudiation
It is the guarantee of timely, reliable access to data and information services for authorized users.
Availability
What does Availability refer to in information security?
Timely, reliable access to data and information services for authorized users.
Define Integrity in the context of information security.
Protection against unauthorized modification or destruction of information.
What is Confidentiality in information security?
Assurance that information is not disclosed to unauthorized persons.
What is Authentication?
Security measures to establish the validity of a transmission, message, or originator.
What does Non-repudiation mean?
Assurance that the sender has proof of data delivery and the recipient has proof of the sender’s identity.
What are the types of assets in information security?
- Physical assets: Devices, computers, people
- Logical assets: Information, data, intellectual property
- System Assets: Software, hardware, data, personnel resources
What is an attack in the context of information security?
An attempt to gain access, cause damage to, or otherwise compromise information and/or systems.
What is a Passive attack?
An attack in which the attacker observes interaction with the system but does not directly interact with the system.
Define an Active attack.
An attack in which the attacker directly interacts with the system.
What is an Unintentional attack?
An attack where there is no deliberate goal of misuse.
What is Exposure in information security?
An instance when the system is vulnerable to attack.
Characteristics of information to be useful
Accurate
Timely
Complete
Verifiable
Consistent
Available
Aspects of Information Needing protection
Availability
Confidentiality
Authentication
Non-repudiation
is the resource being protected
Assets
Physical assets
devices, computers, people
Logical assets
information, data (in transmission, storage, or processing), and intellectual property
System assets
any software, hardware, data, administrative, physical, communications, or personnel resource within an information system
What does Compromise refer to?
A situation in which the attack has succeeded.
What is a consequence of an attack?
The outcome of an attack, which may include disruption, corruption, or exploitation.
What is meant by Disruption in the context of consequences?
Targets availability.
What is meant by Corruption in the context of consequences?
Targets integrity.
What is meant by Exploitation in the context of consequences?
Targets confidentiality.
is a type of consequence, involving accidental exposure of information to an agent not authorized access.
Inadvertent disclosure
Taxonomy of attacks with relation to security goals
Threat to Confidentiality
Threat to integrity
Threat to availability
Taxonomy of attacks with relation to security goals
Threat to Confidentiality
Snooping
Traffic analysis
Taxonomy of attacks with relation to security goals
Threat to integrity
Modification
Masquerading
Replaying
Repudiation
Taxonomy of attacks with relation to security goals
Threat to availability
Denial of service
What is the definition of Authentication?
The process of recognizing a user’s identity.
What is Authorization?
The process that determines what a user is able to do and see on a website.
What is Malware?
Malicious software designed to disrupt, damage, or gain unauthorized access to systems.
Malware Prevention Methods
Regular Software Updates
Antivirus Software
Network Segmentation
Educate Users
Malware Prevention Tools and Strategies
Patch Management Systems
Endpoint Detection and Response (EDR)
Regular Backups
Network Segmentation
List examples of Malware.
- Viruses
- Worms
- Ransomware
- Trojans
- Spyware
- Adware
What is Phishing?
Tricking individuals into providing sensitive information by pretending to be a trusted entity.
What are common forms of Phishing?
- Emails
- Fake websites
- SMS (‘smishing’)
- Voice calls (‘vishing’)
Phishing Prevention Tools and Strategies
1 . Email Security Gateways
2 . Phishing Simulations
3 . Zero Trust Access
4 . Threat Intelligence Feeds
Social Engineering Prevention Methods
Strict Access Control
Verify Requests
Awareness Programs
Incident Reporting
Software Vulnerabilities
Flaws or weaknesses in code that attackers can exploit to compromise systems, steal data, or gain unauthorized access
Hardware Vulnerabilities
Weaknesses in network protocols, configurations, or infrastructure that can lead to unauthorized access or data interception
Common Vulnerabilities
- Weak or Default Credentials
- Man-in-the-Middle (MITM) Attacks
- Unsecured Network Devices
- Denial of Service (DoS) and Distributed Denial of Service (DDos Attacks:
- Outdated or Insecure Protocols
What is Social Engineering?
Exploiting human psychology to manipulate individuals into divulging confidential information.
What are examples of Social Engineering?
- Pretexting
- Baiting
- Tailgating
- Quid pro quo attacks
What are Denial of Services (DoS) Attacks?
Overloading systems or networks to make them unavailable to legitimate users.
What are Man in the Middle (MITM) Attacks?
Intercepting communication between two parties to eavesdrop or alter data.
What are Password Attacks?
Cracking or stealing passwords through brute force, dictionary attacks, or keylogging.
What are Zero Day Exploits?
Exploiting software vulnerabilities before the vendor releases a patch.
Define Cryptology.
The process of making and using codes to secure the transmission of information.
Where did the word Cryptology came from?
Greek words Kryptos and Grahein
“Kryptos” means hidden
“Grahein” means to write
Code Breaking
Cryptanalysis
Code designing
Cryptography
What does Cryptanalysis refer to?
The process of obtaining the original message from the encrypted message.
What is cryptography?
The practice and study of encryption to prevent unauthorized reading of information.
What does a cryptographic system typically include?
- Private key cipher
- Message integrity techniques
- Secure identification/authentication techniques
What is a Private Key cipher?
A cipher where the secret key is shared between two parties.
What is a Public Key cipher?
A cipher where the secret key is not shared, allowing communication using public keys.
What is the operation principle of the Caesar Cipher?
Each letter is translated into the letter a fixed number of positions after the letter in the alphabet.
What is a Block Cipher?
- Are stronger but slower and often implemented in hardware
- One or large block at a time
- Substitution and transposition
What is the Electronic Codebook (ECB) mode?
Each block is encrypted with the same key—identical plaintext block created identical cipher block
Simplest Encryption mode
What is Cipher Block Chaining (CBC)?
Each plaintext block is XORed with the previous ciphertext block, adding randomization.
What is the Counter (CTR) mode?
Encrypting using the value of a counter. Plaintext can be any size - XOR 8 bits at a time instead of 128 bit block
Acts like a stream cipher
What is a Stream Cipher?
- Are fast and easy to implement in hardware
- Encryption is performed 1 bit or 1 byte at a time
- Mixes plaintext with key stream
- Either using Symmetric Key or Public Key
- The starting state should never be the same twice — uses initialization vector
What is Symmetric cipher?
involves using a single key to encrypt and decrypt data
What is Asymmetric Cipher?
encryption uses two keys - one public and one private - to encrypt and decrypt data
What is an assumption in information security?
It can help find underlying vulnerabilities.
Digest
can be used to check the integrity of a message: that the message has not been changed
Substitution cipher
replaces one symbol with another
Plaintext
- A message in its natural format readable by an attacker
- Original message or data (also called cleartext
Ciphertext
Message altered to be unreadable by anyone except the intended recipients
Encryption
Transforming the plaintext under the control of the key
Key
Sequence that controls the operation and behavior of the cryptographic algorithm
Decryption
Transforming the ciphertext back to the original plaintext
Types of Cryptography
Stream Ciphers
Block Ciphers
Confusion
Key to ciphertext relationship is very complicated
Key cannot be determined on the ciphertext
Diffusion
Output should be different from the input
Change 1 bit of the input, at least 50% of the output should change
Block Cipher Mode Operations
- Electronic Codebook (ECB)
- Cipher Block Chaining (CBC)
- Counter (CTR)
