Principles of Cyber Security Flashcards

1
Q

DAC

A

Discretionary Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

DAC: DACL

A

DAC List
Tracks permissions against each object

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

DAC: Access Matrix

A

Combined DACLs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

DAC: Advantages

A

Easily Implementable
Highly Flexible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

DAC: Disadvantages

A

Poor Scaling (Matrix Explosion)
Prone to Mistakes (Complex Policy Management)
Frequent Changes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

MAC

A

Mandatory Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

MAC: Object Access Requirements

A

At least the specified clearance level
All need-to-knows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

MAC: Advantages

A

Most Secure
Easily Scalable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

MAC: Disadvantages

A

Not Flexible
Limited User Functionality
High Admin Overhead

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

RBAC

A

Role-based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

RBAC: Role Hierarchies

A

Roles can inherit permissions from other roles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

RBAC: Constraints

A

Restricts roles:
- Mutually Exclusive Roles (Subject has only one role)
- Cardinality Restrictions (Constrain number of subjects assigned to role)
- Prerequisite Roles (Must hold specified role before assignment of new role)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

RBAC: Consolidated

A

Combines Role Hierarchies and Constraints

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

RBAC: Advantages

A

Scalable
Flexible (Loose coupling of user and perms)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

RBAC: Disadvantages

A

Roles need provisioning and maintenance
Possible rule explosion
Cannot accommodate real-time context

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

ABAC

A

Attribute-based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

ABAC: Subject Attributes

A

Identity and characteristics of a subject e.g. name, job title, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

ABAC: Object Attributes

A

Extracted from object metadata

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

ABAC: Environment Attributes

A

Describe the current environmental context e.g. current malware threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

ABAC: Advantages

A

Dynamic
Fine-grained
Considers the Environment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

ABAC: Disadvantages

A

Attributes need provisioning and maintenance
Possible Attribute Explosion
Complexity to Design and Implement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

CVE

A

Common Vulnerabilities and Exposures (CVE)

A weakness knowledge base that lists common identifiers for publicly known cybersecurity vulnerabilities.

Each entry contains
- CVE ID
- A brief description
- Any pertinent references i.e. vulnerability reports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

NVD

A

National Vulnerability Database (NVD)

A weakness knowledge base informed by CVE and run by the U.S. government

NVD analyses CVEs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

CWE

A

Common Weakness Enumeration (CWE)

A weakness knowledge base. Community-developed list of common software weaknesses and vulnerabilities.

Acts as a baseline for weakness identification, prevention, and mitigation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
CAPEC
An Attack Technique Knowledge Base Describes common techniques employed by adversaries Focuses on application security by enumerating exploits against vulnerable systems (including Social Engineering and Supply Chain Attacks) CAPECxploits. Lists exploits of vulnerable systems
26
ATT&CK
An Attack Technique Knowledge Base Describes phases in an adversary's lifecycle and specific TTPs that APTs use. Focuses on network defence by providing a contextual understanding of malicious behaviour. Focuses on adversaries interactions with the system, not the tools used ATT&ACK P T
27
TTP
Tactics, Techniques, and Procedures
28
Cyber Essentials
A UK cybersecurity certification scheme designed to help businesses protect themselves against the most common cyber threats
29
Cyber Essentials: Firewalls
Ensure only necessary network services can be accessed from the internet to reduce exposure to attacks All inbound connections are blocked by default except those towards services meant to be accessed from the internet and every inbound rule that accepts connections must be motivated and documented
30
Cyber Essentials: Secure Configuration
Ensures devices are configured to reduce vulnerabilities and provide only strictly required services All unnecessary software is removed/disabled, auto-run features are disabled, default/guessable passwords are changed
31
Cyber Essentials: User Access Control
Ensures user accounts are only for authorised individuals and only provide access to required resources Requires - Setup of a process and approve a new user account - Always authenticate users before granting access to applications and devices - Remove/disable accounts when no longer required - Use 2FA - Use admin accounts only for admin activities
32
Cyber Essentials: Malware Protection
Ensures untrusted software is restricted and known malware is restricted Requires - Anti-malware software that is up to date with daily checks. It should automatically scam when files are downloaded, opened, or accessed from a network folder. Web pages should be automatically scanned with blacklisting of malicious and suspicious websites - Application whitelisting - Application sandboxing for code of unknown origins
33
Cyber Essentials: Patch Management
Ensures devices and software are not vulnerable to known security issues for which fixes are available All software is updated, licensed and supported
34
Additional Defences: Data Protection
Encrypt, fragment, backup, sanitise data to prevent data leaks
35
Additional Defences: Segregation of Duties
Have more than one person required to complete a critical task. More accounts need to be compromised to undermine it
36
Additional Defences: Network Fragmentation & Monitoring
Split up network infrastructure based on business process, necessary exposure and risk levels. Firewalls used between boundaries Use intrusion detection systems to observe network traffic and detect malicious traffic. Signature or anomaly based Machine learning helps with accuracy Can suffer from false positives
37
Additional Defences: Honeypots
Decoys to lure in attacks for analysis High-Interaction Honeypots: Close mimic, extensive interaction & analysis Low-Interaction Honeypots: Simulate a few services, reduces risk of compromise
38
Additional Defences: Pentesting
Authorised attacks aimed at identifying how an attacker can compromise the system
39
Additional Defences: Pentesting: PTES
Penetration Testing Execution Standard Comprehensive framework for effective and consistent pentesting
40
Additional Defences: Standards
Guide security principles Efficient for driving adoption Compliance-driven security risks shifting focus to meeting regulations rather than tackling security risks, giving a false sense of security
41
APT: Lifecycle
Reconnaissance Initial Compromise Post-Exploitation (Repeated until goal accomplished)
42
APT: Post-Exploitation: Persistence
Achieved through malware (backdoors, rootkits, remote access trojans (RATs), keyloggers) or stolen credentials (allowing maintained access if other vulnerabilities are patched)
43
APT: Post-Exploitation: C&C Communication
Encrypt data using non-standard communication protocols or use innocent-looking traffic to hide malicious activity
44
APT: Post-Exploitation: C&C Communication: Push Model
Attacker sends commands to C&C control hub which relays them to the compromised system
45
APT: Post-Exploitation: C&C Communication: Pull Model
Attacker leaves commands at the hub, the compromised system periodically polls the hub, the machine leaves outputs at the hub and the attacker periodically polls the hub
46
APT: Post-Exploitation: Lateral Spread
Seek new systems to compromise within the network via analysis of compromised machines (to gather credentials), network analysis (to find targets), and stealing credentials (using social engineering)
47
APT: Post-Exploitation: Data Exfiltration
Exfiltrate sensitive information to an external system. Staging servers can accumulate and transform data to reduce data size and help avoid detection. Faster transfer speeds risk detection Data is hidden in other data using steganography, the practice of hiding information in other data
48
Cryptography
The practice of secure communication in the presence of an adversarial third party
49
Cryptography: Symmetric Encryption
The same key is used to encrypt and decrypt data. Requires N(N-1)/2 keys
50
Cryptography: Asymmetric Encryption
A sender encrypts data using the recipients public key and the recipient decrypts the data using their private key. Requires N x 2 keys where N is the number of communicating nodes
51
Cryptography: Digital Signature
Used to verify the authenticity and integrity of data. Generated by creating a hash of the data and encrypting the hash when transferring the data. The recipient can then decrypt the hash and the data and compare the received data’s hash with the received hash.
52
Cryptography: Distributing Keys: Private Key Distribution: Public Key Encryption
To send a private key, asymmetric (public key) encryption. The recipient can send a public key used to encrypt the data. Vulnerable to Man in the Middle Attacks where the adversary intercepts the public key from the recipient and sends it on their own to the sender.
53
Cryptography: Distributing Keys: Private Key Distribution: Diffie-Hellman Symmetric Key Encryption
Two parties agree on public parameters including a large prime number and primitive root modulo. Uses a property of modulus to send the keys Susceptible to Man in the Middle Attacks
54
Cryptography: Distributing Keys: Public Key Distribution
Recipient needs to know with certainty the sender’s public key to validate a digital signature or to encrypt messages so they can avoid man in the middle attacks
55
Cryptography: Distributing Keys: Public Key Distribution: Digital Certificate
Consist of a public key and a user ID both signed by a trusted third party
56
Cryptography: Distributing Keys: Public Key Distribution: Public Key Infrastructure
The infrastructure needed to create, manage, distribute and revoke digital certificates to enable secure and efficient acquisition of public keys
57
Cryptography: Distributing Keys: Public Key Distribution: Public Key Infrastructure: CA
Certification Authority Responsible for issuing, distributing, and revoking public key certificates. The CA uses a well-protected private key to add a digital signature to mark it as authentic. User’s have public keys for the CA’s digital signature built into operating systems
58
Cryptography: Distributing Keys: Public Key Distribution: Public Key Infrastructure: RA
Registration Authority The CA uses the RA to authenticate applicants for digital certificates
59
Cryptography: Distributing Keys: Public Key Distribution: Public Key Infrastructure: PKI Repository
Stores all certificates
60
Cryptography: Distributing Keys: Public Key Distribution: Public Key Infrastructure: PKI Repository: CRL
stores certificates revoked before the scheduled expiration date. It is not issued frequently enough to be effective against attackers. It is expensive to distribute and vulnerable to DoS attacks Certificates can be revoked because of - Compromised Private Key - Expiration - Human Resources - Changes to Company Name, Physical Address, DNS
61
Cryptography: Distributing Keys: Public Key Distribution: Public Key Infrastructure: X.509
A widely accepted standard format for digital certificates. Instead of CRL, the Online Certificate Status Protocol (OCSP) is used to query if the certificate is still valid
62
Social Engineering
Use of psychological manipulation to deceive people into compromising security or divulging sensitive information
63
Social Engineering: Compliance Principles
Reasons to comply * Friendships * Commitments / Consistency * Scarcity (Exclusive opportunity) * Reciprocity (Obligation to return a favour) * Social Validation (Admiration of other’s actions) * Authority (Requests from those with power)
64
Social Engineering: Communication Methods
* Direct Communication * Bidirectional Communication: Both target and attacker exchange information * Unidirectional Communication: Only attack communicates * Indirect Communication: Attacker uses third-party channels to communicate such as fake website
65
Social Engineering: Techniques
Information Gathering: Gathering of personal information for malicious purposes, gathered from: * Company Websites * Social Networks * Dumpster Diving * Shoulder Surfing Prevented by using shredders and educating employees on being aware of their social presence Interaction with Target: Contacting the target to establish trust or instil fear * Phishing: Fraudulent emails designed to trick recipients into divulging sensitive data * Spear Phishing: Targeted phishing * Whaling: Spear phishing of high-level individuals with access to company funds * Vishing: Voice Phishing e.g. fraudulent bank call * Smishing: SMS Phishing Physical Impersonation: Attacker impersonates maintenance worker, delivery driver, etc. Prevented by filtering emails by analysing links, spelling, grammar. Not downloading attachments. Not providing personal information. Education, be wary of demanding language Tailgating: Attacker follows someone with legitimate access into a restricted area Baiting: Attacker offers incentive such as a USB drive to entice the target into downloading malware
66
Cyberwarfare: Appeal
* Cost-Effective: Cheap, openly available tools instead of expensive troops and weapons * Anonymity: Use of false IP addresses, foreign servers, and aliases make tracing attack origins difficult * Attribution is Near Impossible: Attacker has plausible deniability, claiming their computer has been hacked * Cyber Deterrence: Retaliation against the wrong actor is unjust and could be a crime of war * No Casualties * Disruption over Destruction * Extremely Quick * Hard to Detect & Neutralise * Exploitable Vulnerabilities Increase as Technology Evolves
67
Bitcoin: Wallet
Stores public/private keys required to access and manage funds
68
Bitcoin: Addresses
* Public keys generate addresses used to receive payment * One address per payment, so that the amount of information publicly available on a user is reduced * Provides pseudo-anonymity
69
Bitcoin: Transaction: Inputs
References to previous transactions. Must not already be spent, tracked Unspent Transaction Outputs (UTXOs) against a wallet
70
Bitcoin: Transaction: Outputs
Determine where bitcoins will be sent
71
Bitcoin: Transaction: Digital Signature
* Transactions are digitally signed to prove ownership and ensure integrity before being broadcast across the bitcoin network. Nodes then verify the digital signature and the funds required, the transaction is then included in blocks by miners. * Transaction blocks have a reference to the hash of the previous block. Changing any block would require updating all subsequent blocks
72
Bitcoin: Advantages
Decentralised, trustless, pseudo-anonymity, immutable transaction history
73
Bitcoin: Disadvantages
High transaction fees reduce profits and makes it less attractive to customers, slow transaction confirmation, not a stabilised currency, lack of regulations