Section C Flashcards
NAME 5 TOOLS THAT ARE USED TO IDENTIFY VULNERABILITIES IN A COMPUTER SYSTEM
PORT SCANNERS - SCAN A COMPUTER FOR ANY OPEN PORTS THAT COULD BE EXPLOITED BY HACKERS
REGISTRY CHECKER - PERFORMS BACKUPS OF THE REGISTRY, MAKING IT EASIER TO RESTORE IT TO A PREVIOUS STATE
WEBSITE VULNERABILITY SCANNERS- SEARCHES FOR VULNERABILITIES ON WEBSITES SUCH AS CROSS-SITE SCRIPTING(XSS), SQL INJECTION AND INSECURE SERVER CONFIGURATION
VULNERABILITY DETECTION AND MANAGEMENT SOFTWARE -
SCANNERS FOR VULNERABILITIES ON IT SYSTEMS
ACCESSING USER VULNERABILITIES-
IDENTIFIES ANY VULNERABILITIES THAT MIGHT BE CAUSED BY THOSE USING THE SYSTEM
WHAT IS PENETRATION TESTING
A PENETRATION TEST IS WHEN A CYBER-ATTACK IS STIMULATED AGAINST A COMPUTER SYSTEM OR NETWORK TO IDENTIFY VULNERABILITIES THAT COULD BE EXPLOITED BY A MALICIOUS HACKER
WHO ARE THE OWASP
THEY STAND FOR OPEN WEB APPLICATION SECURITY PROJECT, THEY ARE AN ORGANISATION THAT IDENTIFY COMMON THREATS THAT COULD OCCUR TO A WEB APPLICATION
WHAT ARE THE TOP 10 RECENT THREATS
INJECTION FLAWS -
BROKEN AUTHENTICATION -
SENSITIVE DATA EXPOSURE -
XML EXTERNAL ENTITIES -
BROKEN ACCESS CONTROL -
SECURITY MISCONFIGURATION -
CROSS-SITE SCRIPTING -
INSECURE DESERIALIZATION -
USING COMPONETS WITH KNON VULNERABILITIES
INSUFFICIENT LOGGING AND MONITORING -
WHAT IS A RISK
A RISK IS A THREAT THAT COULD RESULT IN SOME FORM OF LOSS
WHAT IS THE FIRST STEP IN IDENTIFYING THE SEVERITY OF A RISK FOR EACH THREAT
THE FIRST STEP IS TO IDENTIFY IT’S LIKELIHOOD OF OCCURING AND THE IMPACT LEVEL IT COULD CAUSE
WHAT ARE THE 3 PROBABILITIES OF THREATS OCCURING
UNLIKELY - NOT EXPECTED TO HAPPEN BUT COULD
LIKELY - WILL PROBABLY HAPPEN AND REOCCUR BUT NOT CONSTANTLY
VERY LIKELY - WILL CERTAINLY HAPPEN AND REPEATEDLY AND EVEN FREQUENTLY
WHAT ARE THE 3 LEVELS OF IMPACT THAT COULD BE CAUSED
MINOR - UNLIKELY THAT MUCH WILL BE LOST BUT THERE MIGHT BE SOME FINANCIAL LOSS
MODERATE - SOMETHING WILL BE LOST AND FINANCIAL DAMAGE WILL HAVE AN IMPACT ON THE ORGANISATION
MAJOR - HIGH AMOUNT OF LOSS WILL BE CAUSED AND FINANCIAL DAMAGE IS LIKELY TO BE SUBSTANTIAL
WHEN ARE RISK ASSESSMENTS CARRIED OUT
THEY SHOULD BE CARRIED OUT DURING THE DESIGN OF A SYSTEM AND AT REGULAR INTERVALS DURING OPERATION IN ORDER TO AUDIT SECURITY PROCESSES. A RISK ASSESSMENT IS ALSO DONE WHEN THERE IS A BREACH
WHAT ARE THE 5 STEPS TO PERFORMING A RISK ASSESSMENT
IDENTIFY POSSIBLE THREATS
IDENTIFY LIKELIHOOD OF THREATS
ASSESS THE VULNERABILITIES
ASSESS THE IMPACT LEVEL
DETERMINE THE RISK SEVERITY
WHY IS IT IMPORTANT THAT WE DOCUMENT OUR RISK ASSESSMENT
SO THAT WE CAN REFER TO IT LATER WHEN PRODUCING THE SECURITY PLAN
WHAT STRUCTURE DO YOU FOLLOW WHEN DOCUMENTING A RISK ASSESSMENT
YOU MUST FILL IN THE FOLLOWING DETAILS:
THREAT NUMBER
THREAT TITLE
PROBABILITY
IMPACT LEVEL
RISK SEVERITY
EXPLANTION OF THE THREAT IN CONTEXT
WHAT IS THE PURPOSE OF A CYBER SECURITY PURPOSE
A CYBER SECURITY PLAN WILL IDENTIFY HOW WE WILL PROTECT OURSELVES FROM BEING AFFECTED BY THE THREATS IDENTIFED IN THE RISK ANALYSIS
WHAT ARE 8 HEADINGS WE NEED TO IDENTIFY IN A CYBER SECURITY PLAN
- THREAT ADDRESSED BY THE PROTECTION MEASURE
- ACTIONS TO BE TAKEN
- REASONS FOR THE ACTION
- OVERVIEW OF TECHNICAL AND FINANICAL CONSTRAINTS
- OVERVIEW OF LEGAL RESPONSIBILITIES
- OVERVIEW OF USABILITY OF THE SYSTEM
- OUTLINE COST BENEFIT
- TEST PLAN
What are the financial and technical costs that could occur when developing a new network
- The configuration of the software or hardware will require IT specialists
- Hardware or software may be limited in performing the security measure
- Training costs for staff so that they can use the new system
