Security

Question 1

Availability

Answer 1

Ensures the accessibility of data to users who should have access to it.
Threats to this can be accidental, such as someone accidentally deleting a file of unplugging a server, or even a natural disaster. Always have had measures in place to protect data from these events.
In Last Decade:
Deliberate Attacks called “denial of service” that attack Availability. engages a virus to use other comps to access a website and overwhelm it with traffic so actual users can’t use the site
Threats can also be deliberate, such as attacks which block access to legitimate users by overwhelming a server, viruses, etc.
Now security must be able to keep websites running in the face of these attacks.

Question 2

Threat and Risk Management

Answer 2

Practice of Identifying security problems (from an attack or accident), Prioritizing risks based on their likelihood of occurring and potential for damage, Identifying means by which a risk may be mitigated or avoided.

Question 3

Risk

Answer 3

possibility of something happening either good or bad

Question 4

Threat Mitigation

Answer 4

focus of security

Question 5

Risk Categories

Answer 5

Risk Avoidance, Acceptance, Mitigation, Transfer, Residual Risk

Question 6

Risk Avoidance

Answer 6

Actions to prevent a potential event from happening

e.g. backup generators for power outage

Question 7

Risk Acceptance

Answer 7

When you decide to not do anything about the risk.

possibility is remote, or too expensive.

Question 8

Risk Mitigation

Answer 8

a plan put in place to MINIMIZE the impact of an event.
May not be much to avoid risk but can be mitigated; i.e. for flooding (can’t be prevented but can prepare for it) have a backup location with servers.

Question 9

Risk Transfer

Answer 9

when you move responsibility for the event to someone better-equipped to handle it.
Let a specialist take care of handling the risk, let them set up the plan of action.

Question 10

Residual Risk

Answer 10

the risk that still remains even after you’ve done one or more of these actions.

Question 11

PoLP (Principle of Least Privilege)

Answer 11

Idea you can access comp resources using an identity that has the absolute minimum permissions to do what you need and nothing more.
In reality, we tend to have accounts with more privileges than we need at the given moment for the task we are completing because we may have many tasks to complete in the day and having a separate account limited to permissions for each task is not practical. Therefore, PoLP can be difficult to implement in detail and no one wants dozens of user accounts.

Question 12

PoLp prevents…

Answer 12

makes it less likely that you will accidentally damage something or that malware will “piggyback” on your access to do damage.

Question 13

One of the most important principles of security

Answer 13

Principle of Least Privilege

Question 14

How to get around difficulty of implementing PoLP

Answer 14

Can tier out PoLP to create general categories of Least Privilege

Question 15

Ways to Implement PoLP

Answer 15

Groups,
Administrators,
Standardization,
Third-Party Applications

Question 16

User Groups as a polp implementation

Answer 16

Can help categorize access needs. So rather than having to assign privileges granularly you can apply them to a whole group. Put ppl in multiple groups based on their privilege needs

Question 17

Administrators as a polp implementation

Answer 17

Often a second account for admins that need higher privilege accounts

Question 18

Standardization of user accounts

Answer 18

simplifies user management by creating a class or a template that establishes user account should be able to do

Question 19

Third-Party Applications

Answer 19

provide more detailed or situation-specific capabilities that the base windows OS. Not unusual to see COs that need more granular access permissions to implement a Third-Party Application. Use them to supplement the capabilities of Windows

Question 20

Attack Surface

Answer 20

Describes the range of things that are exposed to security risk. Often divided into three areas: Application, NW, User

Question 21

Application Attack Surface

Answer 21

Amount of code- more code = more potential bugs that can be exploited.
Number of inputs- every input is a piece of data that needs to be processed by the app. The more data an app accepts, the more possibility for some of it to be exploited.
The number of services the app consists of- roughly analogous to the amount of code.
The number of open communication ports- each one providing an opportunity for an attacker to communicate with and compromise the application.

Question 22

Network Attack Surface

Answer 22

Is the overall design built to be secure? NW built to be secure are: start by building an NW that does nothing and then add pieces to increase its functionality (rather than building a NW that does everything and creating security to protect everything).
As you add functionality you add security.