Security Basics

Question 1

What is computer security

Answer 1

The protection of computer systems from theft or damage to: the hardware; software and data

Question 2

How do you provide the protection for computer systems

Answer 2

• Controlling physical access to hardware
• Controlling malpractice by users
• Protecting against harm from: network access, bad data or a code injection.

Question 3

Three keys properties of computer security

Answer 3

Confidentiality
Integrity
Availability
(CIA)

Question 4

Confidentiality

Answer 4

The confidentiality of data is kept private or restricted as intended. Therefore only authorised users can access specific data.

Question 5

Integrity

Answer 5

Integrity is maintained only if data is authentic, reliable and accurate.

Question 6

Availability

Answer 6

The availability of data is maintained if data can be used or obtained.

Question 7

When is confidentiality the most important requirement?

Answer 7

• The value of the data depends on limiting access to it.
• Data is a proprietary data of a company
• Data is a record of peoples personal activities, or involve personal sensitive info.

Question 8

When is integrity the most important requirement?

Answer 8

Data is financial data - Integrity is typical highest concern in banking systems.
Inaccurate and inconsistent data loses value

Question 9

When is availability the most important requirement?

Answer 9

Data is required to be sent or seen to a larger populous.

Question 10

Authentication

Answer 10

Determining whether someone or something is what they say they are.
Only authenticated users or processes are permitted to access protected resources

Question 11

Non repudiation

Answer 11

The ability to ensure someone cannot deny or contest something.
So the inability to refute responsibility.

Question 12

Threat

Answer 12

A potential negative action or event that has the potential to harm a computer system.

Question 13

Vulnerability

Answer 13

a weakness within an IT system that can be exploited by a threat to deliver a successful attack.

Question 14

Risk

Answer 14

The potential for loss or damage when a threat exploits a vulnerability.

Question 15

Risk equation

Answer 15

Risk = Threat x Vulnerability

Question 16

Why are unsecured systems and data irresistible targets for cyber criminals?

Answer 16

There might be information of sensitive nature. Such as personal information, bank details, health records.

Question 17

What could cyber criminals do to your computer

Answer 17

Data in a computer may be stolen.
It may be misused or altered by unauthorised intrusion.
Malicious intents such as: modifying source code, changing passwords, posting derogatory content.

Question 18

DDOS

Answer 18

Distributed denial of service, it is an attack made to prevent access to a website by crashing its server

Question 19

What costs come with cyber security

Answer 19

Economic cost
Reputational cost
Regulatory costs

Question 20

Economic cost

Answer 20

Theft of intellectual property, corporate information, disruption in trading, and the cost of repairing damaged systems

Question 21

Reputational cost

Answer 21

Loss of consumer trust, loss of current and future customers to competitors and poor media coverage.

Question 22

Regulatory cost

Answer 22

GDPR and other data breach laws mean that organisations can suffer fines or sanctions as a result of cyber crimes