Security Engineering (WK8) Flashcards

1
Q

User and permission management

A

Adding and removing users from the system and setting up appropriate permissions for users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Software deployment and maintenance

A

Installing application software and middleware and configuring those systems so that vulnerabilities are avoided

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Attack monitoring, detection and recovery

A

monitoring the system for unauthorised access, design strategies for resisting attacks and develop backup and recovery strategies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the four types of misuse cases?

A

Interception: attacker gains access to an asset
Interruption: attacker makes part of a system unavailable
Modification: a system asset is tampered with
Fabrication: false information is added to a system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Security risk assessment: asset

A

Asset identification: Identify what has to be protected
Asset value assessment: estimate value of identified assets
Exposure assessment: identify potential losses associated with each asset
Threat identification: identify the most probable threats to the system assets

Example: (but represent in a table)
Asset: the information system
Value: high. required to support all clinical consultations. potentially safety-critical.
Exposure: high. financial loss as clinics may be cancelled. costs of restoring system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Security risk assessment: attacks

A

Attack assessment: decompose threats into possible attacks on the system and the way that these may occur
Control identification: oppose the controls that may be put in place to protect an asset
Feasibility assessment: assess the technical feasibility and cost of the controls
Security requirements definition: define system security requirements

Example (but represent in a table):
Threat: unauthorised user gains access as a system manager and makes system unavailable.
Probability: low
Control: only allow system management from specific locations that are secure.
Feasibility: low cost of implementation but care needs to be taken with key distribution.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Lifecycle and operational risk assessment

A

Done during system development

  • more information is available
  • vulnerabilities that arise from design choices may therefore be identified
  • Operational assessment: info about the environment is assessed. environment characteristics can lead to new system risks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the two main things with designing for security?

A
  • Architectural design

- Good practice (using accepted good practices in design)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Architectural design for security: two fundamental issues

A

Protection (assets are protected): How should the system be organised to protect assets?

Distribution: How should assets be distributed to minimise effects of a successful attack?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the three layers of protection (architecture design)?

A
  • platform-level: top level controls on the platform a system runs (OS, web browser, server, etc)
  • Application-level: Specific protection mechanisms built into the application itself (password protection, transaction management, database authorisation)
  • Record-level: protection invoked when access to specific information is requested (record encryption)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Distribution of assets - why?

A

Means that attacks on one system don’t necessarily result in complete loss of system service. Each platform has seperate protection features so as to not share a common vulnerability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

DG: Base security decisions on an explicit security policy

A

Define a security policy for the organisation that sets out the fundamental security requirements that should apply to all organisational assets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

DG: Avoid a single point of failure

A

Ensure that a security failure can only result when there is more than one failure in security procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

DG: Fail securely

A

When systems fail, ensure that sensitive information cannot be accessed by authorised users even although normal security procedures are unavailable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

DG: balance security and usability

A

Try to avoid security procedures that make the system difficult to use. Sometime you have to accept weaker security to make the system more usable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

DG: Log user actions

A

Maintain a log of user actions that can be analysed to discover who did what

17
Q

DG: Use redundancy and diversity to reduce risk

A

Keep multiple copies of data and infrastructure so that an infrastructure vulnerability cannot be the single point of failure.

18
Q

DG: Validate all inputs

A

check that inputs are within range so that unexpected inputs cannot cause problems

19
Q

DG: compartmentalise your assets

A

organise the system so that assets are in seperate areas and users only have access to the information that they need rather than all the information

20
Q

DG: Design for recoverability

A

Design the system to simplify recoverability after a successful attack