Threats And Security Measures (Chapter 6) Flashcards
CIA
Confidentiality
Integrity
Availability
Confidentiality
The fundamentals security goal of keeping information and communication private and protecting them from unauthorised access
Integrity
The fundamental security goal of ensuring that electronic data is not altered or tampered with
Availability
The fundamental security goal of ensuring that systems operate continuously and that authorized individuals can access data that they need
Hardening
A security technique in which the default configuration of a system is altered to protect the system against attacks
Security Policies
Covering all aspects of computer and network hardware from the purchase to disposal/change.
Security Controls
A technology or procedure to mitigate vulnerability and risk, and to ensure CIA of information
Logical security
Controls implemented in software to create an access control system (Firewall)
ACL
Access Control List
- Any scenario where a objects on a list are given access or denied
- NTFS permission
- Share permission
- Firewall
Triple A (AAA)
Authentication
Authorization
Accounting
Authentication
A means for a user to prove their identity to a computer system
Authorization
The process of determining what rights and privileges a particular entity has
Accounting
The process of tracking and recording system activities and resource access.
Aka auditing
Security Control Types
Physical Controls
- physical aspects
Procedural Controls
- procedure that needs to be followed
Logical Controls
- software implemented control
Legal, Regulatory, Compliance Control
- controls that need to be followed by law
Implicit Deny
Unless something has explicitly been granted access it should be denied access
Least Privilege
Something should be allocated the minimum necessary rights, privileges or information needed to perform it’s role
Encryption
Scrambling the characters used in a message so that the message can be seen but not understood or modified unless it’s deciphered.
- takes processing time to encrypted and decrypt data
Symmetric Encryption
- 1024-bit key encryption
- Single key used to encrypted and decrypt
- Copy of keys used to encrypted and decrypt need to be securely distributed and stored
- Faster and less intensive than asymptomatic encryption
Asymmetric Encryption
- Private key to Decrypt
- Public key to Encrypt
- often used for digital signatures, digital certificate and key exchange
- Uses RSA Cipher
Key Exchange
Two host need to know the same symmetric Encryption key without any other host finding out the key.
RSA Cipher
The first successful algorithm to be designed for public key encryption
Cryptographic Encryption
-A hashed value from which it is impossible to recover the original data.
- A one way cryptographic process
- Provides integrity function in most systems
Hash
The value that results from hashing encryption as a short representation of data
PKI
Public Key Infrastructure
Asymmetric Encryption for securekey distribution for symmetric Encryption
Certificate Authority
A server that control the distribution of digital certificate and the associated public/private key pairs
Digital certificate
- X.509 Certificate
- a guarantee that a key belongs to a given system
Execution Control (Hardening)
Logical security technologies designed to prevent malicious software from running on a host and establish a security system that does not entirely depend on the good behaviour of individual uswrs
Anti-Virus
Uses a database of know patterns (definitions and signature) to detect and prevents malware from executing
Heuristic
Monitoring technique that allows dynamic pattern matching based on past experience rather than relying on pre-loaded signatures
NAC
Network Access Control
A means of ensuring endpoint security
Firewall
Hardware/software that filters traffic passing into or out of a network
Defense in depth
Configuring security controls on hosts as well as providing network security, physical security and administrative controls.
- Multiple layers of security of different types
Health Policy
Policies or profiles describing a minimum security configuration that devices must meet to be granted network access
MAC filtering
Applying an access control list to a switch or access point so that only clients with approved MAC address can connect to it
Port-based NAC
Aka: IEEE 802.1x
Standard in which the switch/router performs some sort of authentication of the attached device before activating the port
Supplicant
A device requesting access from a Port-based NAC (IEEE 802.1X)
EAPoL (over land)
Framework for negotiation authentication methods, supporting a range of authentication devices.
MDM
Mobile device Manager
Software suits designed to manage use of smartphone and tablets within a company
BYOD
Security framework and tools to facilitate use of personal devices to access a corporate network and data
VPN
A secure tunnel created between two endpoints connect via an unsecured network.
- uses IPSec and encryption to create secure tunnel
- communicate are encrypted and packaged within another TCP/IP packet stream
IPSec
Layer 3 protocol suite providing security for TCP/IP
Vulnerability
Any weaknesses that could be triggered accidentally or exploited intentional to cause a security breach
Threat
Any potential violation of security policies or procedures
Threat agant
A person or event that triggers a vulnerability accidentally or exploits it intentionally
Risk
The likelihood and impact (consequences) of a threat actor exercising a vulnerability
Social Engineering
A hacking technique whereby the hacker gains useful information about an organisation by deceiving it’s user or by exploiting their insecure working practices
- Impersonation, phishing, spoofing,
Spear phishing, pharming, dumpster diving, shoulder surfing, tailgating
Impersonation
A type of social engineering attack where the hack impersonates someone to exploit the user
Phishing
A social engineering attack where fake emails are sent to individuals which are infected with malware, with the hope that one of the individuals will assume the email is legit and open it
Spoofing
A social engineering attack that redirect an individual to a link that resembles a legitimate site but in reality is a malicious copy of the site
Spear phishing
A social engineering attack that uses a personalised email with info about the person being targeted.
Pharming
A social engineering attack that uses malicious code that redirect individual to spoofed website with the intent of steal personal information
Dumpsters diving
Going through individual trash to gain personal information
Footpringing
An information gathering threat, in which the attacker attempts to learn the configuration of the network and security systems through social engineering attacks or software-basex tools
Network Mapping
Tools to gather information about the way the network is built and configured and the current status of hosts
Port scanning
Software that emulates the status of TCP and UDP ports on a target system. Port scanning can be blocked by some firewalls and IDS
Eavesdropping
Listening in to communicate sent over a media
MAC flooding
Overloading the switch’s MAC cache to prevent genuine devices from connecting
ARP poisoning
Maps IP address to NIC MAC address
Replay attack
Attack intercepts some authentication data and reuses it to try to re-establish a session
MITM
Man In The Middle attack
Attacker intercepts communication between two hosts
Mutual Authentication
A client authenticates to the server and the server authenticates to the client
Rainbow tables
Tool for speeding up attacks against windows password by precomputed possible hashes
Denial of Services
An attack that causes services to fail or be unavailable to legitimate users
Distributed Denial of Service
An attack with multiple computers attacking a service or weakness on a network
Zombie
A machine that is unknowingly been effected with malicious software that is used to direct systems resources to launch an attack (DDoS)
Botnet
A network of zombies machines that attack a services to disrupt, usually by overloading
Cyber warfare
The uses of IT serviced and devices to disrupt national, state or organisation activities, especially when used for military purposes
Hacker collectives
A group of hackers working together to target an organisation as part of a cyber warfare campaign
Zero-day exploit
An attack that exploits a vulnerability in software that is unknown to the software vendor and users
Cross-site Scripting Attacks
Web application vulnerability
Scripts are embedded in webpage URL and are executed by the browser
SQL Injection Attacks
Using SQL statement to attack a database that have faulty input validation.
Brute force
Attack are effective against short passwords
Remnant Removal
Data on a harddrive that has been deleted by users have the pointers to the data deleted. Specialized software can remap the pointers to recover the deleted data.
- to ensure data can not be recovered is by randomly rewriting data over all writeable areas
Data disposal
Disk wiping
- overwriting each disk location using zeros leaving the disk in a clean state
Low Level Format
- creates cylinder and escorts in the disk