TUTORIAL 1 - INTRO TO INFOCOMM SECURITY

Question 1

examples of recent attacks

Answer 1

USB flash drive malware/USB killer

WINVote voting machine tampering

Vtech security breach
stolen data from European Space Agency

IRS fraud

Hyatt Hotels Corporation hacked

Question 2

reasons for successful attacks

Answer 2

widespread vulnerabilities

configuration issues

poorly designed software

hardware limitations

enterprice-based issues

Question 3

what are the tasks and goals of information security

Answer 3

tasks of securing info in digital format:

manipulated by microprocessor

preserved on storage device

transmitted over network

goal:

to ensure that protective measures properly implemented to ward off attacks & prevent total collapse of system when attacked
as security ↑, convenience ↓

Question 4

3 types of info protection (CIA)

Answer 4

confidentiality: only approved individuals may access info

integrity: info is correct & unaltered

availability: info accessible to authorised users

Question 5

what are the information security layers

Answer 5

products layer

form security around data
Eg. door locks, net sec eq, etc

people layer

those who implement & use sec products to protect data

policies & procedures layer

plans & policies etablished by enterprise to ensure that people crrectly use the products

Question 6

what are the different types of terminologies

Answer 6

asset
threat
threat actor
vulnerability
threat vector
risk
Identity Theft

Question 7

what is the definition of the (ATT) terminology

Answer 7

asset: item with value

threat: action that may cause harm

threat actor: person/element who can cause threat ( individuals who launch attacks against other users & their pcs )

Question 8

what does vulnerability mean

Answer 8

flaw/weakness that allows threat agent to bypass security

Question 9

what is a threat vector

Answer 9

means which attack can occur

Question 10

define risk

Answer 10

situation that involves exposure to some danger

Question 11

what are some risk response techniques

Answer 11

accept: risk acknowledged but no steps taken to address yet

transfer: transfer risk to 3rd party

avoid: identify risk but make decision not to engage in activity

mitigate: address risk by making risk less serious

Question 12

what is an identity theft

Answer 12

stealing another person’s personal info, usually for financial gain

Question 13

what are the types of identity theft

Answer 13

steal person’s SSN (social security no.)

create new credit card acc to charge purchases & leave unpaid

file fraudulent tax returns

Question 14

what importance does information security hold

Answer 14

preventing data theft

thwarting identity theft

avoiding legal consequences of not securing info

maintaining productivity

foiling cyberterrorism

Question 15

what is preventing data theft

Answer 15

it is the primary objective of an organization’s information security

it involves stealing proprietary
(owned) business information

it also involves stealing credit card numbers

Question 16

examples of avoiding legal consequences through laws protecting electronic data privacy

Answer 16

Health Insurance Portability & Accountability Act of 1996 (HIPAA)

Sarbanes-Oxley Act of 2002 (Sarbox)

Gramm-Leach-Billey Act (GLBA)

Payment Card Industry Data Security Standard (PCI DSS)

state notification & security laws
California’s Database Security Breach Notification Act (2003)

Question 17

what are the types of singapore laws for information security

Answer 17

data privacy
- personal
data protection act 2012

cybersecurity
- cybersecurity act 2018

cybercrime
- computer misuse act (Cap. 50A)

Question 18

define cyberterrorism

Answer 18

any premeditated, politically motivated attack aginst info, pc systems, programs & data

Question 19

what is cyberterrorism designed to do and who may be potential targets

Answer 19

cause panic

provoke violence

result in financial catastrophe

banking industry, military installations, power plants, air traffic control centers & water systems

Question 20

what are the different type of attackers

Answer 20

threat actor

Script Kiddies

Hacktivists

Nation State Actor

Advanced Persistent Threat

Insiders

Question 21

what are threat actor’s crimes and variations

Answer 21

financial cybercrime - divided into 2 categories

1st category focuses on individuals as victims

2nd category focuses on enterprises & gov

they have 4 types of variations:

attributes

funding & resources

whether internal/external to enterprise/org

intent & motivation

Question 22

what are the script kiddies

Answer 22

individuals who want to attack computers yet lack the knowledge of computers & network needed to do so

download automated hacking software (scripts) from websites

40% of their attacks require low/no skills

Question 23

what are the hacktivists and what crimes do they commit

Answer 23

they attack for ideological reasons generally not as well-defined as cyberterrorist’s motivation

crimes:

breaking into website & changing contents on site to make political statement

disabling website belonging to bank as bank stopped accepting payments deposited into accounts belonging to hactivists

Question 24

what is a nation state actor

Answer 24

they are attackers commissioned by govs to attack enemies’ info systems

may target foreign govs/citizens of gov that are considered hostile/threatening
known for being well-resourced & highly trained

Question 25

what is an advanced persistent threat

Answer 25

multiyear intrusion campaign that targets highly sensitive economic, proprietary or national security info

Question 26

what are insiders and what crimes do they commit

Answer 26

they are usually employees, contractors & business partners over 58% of breaches attributed to insiders crimes: 1. healthcare workers publicise celebrities' health records reason: disgruntled over upcoming job terminations 2. stock trader conceal losses through fake transactions employees reason: bribed/coerced into stealing data before moving to new job

Question 27

what are the 5 fundamental ways to defend against attacks

Answer 27

Layering Limiting Diversity Obscurity Simplicity Frameworks & Reference Architectures

Question 28

what is layering and how can it help defend against attacks

Answer 28

instead of using a single defense mechanism that is easy to overcome, layering can make it unlikely for attackers to break through all defense layers layered security approach -provides most comprehensive protection -useful in resisting variety of attacks

Question 29

what is limiting and how can it help defend against attacks

Answer 29

limits access to info and reduce threats against it l only those who use data be granted access like using file permissions and more procedural documents

Question 30

what is diversity and how can it help defend against attacks

Answer 30

closely related to layering - more defense layers are used in addition to making each layer diverse same techniques will be unsuccessful in breaking through other layers - requires using security products from diff manufacturers grps responsible for regulating access (control diversity) are diff (to prevent attackers from using methods such as brute force)

Question 30

what is obscurity and how can it help defend against attacks

Answer 30

making inside details unknown or difficult to know to outsiders - like not revealing type of computer they use OS version brand of software used difficult for attacker to plan or devise attack if system details unknown

Question 31

what is simplicity and how can it help defend against attacks

Answer 31

to make security systems easy to understand on the inside but complex from the outside complex systems are difficult to understand and troubleshoot

Question 32

what are frameworks and reference architectures and how it can help defend against attacks

Answer 32

help to provide resources of how to create secure IT environment overall program structure and guidance to implement & maintain effective security program various industry-specific frameworks for each particular sector