Tutorial 2 Flashcards
What is the difference between attack surface and attack trees?
An attack tree is the set of methods to defend against unauthorized users whereas an attack surface is the area which is used to attack a system.
examples of attack surface : webserver and open source.
Consider an ATM in which users provide a PIN and a card for account access. Give example of confidentially, integrity and availability requirements associate with the system and in each case indicate the degree of importance of the requirement.
Confidentially -
What is the CIA Triad and describe each?
Confidentiality - Ensuring that data is private and accessible to authorized persons and systems.
integrity - Ensuring that data is reliable and not tampered with
availability - Ensuring that the authorized users have access when needed.