Week 6 - Cyber Security/Ethical Hacking Flashcards
What is an Asset, Vulnerability and Threat?
Asset
- Anything that has value to the organisation and needs protection
Vulnerability
- a weakness of an asset or group of assets that may be exploited
Threat
- Cause of harm
- Can be intentional, accidental or environmental (power cut)
Types of hackers
White Hat
- Ethical or pen testers etc
Black Hat
- Personal gain
Grey Hat
- Look for vulnerabilities without permission. Will report to owner sometimes for small fee. If not responded to then they may post the exploit online
Give two models of Info Sec
CIA - Overall security
CAIN - Important for transport
Define confidentiality
Confidentiality is the need to ensure that information is disclosed only to those authorised to see it (SANS)
What makes privacy different from confidentiality?
Privacy refers to an individual’s desire to control who has access to his/her data
Confidentiality refers to the maintenance of a company agreement with the customer about how the customer’s identifiable data will be handled
Define profiling
The process of constructing user profiles generated by computer data analysis.
Uses techniques to allow the discovery of patterns in large data
Give threats to confidentiality
- Hackers
- SHoulder surfing
- Not disposing documents properly
- Malicious code
- Unauthorised activity
- Improper access control
Define data integrity
Guarding against improper modification and includes ensuring data repudiation and authenticity
Give some controls to protect data integrity
- Digital signatures
- File integrity verifier utilities
- Security trainign
How can you ensure availability?
- Maintenance
- Backups
- Redundancy
- Cloud Computing
Define DDOS in the context of security
Distributed Denial of Service is a distributed version of a Denial of Service attack.
The aim is to make a service unavailable to its legitimate users.
See the Team Lizard gaming console christmas attacks in 2014
Give types of flooding attacks
- ICMP flood - ICMP packets
- UDP Flood
- TCP SYN flood (connection requests)
What is a smurf attack
A way of generating a lot of traffic:
- Sends a large amount of ping traffic with spoofed source IPs.
- If the routing device delivering traffic to those addresses delivers the IP broadcast to all hosts, most hosts on that net will take the ICMP echo request and reply to it, multiplying the traffic by the num of hosts responding
Virus vs Worm vs Trojan Horse
Virus is a program that attaches itself to files and replicates
Worms are independent and can spread without the help of other programs.
Trojan horses are programs that look legit but contain malicious code.
How to defend against DDOS pre attack?
- Enforce policy for resource consumption
- Provide backup resource on demand
- Turn off all unnecessary services of the web server
How to defend against DDOS during attack?
Try to detect the attack at the beginning by looking for suspicious patterns of behaviour
How to defend against DDOS post attack?
Identify the source and prevent future attacks from it
What is a network scanner?
Network scanners check for vulnerabilities on your own system but can also check from outside the system.
Can therefore be used maliciously
What is code injection?
Code injection is where hackers exploit vulnerable web code to run commands.
EG SQL injection is most frequent, or PHP injection where there is user input
Give some of the acts that relate to hacking
COmputer Misuse Act 1990 Police and Justice Act 2006 Serious Crime Act 2015 EU Directive 2013/40/EU Terrorism Act 2000 Telecoms Regulations 2000 GDPR 2018
What are the offences in the computer misuse act 1990?
- Unauthorised access to computer material
- Unauthorised access with intent to commit or facilitate further offences
- Unauthorised acts with intent to impair, or with recklessness as to impairing, operation of a computer
Give the penalty for unauthorised access only
Up to six months in prison and/or an up to £5k fine
Give the penalty for unauthorised access with intent to commit a further crime or modification of data
Up to 5 year prison and/or unlimited fine
Give the penalty for making, supplying or obtaining anything which can be used for computer misuse offences
Up to 10 year prison sentence and/or an unlimited fine
