Ch01 - Overview of IT Security

  1. The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware,  software, firmware, information/data, and telecommunications)
    Computer Security
  2. Assures that private or confidential information is not made available or disclosed to unauthorized individuals
    Data confidentiality
  3. Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.
  4. Assures that information and programs are changed only in a specified and authorized manner.
    Data integrity
  5. Assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.
    System integrity
  6. Assures that systems work promptly and service is not denied to authorized users.
  7. Confidentiality, Integrity, and Availability. The three concepts embody the fundamental security objectives for both data and for information and computing services
    CIA Triad
  8. Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. A loss of _________ is the unauthorized disclosure of information
  9. Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity. A loss of _________ is the unauthorized modification or destruction of information.
  10. Ensuring timely and reliable access to and use of information. A loss of __________ is the disruption of access to or use of information or an information system.
  11. The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. This means verifying that users are who they say they are and that each input arriving at the system came from a trusted source.
  12. The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity.
  13. An entity that attacks, or is a threat to, a system.
    Adversary (threat agent)
  14. An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a  deliberate attempt (especially in the sense of a method or technique) to evade security services and violate  the  security policy of a system.
  15. An action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating  or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action can be taken
  16. An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability with a particular harmful result.
  17. A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.
    Security Policy
  18. Data contained in an information system; or a service provided by a system; or a system capability, such as processing power or communication bandwidth; or an item of system equipment (i.e., a system component— hardware, firmware, software, or documentation); or a facility that houses system operations and equipment.
    System Resource (Asset)
  19. A potential for violation of security, which exists when there is a circumstance, capability, action, or event, that could breach security and cause harm. That is, a _______ is a possible danger that might exploit a vulnerability.
  20. A flaw or weakness in a system’s design, implementation, or operation and management that could be exploited to violate the system’s security policy.
  21. Including computer systems and other data processing, data storage, and data communications devices
  22. Including the operating system, system utilities, and applications.
  23. Including files and databases, as well as security-related data, such as password files.
  24. Local and wide area network  communication links, bridges, routers, and so on.
    Communication facilities and networks
  25. Assets of computer system
    • Hardware
    • Software
    • Data
    • Communication facilities and networks
  26. Vulnerabilities of system resources
    • corrupted
    • leaky
    • unavailable
  27. The agent carrying out the attack is referred to as an attacker, or __________.
    threat agent
  28. An attempt to alter system resources or affect their operation.
    Active attack
  29. An attempt to learn or make use of information from the system that does not affect system resources.
    Passive attack
  30. Initiated by an entity inside the security perimeter (an “insider”). The insider is authorized to access system resources but uses them in a way not approved by those who granted the authorization.
    Inside attack
  31. Initiated from outside the perimeter, by an unauthorized or illegitimate user of the system (an “outsider”). On the Internet, potential outside attackers range from amateur pranksters to organized criminals, international terrorists, and hostile governments.
    Outside attack
  32. A circumstance or event whereby an entity gains access to data for which the entity is not authorized
    Unauthorized disclosure
  33. Sensitive data are directly released to an unauthorized entity.
  34. An unauthorized entity directly accesses sensitive data traveling between authorized sources and destinations
  35. A threat action whereby an unauthorized entity  indirectly accesses sensitive data (but not necessarily the data  contained in the communication) by reasoning from characteristics or by-products of communications.
  36. An unauthorized entity gains access to sensitive data by circumventing a system’s security protections.
  37. An unauthorized entity gains access to a system or performs a malicious act by posing as an authorized entity.
  38. An entity deceives another by falsely denying  responsibility for an act.
  39. False data deceive an authorized entity.
  40. Prevents or interrupts system operation by disabling a system component.
  41. Undesirably alters system operation by adversely modifying system functions or data.
  42. A threat action that interrupts delivery of system  services by hindering system operation.
  43. An entity assumes unauthorized logical or physical control of a system resource
  44. Causes a system component to perform a function or service that is detrimental to system security.
  45. A circumstance or event that may result in an authorized entity receiving false data and believing it to be true.
  46. A circumstance or event that interrupts or prevents the correct operation of system services and functions
  47. A circumstance or event that results in control of system services or functions by an unauthorized entity.
  48. In the nature of eavesdropping on, or monitoring of, transmissions.
    Passive attacks
  49. The ___________ is easily understood. A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information.
    release of message contents
  50. A second type of passive attack, _______, is subtler. Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message.
    traffic analysis
  51. Involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: replay, masquerade, modification of messages, and denial of service.
    Active attacks
  52. Involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect.
  53. A ___________ takes place when one entity pretends to be a different entity. A masquerade attack usually includes one of the other forms of active attack.
  54. Means that some portion of a legitimate  message is altered, or that messages are delayed or reordered, to produce an  unauthorized effect.
    Modification of messages
  55. The __________ prevents or inhibits the normal use or management of communication facilities
    denial of service
  56. Limit information system access to authorized users, processes acting on behalf of authorized users, or devices and to the types of transactions and functions that authorized users are permitted to exercise.
    Access Control
  57. Ensure that managers and users of organizational information systems are made aware of the security risks associated with their activities and of the applicable laws, regulation, and policies related to the security of organizational information systems and ensure that personnel are adequately trained to carry out their assigned information security-related duties and responsibilities.
    Awareness and Training
  58. Create, protect, and retain information system audit records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful, unauthorized, or inappropriate information system activity.
    Audit and Accountability
  59. Establish and maintain baseline configurations and inventories of organizational information systems throughout the respective system development life cycles.
    Configuration Management
  60. Establish, maintain, and implement plans for emergency response, backup operations, and post disaster recovery for organizational information systems to ensure the availability of critical information resources and continuity of operations in emergency situations.
    Contingency Planning
  61. Identify information system users, processes acting on behalf of users, or devices, and authenticate (or verify) the identities of those users, processes, or devices, as a prerequisite to allowing access to organizational information systems.
    Identification and Authentication
  62. Establish an operational incident-handling capability for organizational information systems that includes adequate preparation, detection, analysis, containment, recovery, and user-response activities.
    Incident Response
  63. Perform periodic and timely maintenance on organizational information systems.
  64. Protect information system media, both paper and digital.
    Media Protection
  65. Limit physical access to information systems, equipment, and the respective operating environments to authorized individuals.
    Physical and Environmental Protection
  66. Develop, document, periodically update, and implement security plans for organizational information systems that describe the security controls in place or planned for the information systems and the rules of behavior for individuals accessing the information systems.
  67. Ensure that individuals occupying positions of responsibility within organizations are trustworthy and meet established security criteria for those positions.
    Personnel Security
  68. Periodically assess the risk to organizational operations, organizational assets, and individuals, resulting from the operation of organizational information systems and the associated processing, storage, or transmission of organizational information.
    Risk Assessment
  69. Allocate sufficient resources to adequately protect organizational information systems.
    Systems and Services Acquisition
  70. Monitor, control, and protect organizational communications at the external boundaries and key internal boundaries of the information systems.
    System and Communications Protection
  71. Identify, report, and correct information and information system flaws in a timely manner.
    System and Information Integrity
  72. means that the design of security measures embodied in both hardware and software should be as simple and small as possible.
    Economy of mechanism
  73. means that access decisions should be based on permission rather than exclusion.
    Fail-safe default
  74. means that every access must be checked against the access control mechanism.
    Complete mediation
  75. means that the design of a security mechanism should be open rather than secret.
    Open design
  76. a practice in which multiple privilege attributes are required to achieve access to a restricted resource.
    Separation of privilege
  77. means that every process and every user of the system should operate using the least set of privileges necessary to perform the task.
    Least privilege
  78. means that the design should minimize the functions shared by different users, providing mutual security.
    Least common mechanism
  79. implies that the security mechanisms should not interfere unduly with the work of users, while at the same time meeting the needs of those who authorize access.
    Psychological acceptability
  80. a principle that applies in three contexts. First, public access systems should be isolated from critical resources to prevent disclosure or tampering. Second, the processes and files of individual users should be isolated from one another except where it is explicitly desired. And finally, security mechanisms should be isolated in the sense of preventing access to those mechanisms.
  81. can be viewed as a specific form of isolation based on object-oriented functionality.
  82. provided by encapsulating a collection of procedures and data objects in a domain of its own so that the internal structure of a data object is accessible only to the procedures of the protected subsystem and the procedures may be called only at designated domain entry points.
  83. ________ in the context of security refers both to the development of security functions as separate, protected modules and to the use of a modular architecture for mechanism design and implementation.
  84. refers to the use of multiple, overlapping protection approaches addressing the people, technology, and operational aspects of information systems.
  85. a layering approach is often used to provide multiple barriers between an adversary and protected information or services.
    defense in depth
  86. means that a program or user interface should always respond in the way that is least likely to astonish the user.
    Least astonishment
  87. Attack surfaces:
    • Network attack surface
    • Software attack surface
    • Human attack surface
  88. This category refers to vulnerabilities over an enterprise network, wide-area network, or the Internet.
    Network attack surface
  89. This refers to vulnerabilities in application, utility, or operating system code.
    Software attack surface
  90. This category refers to vulnerabilities created by personnel or outsiders, such as social engineering, human error, and trusted insiders.
    Human attack surface
  91. An _________ consists of the reachable and exploitable vulnerabilities in a system.
    attack surface
  92. (T/F) An attack surface analysis is a useful technique for assessing the scale and severity of threats to a system. A systematic analysis of points of vulnerability makes developers and security analysts aware of where security mechanisms are required.
  93. An _________ is a branching, hierarchical data structure that represents a set of potential techniques for exploiting security vulnerabilities.
    attack tree
  94. These attacks target the user equipment, including the tokens that may be involved, such as smartcards or other password generators, as well as the actions of the user.
    User terminal and user (UT/U)
  95. This type of attack focuses on communication links.
    Communications channel (CC)
  96. These types of attacks are offline attack against the servers that host the Internet banking application.
    Internet banking server (IBS)
  97. This strategy can be used against many elements of the attack surface. There are procedural attacks, such as monitoring a user’s action to observe a PIN or other credential, or theft of the user’s token or handwritten notes.
    User credential compromise
  98. In this type of attack, the attacker is able to intercept communication between the UT and the IBS.
    Injection of commands
  99. It is reported in [HILT06] that brute force attacks against some banking authentication schemes are feasible by sending random usernames and passwords.
    User credential guessing
  100. For example, violating the bank’s security policy in combination with weak access control and logging mechanisms, an employee may cause an internal security incident and expose a customer’s account.
    Security policy violation
  101. This type of attack persuades or forces the user to connect to the IBS with a preset session ID.
    Use of known authenticated session
  102. an informal description of desired system behavior.
    Security policy
  103. Strategy for providing computer security:
    • Specification/policy: What is the security scheme supposed to do?
    • Implementation/mechanisms: How does it do it?
    • Correctness/assurance: Does it really work?
  104. Virtually all security measures involve some penalty in the area of ease of use.
    Ease of use versus security
  105. In addition to ease of use and performance costs, there are direct monetary costs in implementing and maintaining security measures.
    Cost of security versus cost of failure and recovery
  106. Security implementation four complementary courses of action:
    • Prevention
    • Detection
    • Response
    • Recovery
  107. An ideal security scheme is one in which no attack is successful
  108. In a number of cases, absolute protection is not feasible, but it is practical to detect security attacks.
  109. If security mechanisms detect an ongoing attack, such as a denial of service attack, the system may be able to respond in such a way as to halt the attack and prevent further damage.
  110. the degree of confidence one has that the security measures, both technical and operational, work as intended to protect the system and the information it processes.
  111. An example of recovery is the use of backup systems, so that if data integrity is compromised, a prior, correct copy of the data can be reloaded.
  112. (T/F) Assurance is expressed as a degree of confidence, not in terms of a formal proof that a design or implementation is correct.
  113. the process of examining a computer product or system with respect to certain criteria.
Card Set
Ch01 - Overview of IT Security
2nd Semester