Chapter 1
How can the practice of information security be described as both an art and a science?
- Requires various kinds of tools and technologies used for technical purposes. - No clear-cut rules on how to install various security mechanisms
Identify the six components of an information system. Which are most directly affected by the study of computer security? Which are most commonly associated with its study?
- Software - Hardware - Data - People - Procedures - Networks
What is the difference between a threat agent and a threat?
A Threat is a constant danger to an asset, whereas a threat agent is the facilitator of an attack
Why is a methodology important in the implementation of information security? How does a methodology improve the process?
A formal methodology ensures a rigorous process and avoids missing steps.
Who should lead a security team? Should the approach to security be more managerial or technical?
A project manager with information security technical skills. The approach to security should be managerial, top down.
How has computer security evolved into modern information security?
ARPANET were only physically secured, after ARPANET it was realised that this was just one component.
Nslookup
Ability to lookup and test IP addresses/connections
IMAP
Access email on a remote web server from a local client. Use TCP port 143 and 993
Ping
Allows a user to verify that a particular IP address exists and can accept requests
Describe the critical characteristics of information. How are they used in the study of computer security?
Availability: Authorized users can access the information Accuracy: Free from errors. Authenticity: Genuine. Confidentiality: Preventing disclosure to unauthorized individuals. Integrity: Whole and uncorrupted. Utility: Has a value for some purpose. Possession: Ownership.
What are the three components of the C.I.A. triad? What are they used for?
Confidentiality: Information should only be accessible to its intended recipients. Integrity: Information should arrive the same as it was sent. Availability: Information should be available to those authorized to use it.
Who decides how and when data in an organization will be used or controlled? Who is responsible for seeing that these decisions are carried out?
Control and use of data in the Data owners are responsible for how and when data will be used, Data users are working with the data in their daily jobs.
How does the view of security as a social science influence its practice?
Deals with people, and information security is primarily a people issue.
Why is the top-down approach to information security superior to the bottom-up approach?
Has a strong upper-management support, a dedicated champion, usually dedicated funding, a clear planning and implementation process and the means of influencing organizational culture.
What system is the predecessor of almost all modern multi user systems?
MULTICS
What type of security was dominant in the early years of computing?
Physical Security
Wireshark
Profiles network traffic and analyzing packets
What was important about RAND Report R- 609?
RR 609 was the first widely recognized published document to identify the role of management and policy issues in computer security.
Which paper is the foundation of all subsequent studies of computer security?
Rand Report R-609, sponsored by the Department of Defense
POP3
Retrieve messages. Use TCP port 110 and 995
Which members of an organization are involved in the security systems development life cycle? Who leads the process?
Security professionals are involved in the SDLC. Senior management, security project team and data owners are leads in the project.
SMTP
Sends email messages between servers. Uses TCP port 25, 2525 and 465
If the C.I.A. triad is incomplete, why is it so commonly used in security?
The CIA triangle is still used because it addresses the major concerns with the vulnerability of information systems.
Who is ultimately responsible for the security of information in the organization?
The Chief Information Security officer (CISO)
How is infrastructure protection (assuring the security of utility services) related to information security?
The availability of information assets is dependent on having information systems that are reliable and that remain highly available
What is the relationship between the MULTICS project and the early development of computer security?
The first and operating system created with security as its primary goal. Shortly after the restructuring of MULTICS, several key engineers started working on UNIX which did not require the same level of security.
Tracert
Utility that records the route through the internet between your computer and a specified destination computer
What is the difference between vulnerability and exposure?
Vulnerability is a fault within the system. Exposure is a single instance when a system is open to damage.
