CIST 1601 Chapter 1

Ace your homework & exams now with Quizwiz!

What makes an appropriate countermeasure?

- Provides a security solution to an identified problem - Dependent on secrecy - Is testable and verifiable - Provides uniform and consistent protection for all assets and users - Is independent of other safeguards. - Requires minimal human intervention. - Is tamper-proof. - Has overrides and fail-safe defaults.

Sophisticated Attacks

- Use common internet tools and protocols, making it difficult to distinguish an attack from legitimate traffic. - Vary their behavior, making the same attack appear differently each time.

Types of Threat Agents

1. Employee (Internal Threats) 2. Spy 3. Hacker

Types of Security Components

1. Physical Security 2. Users and Administrators 3. Policies

Seven Layers of Layered Security

1. Policies, Procedures, and Awareness 2. Physical 3. Perimeter 4. Network 5. Host 6. Application 7. Data

Types of Hackers

1. Script Kiddies 2. Cybercriminals 3. Cyber Terrorists

Type of Security Challenges

1. Sophisticated Attacks 2. Proliferation of Attack Software 3. Attack Scale and Velocity

Vulnerability

A flaw or weakness that allows a threat agent to bypass security.

Application

A layer of security that includes authentication and authorization, user management, group policies, and web application security

Physical

A layer of security that includes fences, locked doors, cameras, server cages, and environmental controls

Perimeter

A layer of security that includes firewalls using ACLs and securing the wireless network

Host

A layer of security that includes log management, OS hardening, patch implementation, patch management, auditing, anti-malware, and password attack prevention on each workstation, laptop, and mobile device

Network

A layer of security that includes the installation and configuration of switches and routers; implementation of VLANs; penetration testing; and virtualization use

Policies, Procedures, and Awareness

A layer of security that includes user education, manageable network plans, and employee onboarding and off-boarding processes.

Layered Security

A security approach that combines multiple security controls and defenses to create a cumulative effect.

Layered Security Model

A security approach that defines seven layers of security.

Physical Security

All the hardware and software needed to secure data such as firewalls and antivirus software

Exploit

An act, procedure, or piece of software that takes advantage of a vulnerability to carry out an action

Countermeasure

An action that is taken to mitigate a potential attack

Hacker

Any threat agent that uses their technical knowledge to bypass security mechanisms to exploit a vulnerability to access information.

Threat

Anything that has the potential to cause the loss of data or an asset

Proliferation of Attack Software

Attack tools have become widespread online. Anyone with moderate knowledge of technology can download tools and run an attack

Spy

Can be employed in corporate espionage to obtain information about competitors for commercial purposes - A spy can apply for a commercial competitor and then exploits internal vulnerabilities to steal information. - A spy can attack an organization from outside by exploiting external vulnerabilities

Availability

Ensures that a system is up so that data is accessible when needed

Confidentiality

Ensures that data is not disclosed to unintended people

Integrity

Ensures that data is not modified or tampered with

Cyber Terrorists

Hacker generally carry out terrorist activities, such as network-dependent institutions

Script Kiddies

Hacker who download and run attacks available on the internet, but generally aren't savvy enough to create their own attack code or script

Cybercriminals

Hacker who usually seek to exploit security vulnerabilities from some kind of financial reward or revenge

Non-Repudiation

Provides validation of a message's origin.

Asset

Something that has value to an individual or an organization

Data

Storing data properly, destroying data, classifying data, cryptography, and data transmission security

Security

The degree of protection against criminal activity, danger, damage, and/or loss

Threat Agent

The person or entity that attempts or carries out a threat

Attack Scale and Velocity

The speed at which an attack can spread from machine to machine has increased. Now a million computers can be attacked in minutes

How is an Employee a possible Threat Agent?

They have access to a lot of information assets and can: - Become disgruntled with an employer - Be bribed by a competitor - Be an unintentional participant in to an attack - Accidentally delete or cause data corruption

User Education

Used to educate employees on policies, procedures, how to identify potential attacks, etc as a way to ensure that an employee's actions don't compromise a network's security


Related study sets

Kinetics Quiz AP Chemistry Lovrencic

View Set

Exam 4 Digital Marketing CH. 11-13

View Set

PDHPE-HSC Online- Health Priorities in Australia

View Set

Prokaryotic Transcription & Gene Regulation (L43)

View Set