UGRD-IT6205A Information Assurance and Security 1
The course exposes the students to the basic structure of cyberspace and to a risk-based approach to cybersecurity.Delivery | Transmitting the weapon to the target environment. | |
Requirements, | Seven Stages of lifecycle model | |
TRUE | (IA) is the study of how to protect your information assets from destruction, degradation, manipulation and exploitation. | |
Prevent Cyber-Attacks | Physical security consist in the closure of IT equipment in a dedicated space and the provision of access control. | |
TRUE | Cyber security, also referred to as information technology security, focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction. | |
Trust | Is a generic term that implies a mechanism in place to provide a basis for confidence in the reliability/security of the system. | |
confidentiality | This means that only those authorized to view information are allowed access to it. | |
Phase F: Migration Planning | Assess the impact of new security measures upon other new components or existing leveraged systems. What phase is that? | |
TRUE | Cyberspace is "the environment in which communication over computer networks occurs.“ | |
Audit | The ability to provide forensic data attesting that the systems have been used in accordance with stated security policies. | |
cyber bullying | Which one is not a security threat in the IT world? | |
TRUE | Availability: Availability of information refers to ensuring that authorized parties are able to access the information when needed | |
Information Assurance | Is the study of how to protect your information assets from destruction, degradation, manipulation and exploitation. | |
Integrity | Protection against unauthorized modification or destruction of information | |
Phase F: Migration Planning | In a phased implementation the new security components are usually part of the infrastructure in which the new system is implemented. The security infrastructure needs to be in a first or early phase to properly support the project. What phase is that? | |
Confidentiality | Assurance that information is shared only among authorized persons or organizations. | |
Security | Is a process, not an end state | |
Risk Transfer | Shift the risk to someone else. | |
Trust | Failure of the mechanism may destroy the basis for trust. | |
integrity | This assured that the information is authentic and complete. | |
confidentiality | This is roughly equivalent to . | |
TRUE | Actions taken that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality and | |
Security | Is a process, not an end state | |
Confidentiality, Integrity and Availability | Three Features of Security | |
Exploitation | After the weapon is delivered to the victim, follows the targeting of an application or vulnerability of the operating system. The infected file can be used by the self-execution facility to launch the malware code, or it can be executed by the user himself; | |
Delivery | The main ways of transport are e-mails (attachment of infected files), web platforms (running malware scripts), or removable USB memories; | |
Assess assets, Assess threats, Assess vulnerabilities, Assess risks, Prioritize countermeasure options and Make risk management decisions | Risk Management Procedure consists of six steps. | |
crown jewels | Following a cyber risk assessment, develop and implement a plan to mitigate cyber risk and protect the “_____________” outlined in the assessment. | |
Authentication | Security measures to establish the validity of a transmission, message, or originator. | |
Cyber Risk Assessment | _______________ should also consider any regulations that impact the way the company collects, stores, and secures data, such as PCI-DSS, HIPAA, SOX, FISMA. | |
Trust mechanism | Are the security features of a system that provide enforcement of a security policy. | |
authentication | This involves ensuring that the are who they say are and one of the most famous method to secure this is by using | |
Confidentiality | Assurance that information is shared only among authorized persons or organizations. | |
Physical, Perceptual, Desired Effects | Three distinct levels: | |
photo enhancement | This is not a type of application security. | |
Information | Is data endowed with relevance and purpose. | |
TRUE | Availability:Assurance that the systems responsible for delivering, storing and processing information are accessible when needed, by those who need them. | |
Security | Is the process of maintaining an acceptable level of perceived risk | |
Confidentiality | Is roughly equivalent to privacy | |
TRUE | In information security, data integrity means maintaining and assuring the accuracy and consistency of data over its entire life-cycle. | |
Assurance | Is a measure of confidence that the security features, practices, procedures, and architecture of a system accurately mediates and enforces the security policy. | |
Action on Objective | After the first six phases, an attacker can act to achieve the goals. These actions typically consist of collecting information, modifying data integrity, or attacking the availability of services and devices, but the victim system can also be used as a starting point for infecting other systems or for expanding access to the local network. | |
Information | Processed data | |
Attacker's Operations | Physical attack and destruction, including: electromagnetic attack, visual spying, intrusion, scavenging and removal, wiretapping, interference, and eavesdropping. | |
Trusted Computing Base | Acronym for TCB? | |
Lifecycle | Is the process by which an asset is managed from its arrival or creation to its termination or destruction. | |
Insiders | Consists of employees, former employees and contractors. | |
Information Infrastructure | Information and data manipulation | |
Availability | Assurance that the information is authentic and complete. | |
Information | Converting data into information thus requires knowledge | |
Digital Underground, Underground Economy, Phishing, Hacktivism, Cyberwar:Estonia Case and Stuxnet | Type of Concept for Cybercrime | |
Risk Acceptance | Risks not avoided or transferred are retained by the organization. | |
Physical Security, Personnel Security, IT Security and Operational Security | Four Security Domain | |
Assurance | The ability to test and prove that the enterprise architecture has the security attributes required to uphold the stated security policies. | |
cyber security | The state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this. | |
Risk mitigation | Taking actions to reduce the losses due to a risk; many technical countermeasures fall into this category. | |
Noise | Raw facts with an unknown coding system | |
Phase H: Architecture Change Management | Changes in security requirements are often more disruptive than a simplification or incremental change. Changes in security policy can be driven by statute, regulation, or something that has gone wrong. What phase is that? | |
Assess assets, Assess threats, Assess vulnerabilities, Assess risks, Prioritize countermeasure options, Make risk management decisions | Risk Management Procedure consists of six steps. | |
Weaponization | Making a malware application (for example, a computer trojan) that, combined with an exploitable security breach, allows remote access. Moreover, PDF (Portable Document Format) files or Microsoft Office suite-specific files can be regarded as weapons available to the attacker; | |
Defender's Operations | Information security technical measures such as: encryption and key management, intrusion detection, anti-virus software, auditing, redundancy, firewalls, policies and standards. | |
Non-repudiation | Assurance that the sender is provided with proof of a data delivery and recipient is provided with proof of the sender’s identity, so that neither can later deny having processed the data. | |
TRUE | In information security, data integrity means maintaining and assuring the accuracy and consistency of data over its entire life-cycle. | |
Availability | Assurance that the information is authentic and complete. | |
Knowledge | Accepted facts, principles, or rules of thumb that are useful for specific domains. | |
Prevent Cyber-Attacks | Logical security consists in software that are necessary to control the access to information and services of a system. The logical level is divided into two categories: access security level and service security level. | |
Command and Control | Usually an infected host must be accessible outside of the local network to establish a command and control channel between the victim and the attacker. Once this bidirectional communication has been made, an attacker has access inside the target environment and can usually control the activity by manually launching commands; | |
Physical Security, Personnel Security, IT Security, Operational Security | Four Security Domains | |
availability | This is an assurance that the systems responsible for delivering, storing, and processing information are accessible when needed, by those who need them. | |
TRUE | Cyberspace is "the environment in which communication over computer networks occurs.“ | |
TRUE | Cyber security, also referred to as information technology security, focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction. | |
Phase C: Information System Architecture | Assess and baseline current security-specific architecture elements. What phase is that? | |
Phase A: Architecture Vision | Definition of relevant stakeholders and discovery of their concerns and objectives will require development of a high-level scenario. What phase is that? | |
Asset Protection | The protection of information assets from loss or unintended disclosure, and resources from unauthorized and unintended use. | |
Exploitation | The infected file can be used by the self-execution facility to launch the malware code, or it can be executed by the user himself; | |
TRUE | Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. | |
Personnel Security | s a variety of ongoing measures taken to reduce the likelihood and severity of accidental and intentional alteration, destruction, misappropriation, misuse, misconfiguration, unauthorized distribution, and unavailability of an organization’s logical and physical assets, as the result of action or inaction by insiders and known outsiders, such as business partners.” | |
Physical Security | Refers to the protection of hardware, software, and data against physical threats to reduce or prevent disruptions to operations and services and loss of assets.” | |
TRUE | Availability:Assurance that the systems responsible for delivering, storing and processing information are accessible when needed, by those who need them. | |
cloud providers | These are constantly creating and implementing new security tools to help enterprise users better secure their data. | |
Risk Avoidance | Not performing an activity that would incur risk. | |
Action on objective | These actions typically consist of collecting information, modifying data integrity, or attacking the availability of services and devices, but the victim system can also be used as a starting point for infecting other systems or for expanding access to the local network. | |
The risk treatment | Acceptance, avoidance, mitigation, transfer—are with respect to a specific risk for a specific pary. | |
Recon, Weaponise, Deliver, Exploit, Install, C2 and Action | What are the steps in intrusion model? | |
Confidentiality | Assurance that information is not disclosed to unauthorized persons | |
TCB | Is a collection of all the trust mechanisms of a computer system which collectively enforce the policy. | |
Desired Effects | To affect the technical performance and the capability of physical systems, to disrupt the capabilities of the defender. | |
TRUE | Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. | |
TRUE | Cyber Crime Computer crime, or cybercrime, is any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. | |
Data | Raw facts with a known coding system | |
Availability | Timely, reliable access to data and information services for authorized users; | |
TRUE | Concept of Cybercrime | |
Knowledge | It should be: accurate, timely, complete, verifiable, consistent, available. | |
IT Security | Is the inherent technical features and functions that collectively contribute to an IT infrastructure achieving and sustaining confidentiality, integrity, availability, accountability, | |
information technology security | Cyber security, also referred to as____________________, focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction. | |
Digital Underground, Underground Economy, Phishing, Hacktivism, Cyberwar:Estonia Case and Stuxnet | Six Concept of CyberCrime | |
Security | Is the process of maintaining an acceptable level of perceived risk | |
Confidentiality, | Three Features of Security | |
Operational Security | Involves the implementation of standard operational security procedures that define the nature and frequency of the interaction between users, systems, and system resources, the purpose of which is to. | |
Reconnaissance | Research, target identification and selection: it may be looking for e-mail addresses, social relationships, or data about a particular technology, information displayed on various websites; | |
TRUE | Availability: Availability of information refers to ensuring that authorized parties are able to access the information when needed | |
Physical | Data and data processing activities in physical space; | |
Phase A: Architecture Vision | The following security specifics appropriate to the security architecture must be addressed within each phase in addition to the generic phase activities. What phase is that? | |
Phase E: Opportunities & Solutions | Identify existing security services available for re-use. What phase is that? | |
Phase B: Business Architecture | Development of the business scenarios and subsequent high-level use-cases of the project concerned will bring to attention the people actors and system actors involved. What phase is that? | |
Phase A: Architecture Vision | Are applicable to ensuring that security requirements are addressed in subsequent phases of the ADM. What phase is that? | |
Phase D: Technology Architecture | Revisit assumptions regarding interconnecting systems beyond project control, Identify and evaluate applicable recognized guidelines and standards and Identify methods to regulate consumption of resources. What phase is that? | |
Phase D: Technology Architecture | Every system will rely upon resources that may be depleted in cases that may or may not be anticipated at the point of system design. What phase is that? | |
Phase D: Technology Architecture | Assess and baseline current security-specific technologies. What phase is that? | |
Phase G: Implementation Governance | Many security vulnerabilities originate as design or code errors and the simplest and least expensive method to locate and find such errors is generally an early review by experienced peers in the craft. What phase is that? | |
Phase H: Architecture Change Mana | Changes in security standards are usually less disruptive since the trade-off for their adoption is based on the value of the change. However, standards changes can also be mandated. What phase is that? | |
Phase G: Implementation Governance | Establish architecture artifact, design, and code reviews and define acceptance criteria for the successful implementation of the findings. What phase is that? | |
Phase B: Business Architecture | Determine who are the legitimate actors who will interact with the product/service/process. What phase is that? | |
Phase E: Opportunities & Solutions | From the Baseline Security Architecture and the Enterprise Continuum, there will be existing security infrastructure and security building blocks that can be applied to the requirements derived from this architecture development engagement. What phase is that? | |
Phase C: Information System Architecture | A full inventory of architecture elements that implement security services must be compiled in preparation for a gap analysis. What phase is that? | |
Administration | The ability to add and change security policies, add or change how policies are implemented in the enterprise, and add or change the persons or entities related to the systems. | |
Authentication | The definition and enforcement of permitted capabilities for a person or entity whose identity has been established. | |
TRUE | Security architecture addresses non-normative flows through systems and among applications. | |
Identify soft enterprise | Those who will see change to their capability and work with core units but are otherwise not directly affected | |
Authentication | The substantiation of the identity of a person or entity related to the enterprise or system in some way. | |
TRUE | Security architecture composes its own discrete views and viewpoints. | |
TRUE | Security architecture introduces unique, single-purpose components in the design. | |
Availability | The ability of the enterprise to function without service interruption or depletion despite abnormal or malicious events. | |
TRUE | Security architecture introduces its own normative flows through systems and among applications. | |
TRUE | Security architecture calls for its own unique set of skills and competencies of the enterprise and IT architects. | |
Identify core enterprise | Those who are most affected and achieve most value from the security work | |
Identify communities involved | Those stakeholders who will be affected by security capabilities and who are in groups of communities | |
Identify extended enterprise | Those units outside the scoped enterprise who will need to enhance their security architecture for interoperability purposes | |
TRUE | Security architecture has its own discrete security methodology. | |
Risk Management | The organization's attitude and tolerance for risk. | |
Phase E: Opportunities & Solutions | Identify existing security services available for re-use | |
Phase A: Architecture Vision | Are applicable to ensuring that security requirements are addressed in subsequent phases of the ADM | |
TRUE | True or False: Business rules regarding handling of data/information assets | |
TRUE | True or False: Codified data/information asset ownership and custody | |
TRUE | True or False: Written and published security policy | |
TRUE | True or False: Identify communities involved (enterprises) - those stakeholders who will be affected by security capabilities and who are in groups of communities | |
TRUE | True or False: Identify extended enterprise (units) - those units outside the scoped enterprise who will need to enhance their security architecture for interoperability purposes | |
TRUE | True or False: Data classification policy documentation | |
TRUE | True or False: Identify the security governance involved, including legal frameworks and geographies (enterprises) | |
TRUE | True or False: Risk analysis documentation | |
TRUE | True or False: Identify soft enterprise (units) - those who will see change to their capability and work with core units but are otherwise not directly affected | |
TRUE | True or False: Identify core enterprise (units) - those who are most affected and achieve most value from the security work |