INF4831 INFORMATION SECURITY QUESTIONS AND ANSWERS
A+ GRADED. Buy Quality Materials!
Information assets
Data, device or component that supports information related activities. Need to be
protected from illicit access, use, disclosure, alteration, destruction and theft.
Types of Assets
1. Property
- Physical assets e.g. buildings and contents
- Hardware
- Software (OS, apps, support systems)
- Data
2. People
- Employees
- Contractors
- Customers/Clients
3. Procedures
Information security
Preservation of confidentiality, integrity and availability of information; in addition, other
properties such as authenticity, accountability, non-repudiation and reliability can also
be involved.
Information Security Event
An identified occurrence of a system, service or network state indicating a possible
breach of information security policy or failure of safeguards, or a previously unknown
situation that may be security relevant.
Information Security Incident
A single or a series of unwanted or unexpected information security events that have a
significant probability of compromising business operations and threatening information
security.
Asset States
1. Storage
- electronic, physical, human
2. Transmission
- physical or electronic
3. Processing (use)
- physical or electronic
Cyber crime
a) Technology is the target e.g. hacking, computer viruses, DOS.
b) Technology used as tools to enable the offence e.g. Phishing, identity theft, spam.
Ransomware
Malware that encrypts users computer files and demands a payment to permit
decryption e.g. Breaking Bad computer ransomware demanded $1000 to decrypt files it
infects.
,3 Information security goals
1. Confidentiality
2. Integrity
3. Availability
Confidentiality
Prevent unauthorized DISCLOSURE of information.
Integrity
Prevent unauthorized MODIFICATION or DESTRUCTION of information.
Availability
Ensure resources ACCESSIBLE when required by authorized user.
Authentication
Verifying a claimed identity or source of information.
2 types of Authentication
1. Entity Authentication
2. Data origin authentication
Entity Authentication
Verify claimed identity.
Data Origin Authentication
Verify source and integrity of message.
Non-repudiation
Create evidence that action has occurred, so user cannot falsely deny the action later.
2 Types of Attacks
1. Passive
2. Active
Active Attacks
- Goal is to modify, replicate of fabricate.
- Can detect and try to recover
e.g. phishing, DOS, Main-in-the-middle
Passive Attacks
- Goal is to obtain information
- Difficult to detect
e.g. eavesdropping, shoulder surfing.
3 Types of Countermeasures
1. Preventative controls
2. Detective controls
3. Corrective controls
Example of Preventative controls
Encryption of files
Example of Detective controls
Use checksum/MAC to detect data corruption.
Example of Corrective controls
Restore apps to last known good image to bring corrupted system back online.
What are the 3 sides of the Security Model? What is on each side?
1. Information States (top)
. Transmission
. Storage
, . Processing
2. Critical Information Security Services (left)
. Confidentiality
. Integrity
. Availability
3. Security Measures (right)
. Technology
. Policy & Practices
. Education, Training and Awareness
[1.2] What do researchers claim to be able to do to the Jeep Cherokee?
Take over the vehicle remotely, control entertainment system, climate control, driving
controls via wireless connection.
[1.2] Which information asset was targeted when researchers attacked Jeep
Cherokee?
Communications between the cellular network, the car, the entertainment system
software and the other control systems for the vehicle.
[1.2] Which of security goals are compromised if the attacks described in the
article are performed on a Jeep?
- Confidentiality: cellular network traffic reveals vulnerable vehicle, track GPS, trace
route over time, measure speed, monitor in car systems etc.
- Integrity: changes made to firmware to insert the code that allows for the remote
control.
- Availability: can take control away from authorised user.
[1.2] Data state of Jeep Cherokee?
Transmission (initially) of information related to Uconnect.
[1.2] How can you address the security problems of Jeep Cherokee example?
- Software patches to address the vulnerability
- During dev. implement a policy re: separate critical vehicle systems from
entertainment/phone systems.
- Education/training/awareness
[1.2] Were the Jeep Cherokee attacks active or passive?
Active attacks: constructed code and deliberately inserted it into system.
[1.3] Why is the continued use of Windows XP after April 2014 considered a
vulnerability?
- Software will no longer be patched = no repair of code errors.
- Flaws identified by criminals can be used to attack system.
[1.4] What is the full name of the organization known as AusCERT?
Australian Computer Emergency Response Team.
[1.4] One of the services provided by AusCERT is a Security Bulletins Service.
What sort of information assets do the Security Bulletins relate to?
Software. There are descriptions of vulnerabilities in particular software, sometimes
reports that these have been exploited 'in the wild', and some bulletins advise on control
measures available.
Threats
Set of circumstances with potential to cause harm to an information asset by
compromising stated information security goals.
A+ GRADED. Buy Quality Materials!
Information assets
Data, device or component that supports information related activities. Need to be
protected from illicit access, use, disclosure, alteration, destruction and theft.
Types of Assets
1. Property
- Physical assets e.g. buildings and contents
- Hardware
- Software (OS, apps, support systems)
- Data
2. People
- Employees
- Contractors
- Customers/Clients
3. Procedures
Information security
Preservation of confidentiality, integrity and availability of information; in addition, other
properties such as authenticity, accountability, non-repudiation and reliability can also
be involved.
Information Security Event
An identified occurrence of a system, service or network state indicating a possible
breach of information security policy or failure of safeguards, or a previously unknown
situation that may be security relevant.
Information Security Incident
A single or a series of unwanted or unexpected information security events that have a
significant probability of compromising business operations and threatening information
security.
Asset States
1. Storage
- electronic, physical, human
2. Transmission
- physical or electronic
3. Processing (use)
- physical or electronic
Cyber crime
a) Technology is the target e.g. hacking, computer viruses, DOS.
b) Technology used as tools to enable the offence e.g. Phishing, identity theft, spam.
Ransomware
Malware that encrypts users computer files and demands a payment to permit
decryption e.g. Breaking Bad computer ransomware demanded $1000 to decrypt files it
infects.
,3 Information security goals
1. Confidentiality
2. Integrity
3. Availability
Confidentiality
Prevent unauthorized DISCLOSURE of information.
Integrity
Prevent unauthorized MODIFICATION or DESTRUCTION of information.
Availability
Ensure resources ACCESSIBLE when required by authorized user.
Authentication
Verifying a claimed identity or source of information.
2 types of Authentication
1. Entity Authentication
2. Data origin authentication
Entity Authentication
Verify claimed identity.
Data Origin Authentication
Verify source and integrity of message.
Non-repudiation
Create evidence that action has occurred, so user cannot falsely deny the action later.
2 Types of Attacks
1. Passive
2. Active
Active Attacks
- Goal is to modify, replicate of fabricate.
- Can detect and try to recover
e.g. phishing, DOS, Main-in-the-middle
Passive Attacks
- Goal is to obtain information
- Difficult to detect
e.g. eavesdropping, shoulder surfing.
3 Types of Countermeasures
1. Preventative controls
2. Detective controls
3. Corrective controls
Example of Preventative controls
Encryption of files
Example of Detective controls
Use checksum/MAC to detect data corruption.
Example of Corrective controls
Restore apps to last known good image to bring corrupted system back online.
What are the 3 sides of the Security Model? What is on each side?
1. Information States (top)
. Transmission
. Storage
, . Processing
2. Critical Information Security Services (left)
. Confidentiality
. Integrity
. Availability
3. Security Measures (right)
. Technology
. Policy & Practices
. Education, Training and Awareness
[1.2] What do researchers claim to be able to do to the Jeep Cherokee?
Take over the vehicle remotely, control entertainment system, climate control, driving
controls via wireless connection.
[1.2] Which information asset was targeted when researchers attacked Jeep
Cherokee?
Communications between the cellular network, the car, the entertainment system
software and the other control systems for the vehicle.
[1.2] Which of security goals are compromised if the attacks described in the
article are performed on a Jeep?
- Confidentiality: cellular network traffic reveals vulnerable vehicle, track GPS, trace
route over time, measure speed, monitor in car systems etc.
- Integrity: changes made to firmware to insert the code that allows for the remote
control.
- Availability: can take control away from authorised user.
[1.2] Data state of Jeep Cherokee?
Transmission (initially) of information related to Uconnect.
[1.2] How can you address the security problems of Jeep Cherokee example?
- Software patches to address the vulnerability
- During dev. implement a policy re: separate critical vehicle systems from
entertainment/phone systems.
- Education/training/awareness
[1.2] Were the Jeep Cherokee attacks active or passive?
Active attacks: constructed code and deliberately inserted it into system.
[1.3] Why is the continued use of Windows XP after April 2014 considered a
vulnerability?
- Software will no longer be patched = no repair of code errors.
- Flaws identified by criminals can be used to attack system.
[1.4] What is the full name of the organization known as AusCERT?
Australian Computer Emergency Response Team.
[1.4] One of the services provided by AusCERT is a Security Bulletins Service.
What sort of information assets do the Security Bulletins relate to?
Software. There are descriptions of vulnerabilities in particular software, sometimes
reports that these have been exploited 'in the wild', and some bulletins advise on control
measures available.
Threats
Set of circumstances with potential to cause harm to an information asset by
compromising stated information security goals.
