Exam (elaborations)
C836 EXAM AND REVIEW UPDATED 2022/2023 CHAPTER 1 TO CHQPTER 6 – EXPERT FEEDBACK (RATED A)
- Course
- Institution
C836 EXAM AND REVIEW UPDATED 2022/2023 CHAPTER 1 TO CHQPTER 6 – EXPERT FEEDBACK (RATED A)
[Show more]
Seller
Follow
ian5
Content preview
lOMoAR cPSD| 19500986lOMoAR cPSD| 19500986
C836 EXAM AND REVIEW UPDATED 2022/2023 CHAPTER 1
TO CHQPTER 6 – EXPERT FEEDBACK (RATED A)
CHAPTER 1
1. Define the confidentiality, integrity, availability (CIA) triad.
- -gives a model by which we can think about and discuss security concepts, tends
to be very focused on security, as it pertains to data.
2. Differentiate confidentiality, integrity, and availability.
Confidentiality
- similar but not the same as privacy
- necessary component of privacy and refers to our ability to protect data from
those who are not authorized to view it
Integrity
- Refers to the ability to prevent our data from being changed in an unauthorized
or undesirable manner
- This could mean the unauthorized change or deletion of our data or portions of
our data, or it could mean an authorized but undesirable change or deletion of
data
- To maintain integrity, we not only need to have the means to prevent
unauthorized changes to our data but also need the ability to reserve the
authorized changes that need to be undone
Availability
- -refers to the ability to access our data when we need it
- -loss of availability can refer to a wide variety of breaks anywhere in the chain
that allows us access tour data
- Issues can result from power loss, operating system or application problems,
network attacks, compromise of a system, or other problems
3. Define information security.
- -protecting information and information systems from unauthorized access, use,
disclosure, disruption modification, or destruction
- It means we want to protect our data (where ever it is) and system assets from
those who would see to misuse it
4. Define the Parkerian Hexad and its principles.
- Consist of CIA triad as well as possession or control, authenticity, and utility for a
total of six principles
1|Page
, lOMoAR cPSD| 19500986
- It is not widely known as the CIA triad
- Integrity does not account for authorized but incorrect modification of data and
instead focuses on the state of the data itself in the sense of completeness
- Possession or control refers to the physical disposition of the media on which
data is stored. This enables us without involving other factors such as availability
to discuss our loss of the data in its physical medium. The principle of possession
would enable us to more accurately describe the scope of the incident.
- Authenticity allows us to talk about the proper attribution as to the owner or
creator of the data in question. Authenticity can be enforced through the use of
digital signatures. Nonrepudiation prevents someone from taking an action such
as sending an email and then later denying that he or she has done so.
- Utility refers to how useful the data is to us. It is the only principle that is not
necessarily binary to nature. We can have a variety of degrees of utility
depending the data format.
5. Identify the four types of attacks (i.e., interception, interruption, modification, and fabrication).
- Interception attacks allow unauthorized users to access our data, applications, or
environments, and are primarily an attack against confidentiality. Interception
might take the form unauthorized file viewing or copying, eavesdropping on
phone conversations, or reading e-mail, and be conducted against data at rest or
in motion. Properly executed, interception attacks can be very difficult to detect.
- Interruption attacks cause our assets to become unusable or unavailable for our
use, on a temporary or permanent basis. Interruption attacks often affect
availability but can be an attack on integrity as well.
- Modification attacks involve tampering with our asset. Such attacks might
primarily be considered an integrity attack but could also represent an availability
attack.
- Fabrication attacks involve generating data, processes, communications, or other
similar activities with a system. Fabrication attacks primarily affect integrity but
could be considered an availability attack as well.
- Confidentiality (Interception), Integrity (Interruption, Modification, Fabrication),
Availability (Interruption, Modification, Fabrication)
6. Compare threats, vulnerabilities, risk, and impact.
- Threat is something that has the potential to cause us harm. Threats tend to be
specific to certain environments particularly in the world of information security.
- Vulnerabilities are weaknesses that can be used to harm us. In the essence they
are holes that can be exploited by threats in order to cause us harm. A
vulnerability might be a specific operating system or application that we are
running, a physical location where we have chosen to place our office building, a
data center that is populated over the capacity of its air-conditioning system, a
lack of backup generators, or other factors.
, lOMoAR cPSD| 19500986
- Risk is the likelihood that something bad will happen. In order for us to have a
risk in a particular environment, we need to have both a threat and vulnerability
that the specific threat can exploit.
- Impact is considering the value of the asset being threatened to be a factor, this
may change whether we see a risk as being present or not.
7. Define the risk management process and its stages.
- Identify assets, one of the first and arguably one of the most important parts of
the risk management process is identifying and categorizing the assets that we
are protecting. If we cannot enumerate the assets that we have and evaluate the
importance of each of them, protecting them can become a very difficult task.
Once we have been able to identify that asset in use, deciding which of them is a
critical business asset is another question entirely. Making an accurate
determination of which assets are truly critical to conducting business will
generally require the input of functions that make use of the asset, those that
support the asset itself, and potentially other involved parties as well. Not all
assets need to be protected equally, by determining where resources should be
focused, and cost can reduce while security increased.
- Identify threats takes place after critical assets are enumerated. It is useful to a
have a framework within which to discuss the nature of a given threat and the
CIA triad or Parkerian hexad serve nicely for this purpose. There needs to be a
concern with losing control of data, maintaining accurate data, and keeping the
system up and running. Given this information, we can begin to look at areas of
vulnerability and potential risk.
- Assess vulnerabilities, in the context of potential threats. An asset may have
thousands or millions of threats that could impact it, but only a small fraction of
these will actual be relevant. The issue of identifying these is narrowed by
considerably by looking at the potential threats first.
- Assess risks, once we have identified the threats and vulnerabilities for a given
asset, we can assess the overall risk. Risk is the conjunction of a threat and a
vulnerability. A vulnerability with no matching threat or a threat with no matching
vulnerability do not constitute risk.
- Mitigating risks, to help mitigate risk, we can put measures in place to help ensure
that a given type of threat is accounted for. These measures are referred to as
controls. Controls are divided into three categories: physical, logical, and
administrative.
8. Define the incident response process and its stages.
- If our risk management efforts fail, incident response exists to react to such
events. Incident response should be primarily oriented to the items that we feel
are likely to cause us pain as an organization, which we should now know based
on our risk management efforts. Reactions to such incidents should be based, as
much as is possible or practical, on documented incident response plan, which
are regularly reviewed, tested, and practiced by those who will be expected to
3|Page
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller ian5. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.43. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
77983 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now