Confidentiality
refers to preventing the disclosure of information to unauthorized individuals or systems.
Integrity
In information security, data integrity means maintaining and assuring the accuracy and consistency of data over its entire life-cycle
Availability
For any information system to serve its purpose, the information must be available when it is needed. This means that the computing systems used to store and process the information, the security controls used to protect it, and the communication channels
Authenticity
In computing, e-Business, and information security, it is necessary to ensure that the data, transactions, communications or documents (electronic or physical) are genuine. It is also important for authenticity to validate that both parties involved are w
Threat
In computer security a threat is a possible danger that might exploit a vulnerability to breach security and thus cause possible harm.
Threat Agent
can take one or more of the following actions against an asset:[6]
Access - simple unauthorized access
Misuse - unauthorized use of assets (e.g., identity theft, setting up a porn distribution service on a compromised server, etc.)
Disclose - the threat a
Vulnerability
a vulnerability is a weakness which allows an attacker to reduce a system's information assurance.
Sarbanes-Oxley Act
An Act To protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes
Hacker
someone who seeks and exploits weaknesses in a computer system or computer network.
Cyberterrorist
a person who attacks computer system security in support of
their ideology
Malware
software designed to infiltrate or damage a computer system without the user's informed consent
Virus
A piece of code that is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data
Worm
A destructive computer program that bores its way through a computer's files or through a computer's network.
Logic Bomb
A computer program or part of a program that lies dormant until it is triggered by a specific logical event.
Key-logger
Can send a record of your actions to a remote observer
Ping-pong Virus
virus that is harmless to most of the computers; boot sector virus.
Denial of Service DoS
Attacks that occur when a large number of computers try to access a wevsite at the same time, effectively overloading it and causing it to shut down.
127.0.0.1
Local address for loopback
Default
255.255.255.0
IPv6
Uses 128-bit address
DNS Server
translates MAC addresses to IP addresses
One-to-many communication
Multicast is a form of this
AES encryption
Does not support a 512 bit key size
Retrovirus
Seeks out to attack the antivirus system of a computer
Threats to SCADA Systems
The first one is the threat of unauthorized access to the control software, whether it is human access or changes made deliberately or unintentionally by virus infections and other software threats existing on the control host machine. The second is the t
DES
Has been superseded by AES
DoS attack
Tries to make server not usable by flooding it with requests
IPtable
Used to restrict port traffic on a Linux system
OSI Model
1. Physical
2. Data link
3. Network
4. Transport
5. Session
6. Presentation
7. Application
Biometrics
Most common form of authetication
WEP
Wired Equivalent Privacy, Supports 104 and 40.
Designed to provide wireless connections with the same security as wired connections. Has weaknesses: Static Pre-shared Keys (PSK). 1997.
Phishing
Can use voice messages to carry out attack
Trojan Horse Program
Appears legitimate, but is actually malicious
DMCA
Digital Millennium Copyright Act, against publication of flaws in encryption
US Commerce Department
Regulates export of encryption programs
Symmetric Encryption
An encryption standard that requires all parties to have a copy of a shared key. A single key is used for both encryption and decryption. Single key can be weakness, as it must be shared
Asymmetric Encryption
Two-way encryption scheme that uses paired private keys and public keys to perform encryption and decryption. Key encryption is part of alogrithim
MAC model
labels (sometimes referred to as sensitivity labels or security labels) to determine access. Both subjects (users) and objects (files and folders) are assigned labels. When the labels match, the appropriate permissions are granted.
RBAC model
uses the role or responsibilities users have in the
organization to determine a user's access permissions to a resource.
DDos
Involves multiple computers executing attack.
An attack that uses hundreds or thousands of zombie computers in a botnet to flood a device with requests.
Transmission Control Protocol
a protocol developed for the internet to get data from one network device to another SYN attack violates this
Password Length
Recommended to be at least 8 characters
Computer Virus
A computer virus is a replication mechanism, activation
mechanism and has an objective.
Port 49
TACACS (Terminal Access Controllers Access)
TACACS
____ is an authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server.
Most network bound viruses spread this way
S/MIME
Secure Multipurpose Internet Mail Extensions, used to commonly encrypt emails
Integrity
Making sure email etc. hasn't been tampered with
Brute Force Attack
A password attack in which every possible combination of letters, numbers, and characters is used to create encrypted passwords that are matched with those in a stolen password file. 128 bits recommended for decent level of protection
Instant Messaging Problems
Can scan for open ports on network causing vulnerability
Key Escrow
A process in which keys are managed by a third party, such as a trusted CA. Problem is someone can add another key and distribute it
JavaScript Security
User responsible for security through browser settings
MAC Address
A permanent address given to each network interface card (NIC) at the factory. This address enables the device to access the network via a Level-2 protocol. No two NIC devices will ever have the same MAC address. Also called a physical address.
Proxy Server
Allows specific users on network access to web,
Acts as an intermediary for requests from clients seeking resources from other server
Packet sniffing
inspecting information packets as they travel the Internet and other networks
Packet
A small collection of data that has been packaged for transmission across the Internet. A packet has a header that indicates the source and destination addresses for the packet as well as information that allows data spread over multiple packets, such as
IPSec
A protocol that is used to secure and authenticate IP connections.
HTTP
(Hypertext Transfer Protocol)- A standard used to retrieve documents on the World Wide Web.
SSL
(Secure Socket Layer) A protocol designed by Netscape Communications to enable encrypted, authenticated communications across the Internet. used to encrypt
traffic passed between a web browser and web server. For connection to be established between user
XKMS
Defines services to manage heterogeneous PKI operations via XML
PKI
Public Key Infrastructure
Public Key Infrastructure. Group of technologies used to request, create, manage, store, distribute, and revoke digital certificates. Certificates are an important part of asymmetric encryption. Certificates include public keys a
XML
(Extensible Markup Language) a programming language that describes the data it contains and how the data should be structured and is suited to the exchange of data between different programs.
3DES
Triple Digital Encryption Standard. A symmetric algorithm used to encrypt data and provide confidentiality. It was originally designed as a replacement for DES. It uses multiple keys and multiple passes and is not as efficient as AES, but is still used in
Biometrics
Authentication technique using automated methods of recognizing a person based on a physiological or behavioral characteristic.
802.11
Engineering specification for the wireless standard. Defines how a wireless interface between clients and access points is constructed. It provides access to the physical layer of Ethernet without a
person needing physical access to the building.
Bluebugging
Taking control of a phone to make calls, send text messages, listen to calls, or read text messages. Can give hacker total control over phone
Honeypots
computers baited with fake data and purposely left vulnerable to study how intruders operate to prepare stronger defenses
Group Policies
Can be implemented to users and hardware
Rootkits
A set of of software tools used by an intruder to break into a computer obtain special prvileges to perform unauthorized functions, and then hide all traces of its existence.
war-driving attack
Effort to exploit wireless network
Spoofing
A technique intruders use to make their network or internet transmission appear legitimate
TCP/IP
TCP/IP (Transmission Control Protocol/Internet Protocol) is the basic communication language or protocol of the Internet. It can also be used as a communications protocol in private networks. Transmission Control Protocol, manages the assembling of a mes
Encryption
Best method for ensuring wireless confidentiality
VPN
IPSec commonly used for VPN tunneling.
Allows a secure private connection over a public network, using an encrypted 'tunnel'. For example, a remote computer can securely connect to a LAN, as though it were physically connected.
IPSec
A protocol that is used to secure and authenticate IP connections.
HTTPS
Stands for ""HyperText Transport Protocol Secure."" HTTPS is the same thing as HTTP, but uses a secure socket layer (SSL) for security purposes.
ACL
Access control list. A list of rules used to grant access to a resource. In NTFS, a list of ACEs makes up the ACL for a resource. In a firewall, an ACL identifies traffic that is allowed or blocked based on IP addresses, networks, ports, and some protocol
Subnets
To optimize client authentication and location of resources, which kind of object should each Active Directory site contain?
MITM
Man in the middle. A MITM attack is a form of active interception allowing an attacker to intercept traffic and insert malicious code sent to other clients. Kerberos provides mutual authentication and helps prevent MITM attacks.
Key logger
A program that gathers every letter and number typed into the computer.
Key Size
A measure of the number of possible keys which can be used in a cipher.
AES Encryption
Specifically, AES is an iterative, symmetric-key block cipher that can use keys of 128, 192, and 256 bits, and encrypts and decrypts data in blocks of 128 bits (16 bytes).
Logic Bomb
A computer program or part of a program that lies dormant until it is triggered by a specific logical event.
Script Kiddy
an amateur hacker who lacks sophisticated computer skills. These individuals are typically teenagers, who don't create programs used to hack into computer systems but instead use tools created by skilled hackers that enable unskilled novices to wreak the