We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4
7.
1 Observe Good Security Practices and Procedures (Information
Security Focus) Causes of Information Security Vulnerability: 1. Anonymity: Users can conceal their identities, leading to potential misuse or malicious activities in online environments. o Example: Hackers using proxies or VPNs to anonymize their IP addresses. o Disadvantage: It makes it harder for security teams to track and trace cybercriminals. 2. Many Points of Attack: A network often has several potential entry points, increasing the risk of unauthorized access. o Example: Weak access control systems or exposed network ports. o Disadvantage: Increases the complexity of defending against multiple threats. 3. Sharing: Sharing files and resources between users or systems increases the attack surface. o Example: Unauthorized file sharing over a corporate network leading to data leaks. o Disadvantage: Risks confidential information being exposed. 4. Complexity of Systems: The more complex an information system, the more vulnerable it is to misconfigurations and potential breaches. o Example: Enterprise systems integrating multiple software solutions without adequate security measures. o Disadvantage: Complexity makes it harder to identify and patch security gaps. Threat Precursors: 1. Port Scans: Attackers use port scans to find vulnerabilities by identifying open ports on a network, which could allow unauthorized access. o Example: Nmap used by hackers to map a network for vulnerabilities. 2. Social Engineering: Attackers trick people into divulging confidential information, like passwords. o Example: Phishing emails convincing users to provide login credentials. o Disadvantage: Can bypass even the best technical security controls. 3. Reconnaissance: Attackers gather as much information as possible about the target network before launching an attack. o Example: Scanning public records or DNS information of a target system. 4. Operating System and Application Fingerprinting: Identifying specific software versions to exploit known vulnerabilities. o Example: An attacker identifies that a server is running an outdated version of Apache and targets it with known exploits. Information Security Controls: Design and Implement a Security Plan: o Steps: 1. Define security objectives. 2. Identify threats. 3. Implement controls (firewalls, antivirus, encryption). o Advantage: Provides structured defense against potential threats. o Disadvantage: Requires continuous updates as threats evolve.
7.2 Source Hardware and Software Solutions to Information
Security Issues Types of Security Controls: 1. Physical Security: Protects hardware from theft or tampering. o Example: Secure server rooms with biometric access control. o Advantage: Prevents physical breaches that could compromise data. o Disadvantage: Can be costly to implement and maintain. 2. Technical Security: Refers to the use of technology to protect systems and data. o Example: Encryption software, firewalls, anti-virus tools. o Advantage: Offers robust, automated defense mechanisms. o Disadvantage: Needs frequent updates to combat new threats. 3. Administrative Security: Policies, procedures, and guidelines to ensure information security. o Example: Security policies mandating multi-factor authentication (MFA). o Advantage: Establishes a culture of security across an organization. o Disadvantage: Relies heavily on user compliance and awareness. Information Security Services: 1. Implement Firewall Management: Firewalls filter network traffic, allowing or blocking it based on a predefined set of rules. o Example: A next-generation firewall that uses deep packet inspection to detect and block malicious traffic. 2. Email Security Services: Protect email systems from phishing attacks and malware. o Example: Secure Email Gateways that block malicious attachments and links. oAdvantage: Protects one of the most commonly attacked entry points. o Disadvantage: Some legitimate emails might be blocked (false positives). How Information Security Works: 1. Types of Security Software and Tools: o Firewalls, Anti-virus software, Encryption tools. o Example: McAfee anti-virus, BitLocker for encryption. o Advantage: Helps detect, prevent, and respond to security threats. o Disadvantage: Often requires updates and skilled personnel to manage. 2. Benefits of Information Security: o Advantage: Maintains confidentiality, integrity, and availability of data (CIA Triad). o Disadvantage: Implementation can be complex and costly.
7.3 Deploy, Test, and Maintain Security Systems
Elements of a Cyber-Attack (Information Security Context): 1. Asset: Any valuable data or system that needs protection. o Example: Customer data, internal databases. 2. Threat Agent: The entity responsible for attacking the system, such as hackers or malware. o Example: A cybercriminal deploying ransomware. 3. Security Controls: Mechanisms used to defend against or mitigate the impact of attacks. o Example: Encryption to protect data from unauthorized access. Designing an Effective Cybersecurity Solution: 1. Policies/Procedures: Policies define how users should protect data, such as password policies. 2. Cyber-Resilience: The ability of a system to continue operating even when attacked. o Advantage: Minimizes downtime after a breach. o Disadvantage: Often requires investment in backup and redundancy systems. 3. Technologies/Safeguards: Firewalls, encryption, intrusion detection systems (IDS), and Multi-factor Authentication (MFA) all work to protect information assets. o Advantage: Significantly reduces the risk of successful attacks. o Disadvantage: Needs regular updating and monitoring. 7.4 Maintain Hardware and Software (Information Security Perspective) Common Information Security Vulnerabilities: 1. Missing Data Encryption: Sensitive data transmitted without encryption is at risk of interception. o Example: Using HTTP instead of HTTPS for web traffic. o Disadvantage: Exposes sensitive information like passwords or personal data. 2. Operating System Command Injection: Attackers exploit weaknesses in web applications to execute commands on the host OS. o Example: SQL injection or shell commands executed through input fields. o Disadvantage: Can lead to full system compromise. 3. SQL Injection: Attacker inserts malicious code into SQL queries to gain access to database information. o Example: An attacker retrieves user credentials from a vulnerable login form. o Disadvantage: A breach in SQL can expose large volumes of sensitive data. 4. Unmanaged Software: Software that is not maintained or patched regularly presents security risks. o Disadvantage: Allows known vulnerabilities to remain open for exploitation. 5. IoT Devices: Many IoT devices lack robust security features, making them easy targets for attackers. o Example: A smart home device that can be easily compromised due to default settings. o Disadvantage: Expands the attack surface without adequate defenses. Types of Information Security: 1. Application Security: Protecting applications from external threats like code injection or malware. o Example: Input validation and secure coding practices. 2. Data Loss Prevention (DLP): A strategy to ensure that sensitive data is not lost, misused, or accessed by unauthorized users. o Example: Blocking users from copying sensitive files to USB drives. o Advantage: Prevents accidental or malicious data breaches. o Disadvantage: Can impact user productivity if too restrictive.