Threats, Attacks, and Countermeasures

  Information: definition, difference between information and data. Security: definitions (freedom; thing, measure). Historic perspectives (isolation, resource sharing, likelihood of attack). InfoSec is security of information and information systems; components of an information system. Information security vs information assurance. Information security services: - confidentiality - authentication of integrity - authentication of origin - nonrepudiation - availability - access control - For each service: • Can you give examples from everyday life where it is needed? • Is it always needed? • What are some ways you might try to provide it? • How might it be violated? Security is not absolute: trade-off between security and usability. Terminology: need to understand, reference sources. What do we mean by “threat” in the information security context? Does it require an action? What is a threat action? Can you give examples? What is a threat agent? Can you give examples? Can you name, explain, and give examples of the three types of threat? What makes an attack different from a human error? What are other names for a successful attack? What is a zero-day attack? About 2/3 of incidents occur . What is an “insider”? Why are insiders a threat? What might they do? Why is an ex-employee a threat? How should an organization handle someone who quits or is fired? Can you name, explain, and give examples of categories of outsiders who could be a threat? What is malware? What is its threat agent? Can you explain and give examples of malware transport mechanisms? Can you explain and give examples of malware payloads? What is a trapdoor (or backdoor)? What is a logic bomb? What is a time bomb? What is a Trojan horse? What is a RAT? What is a software bacterium? What is a software virus?