Elements of Information Security:
Confidentiality: Assurance that the information is accessible only to those authorized to have access
Integrity: The trustworthless of data of resources in terms of preventing improper and unauthorized changes
Availability: Assurance that the systems responsible for delivering, strong and processing information are accessible when required by the authorized users.
Authenticity: Authenticity refers to the characteristic of a communication document or any data that ensures the quality of being genuine.
Non-Repudiation: Guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny the message.
Essential Terminologies:
Hack Value: It is the notion among hackers that something is worth doing or is intresting
Target of Evaluation: An IT system, product, or component that is identified/subjected to a requried security evaluation
Exploit: A defined way to breach the security of an IT system through vulnerability
Zero-Day Attack: An attack that exploits computer application vulnerabilities before the software developer releases a patch for vulnerability
Vulnerability: Existence of a weakness, design, or implementation error that can lead to an unexpected and undesirable event compromising the security of the system
Daisy Chaining: Hackers who get away with database theft usually complete their task, then backtrack to cover their tracks by destroying logs etc.
Motives, Goals, and objectives of Information Security Attacks:
Attacks = Motive(Goal) + Method + Vulnerability
Goals: Attackers have motives or goals such as disrupting business continuity. Information theft, data manipulation, or taking revenge.
Motives: A motive orginates out of the notion that the target system stores or processes something valuable and this leads to threat of an attack on the system.
Objectives: Attackers try various tools, attack methods, and techniques to exploit vulnerabilities in a computer system or security policy and controls to achieve their motives.
Information Security Threats:
Natural Threats:
- Natural Threats
- Floods
- Earthquakes
- Hurricanes
Physical Security Threats:
- Loss or damage of a system resources
- Physical intrusion
- Sabotage, espionage and errors
Human Threats:
- Hackers
- Insiders
- Social Engineering
- Lack of knowledge and awareness
Network Threats:
- Information gathering
- Sniffing and eavesdropping
- Spoofing
- Session hijacking and Man-in-the-Middle attack
- SQL injection
- ARP Poisioning
- Password-based attacks
- Denail of service attack
- Compromised-key attack
Host Threats:
- Malware attacks
- Target Footprinting
- Password attacks
- Denail of service attacks
- Arbitrary code execution
- Unauthorized access
- Privilege escalation
- Backdoor Attacks
- Physical security threats
Application Threats:
- Data/Input validation
- Authentication and authorization attacks
- Configuration management
- Information disclosure
- Session management issues
- Buffer overflows issues
- Cryptography attacks
- Parameter manipulation
- improper error handling and exception management
- Auditing and logging issues
No comments:
Post a Comment