Upgrade to remove ads
Topic 2: Fundamentals of Information Security
Terms in this set (35)
What is Vulnerability?
-a flaw, bug or misconfiguration that a cyber actor can exploit to gain unauthorised access to your network and information.
-to protect business from attackers exploiting vulnerabilities in your network or systems:
>Know vulnerabilities (Assessment)
>Know the impact of vulnerabilities (Analysis)
>Minimise vulnerabilities (Management)
-Assessment: Review of network or systems for unusual configurations.
-Analysis: getting a thorough understanding (what happens) of the impact and mitigation techniques (what can be done) for vulnerabilities identified.
-Management: a program to ensure vulnerabilities in business systems are identified. Then appropriate mitigation can be applied based on risk level, quickly.
What is 'the cyber threat'?
-cyber intrusions are the biggest threat faced by Australian ICT systems, and is usually aimed at businesses, where information, intellectual property, scientific data, government documents and more are stolen.
>Catch (malicious software with whitelisting)
>Patch (operating system and applications)
>Match (the right people with the right privileges)
How does computer use at home, be dangerous?
-Software not updated
-Anti-Virus not installed
-Irresponsible online presence
-Opening or answering of unsolicited emails or phone calls
-Data not backed up
-Illegitimate software installed
-Weak passwords and/or usage of similar passwords for different accounts
-Device gets lost
What threat do wireless networks pose?
-are used because they are cheap and easy to set up and meet employee demands.
-Problems to consider:
>Free WiFi zones
>Wireless and Fixed hybrids
>Defualt setting enabled
>Authentication not used
What is cloud computing?
-the access to network storage and applications, which have the potential to help businesses leverage modern technologies via internet connectivity.
-offers significant computing capability, storage and economy of scale, via 3rd party vendors, that is not cheap for small businesses.
what considerations must be made about cloud computing?
>business functionality must be maintained
>data must be protected from unauthorised access by other parties
>data must be protected from being misused by other customers
>security incidents must be dealt with, quickly.
what is email filtering?
-used to enforce policy (only as good as the policy)
>prevent delivery of emails of an executable nature, which may cause non-security conscious individuals to double click them.
>prevent emails with executable files disguised as other files (e.g. renamed as txt)
-attackers usually try to bypass executable filters.
How can you prepare for cyber incidents?
-Can be costly for staff and resources. Businesses can be impacted:
>Service unavailablity and lost productivity
>Damage to agency reputation and trust
>Lost or stolen information that could harm Australia's economic well being, national security or the privilege of Australian people
> Staff time and costs associated with restoring systems to a trusted state.
-must be reported and resolved in an efficient and timely manner. The severity, scope, damage or cost of a cyber incident increases with every hour it remains unresolved.
What are questions we ask when preparing for cyber incidents?
>What are our legislative requirements and obligations for incident reporting?
>Are procedures in place to provide information and reporting to relevant parties during an incident?
>Do we have a business continuity plan and disaster recovery plan and have these plans been regularly tested?
>Do we have an up-to-date and regularly tested incident reporting plan?
>Have we identified critical systems?
>Do we have processes in place to detect when an incident may have occurred?
>How easily and quickly can we access resource key to mitigating an incident?
>Do we have up-to-date after hours contact list for key personnel and external stakeholder?
>Do we have the ability to identify and isolate an affected workstation or system?
What threats do small businesses face, and how can do reduce these threats?
>Wireless internet vulnerabilities
>Phishing and Spear Phishing (more personalised)
>Anti virus and malware tools
What are some codes of ethics?
-a collection of principles that are intended to guide decision-making by members of an organisation professional association.
-if something is legal it can still be unethical.
What are the general frameworks for ethical issues?
1. recognise the issue
2. get the facts
3. evaluate alternatives
4. make a decision and test it
5. Act and reflect on the outcome a decision
How does ethics and business relate?
How does ethics and IS relate?
4 categories of ethical issues:
what is the general approach used by IS professionals when making ethical decisions?
-ethical claims should be discussed rationally.
-ethical choices cannot be avoided.
-ethical reflection should begin with the assumption that all the IS design and implementation involves value choices (e.g. legalism: legal does not equal ethical).
What is the right to privacy and what threats are posed?
-refers to the concept that one's personal information is protected from public scrutiny.
-Not absolute, must be balanced against the needs of society.
-Public's right takes precedence over the individual's right.
>data aggregators (people who summarise data) , digital dossiers (information left when browsing), and profiling (extrapolating information based on certain traits or tendencies online).
> personal information in databases
>info on bulletin boards/newsgroups
>social network sites.
How can we protect privacy?
-protecting an organisation's guidelines with respect to protecting the privacy of customers, clients and employees.
-2 models of informed consent:
>Opt Out: allows the company to collect personal information until the customer specifically requests that the data not be collected.
>Opt In: means that the organisation are prohibited from collecting any personal information unless the customer specifically authorises it (preferred).
-International aspects of privacy: international organisations and governments face when information spans countries and jurisdiction.
What are the Australian Privacy Principles?
-Consideration of personal information:
1. open and transparent management of personal information.
2. Anonymity and Pseudonymity
-Collection of Personal Information:
3. collection of solicited personal information.
4. unsolicited personal information
5. Notification of the collection of personal information.
-Dealing with personal information:
6. use and disclosure of personal information.
7. Direct marketing
8. cross border disclosure of personal information.
9. adoption, use or disclosure of government related identifiers.
-Integrity of personal information:
10. quality of personal information
11. security of personal information
12. access to personal information
13. correction of personal information
How do Information Security Breaches occur?
Occurs when one or more people:
-gain unauthorised access or use of a computer system.
-copy or modify data and/or programs in the system, or disclose the system.
-destroy hardware, software, data, or deny access to a system.
What are Botnet breaches occur?
-successful attacks on a system.
-malicious code first infects vulnerable computers.
-armies of compromised computers.
-programmed to attack other computers.
What are some consequences of breaches to a companies information systems?
-exposure of confidential business data
-disruption of business activities
-reduced marketplace credibility
-may breach laws
-direct financial loss
what are information resources?
-electronic information assets (databases)
-paper documents (signed contracts)
-software (company applications)
-physical computing assets (PCs)
-information services (telemarketing division).
What is the RITE model?
Responsibility, Integrity, Trust, Ethicality
What are threats, controls and vulnerabilities?
-Threat: possible attack on a target (information resources) which might cause a loss of Confidentiality, Integrity or Availability of data; either delibrately or accidentally.
-Control: used to reduce the strength of threats, that are either preventative, detective or corrective.
-Vulnerability: weaknesses in existing controls, that can be exploited.
What is Information security risk?
-The probability (likelihood) that a threat will attack a target, combined with the impact that it will have on the target.
>technical capability is readily available, cheaply
>probability of detection is low
>consequences are fairly trivial, or unlikely to be applied
>attackers finds the anticipated gains to be substantially greater than what was invested
What Information Security Threat Models, based on?
-based on classifications:
>delibrate or accidental
>Loss of CIA
>destruction, modification and disclosure
What are some Security Threat Models?
What is Interruption?
What is Interception?
What is Modification?
What is Fabrication?
What are Information Security Control Models?
What are some types of controls?
What is a hybrid control model?
What is the multi-level control model?
YOU MIGHT ALSO LIKE...
Drew Exam 4
MCS2020 U of G
Chapter 11 Technology & Financial Management Key T…
OTHER SETS BY THIS CREATOR
Predictive Analytics Review
Topic 1: Introduction to IS Security and Risk Mana…
Topic 5: FREEDOM OF EXPRESSION, CENSORSHIP AND WHI…
OTHER QUIZLET SETS
Human Resources M. Exam #2
Tiếp xúc bệnh nhân