SY110 Final

Three components of Computer arcitecture

.Central Processing Unit (CPU); Random Access Memory (RAM); Hard Drive

CPU (Central Processing Unit)

It is the brains of the computer, performing all mathematical and logical operations.

RAM (Random Access Memory)

Short Term (Volatile) memory; Non-Persistant data storage meaning it is lost when a computer loses power.

Hard Drive

The primary storage component of a computer which holds all software and data; Persistant Data Storage meaning data is saved if power is lost

Fetch-Decode-Execute Sequence

1.) FETCH the next instruction as a block of bytes

2.) DECODE the bytes to determine which action

3.) EXECUTE the action decoded

When you run a program, the computer first copies the program from the hard drive to RAM before entering

into the fetch-decode-execute sequence (T/F)

TRUE

Supply Chain Threats

Counterfeit Electronics (I.e old/refurbished equip. ; bad part packaged like a real one ; cloned parts imbedded with malware )

The large number of organizations involved in supply chain for producing computers, reduces cybersecurity risk. (T/F)

FALSE

Aspects of Cyber Security Domain

1.) PERSONA ASPECTS

2.) INTERFACE ASPECTS

3.) DATA ASPECTS

4.) NETWORK ASPECTS

5.) GEOGRAPHIC ASPECTS

PERSONA ASPECTS

- represent users that have a role in cyber domain (can have multiple personas)

INTERFACE ASPECTS

- Hardware and software users interact with to provide input (I.e Keyboards, mouses, etc)

DATA ASPECTS

- represent info stored in the information system; raw data stored in cyber domain

NETWORK ASPECTS

- represents the path s that data flows accross between systems or systems that store data

GEOGRAPHIC ASPECTS

- represents phsycial location of user, system, and data paths (includes natural boundaries and geopolitical boundaries)

Pillars of Cyber Security

(CIANA) (5 of them)

Confidentiality

Integrity

Availability

Non-repudiation

Authentication

Confidentiality

Protection of Information from DISCLOSURE to unauthorized users (DATA oriented)

Integrity

Protection of Information, systems, etc from MODIFICATION or destruction (DATA oriented)

Availability

Timely, reliable access to data and information servcies (SERVICE Oriented)

Non-Repudiation

Change a record of a recorded action (changing up proof) (ENTITY oriented)

Authentication

ability to VERIFY the indentity of someone (ENTITY oriented)

What is the primary pillar of cyber security violated:

Successfully injected javascript into a webpage that changed the contents of the page

__Integrity__ Key word: CHANGED, INJECTED

What is the primary pillar of cyber security violated:

Logged onto your roommate's laptop, without their permission, with stolen credentials

_Authentication__ Key Word: STOLEN CREDENTIALS

What is the primary pillar of cyber security violated:

Once on your roommate's laptop, read all of their emails to see what they said about you

__Confidentiality__ Key Word: READ

What is the primary pillar of cyber security violated:

Changed an online invoice to state that you made a purchase at 10:00 AM instead of 10:00 PM

__Non-repudiation__ Key Word: CHANGED, TIME

Think of this as getting your ass out of trouble for proof when you go to court. "He was killed at 10AM" bt he couldnt be because I was at the store at 10AM (even tho you werent because you killed him)

What is the primary pillar of cyber security violated:

Sent one million ping requests simultaneously to the RONA server, flooding it with requests

__Availability__ Key Word: Flood

It crashes the server so no one can use it to get more info on what you did when you killed the person from above scenario

Risk and Vulnerabilities types

Risk

Impact

Vulnerability

Threat

Capability

Oppurtunity

Intent

Risk Management Tradeoff

What s a Risk?

a measure of the extent to which an entity is threatened by a potential circumstance or event

What is Impact?

an adverse effect that results from an event occurring

What is Vulnerability?

a weakness in a system that can be exploited by a threat that adversely affect the system, results in an adverse impact. weakness in an information system that can be exploited to compromise a pillar of cybersecurity.

What's a Threat? (think)

an actor or event with the potential to adversely impact and information system

To have the Capability: (You can)

the knowledge and skill set required by a threat to carry out an event

To have the Oppurtuntiy: (You could/ You have the means to(too?))

the resources and positioning required by a threat to carry out an action

What is Intent (I want to)

the motivation of a threat to carry out an action

Risk Management Tradeoff

Functionality, risk, cost

Risk is a part of everything we as humans do on and off a computer. Risk generally increases the more you do online.

List the 4 strategies for addressing Risk:

(AACT)

- Avoid - Avoid activities that would make you incur the risk

- Control - Apply measures to reduce (mitigate) the risk

- Accept - Accept all of the risk and continue the activity

- Transfer - Transfer the risk to someone else

How to mitigate the risk of someone coming in and looking at the rainbow table tryna steal passwords?

Hashed (and salted) the password file.

What should you never do with your passwords? How many times should you use a password?

Not reuse passwords. Only once

Bit

individual 0 or 1 value

Byte

8-bit chunk.

String

sequence of characters

File

sequence of bytes

Plaintext

contains text of course; open with Notepad or Notepad++; typical extension is .txt

JPG

image file; open with Windows Photo Viewer, photoshop, etc.' extension is .jpg or .jpeg

ZIP file

contains a bundled collection of files and folders; typical extension is .zip (annoying shit we'd have to open and unpack in the labs)

PDF File

portable document format; open with adobe acrobat reader, extension is .pdf

MP3 File

Mpeg layer 3 file; audio file using a specific compression algorithm; can be opened in many players, including iTunes, Windows Media player, and WinAmp; extension is .mp3 (Think MP3 Players \> Music ETC also SOUND CLOUD RAPPER)

0101 0010 0100 1001 0100 0110 0100 0110

What tool would you use to look at the bytes of this file to determine what type of file it is?

Frhed Hex Editor (Almsot Always assume FHRED tbh, he's the man)

0101 0010 0100 1001 0100 0110 0100 0110

What is the Hexadecimal representation of the first two bytes of the file?

52 49

0101 0010 0100 1001 0100 0110 0100 0110

What type of file is this?

AVI / WAV

0101 0010 0100 1001 0100 0110 0100 0110

What is a better indicator of file type - file extensions or file headers? Explain your answer.

File headers are a better indicator, because they are needed to open a file correctly. Conversely, someone

can change the file extensions, and the file could still open if the file header was correct. (Can't open something if you don't know what to open/ don't know what a paepr is about without an intro with a thesis)

When hiding information in a picture file using steganography, it is better to hide the data in the least

significant bits of a byte because those bits have less influence over the quality of the picture than higher order bits. (T/F)

TRUE

What is a File Extention?

-When the operating system trusts the extension to tell them the file type.

-Extensions may lie.

-This is the shit you change when you want to mess with people (We did this in a lot of labs)

-The only real way to know the type of the file is to examine its bytes and see what format it's in. (By using somethig like Fhred )

What are File Headers

a short sequence of data at the head or beginning of the file data. This can be recognized when viewing a file in a hex editor

EXAMPLES:

JPG: ff d8 dd e0 00 10

avi/RIFF: 52 49 46 46

Doc: d0 cf 11 e0 a1 b1 1a e1 00 00

Define Policy

set of actions the government should take in order to reach its desired outcome