Intro to Network and Software Security week 1

0.0(0)
studied byStudied by 0 people
full-widthCall with Kai
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/14

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

15 Terms

1
New cards

what are the 3 descriptive words used in relation to Access Control, and what does each refer to?

who: (subject)
what: (asset)
how: (permissions)

2
New cards

what is integrity, in terms of network security?

Integrity is the notion of “intactness”, or a lack of unexpected change for a website or application (or other program)

3
New cards

what are the 3 words (used to be 4), relating to integrity?

Availability, Confidentiality, and Traceability.

4
New cards

Under “Traceability”, what are the 3 A’s that act as a descriptor

Authentication (who are you), Authorization (do you have permissions/a ticket to access), and Accounting/Auditing (cookies, caches, and data collection on user actions)

5
New cards

Considering the trustworthiness of a website or other program, what inhibits/is a part of trust “Trust” (3 main points)?

  • That there is an inherent belief/faith that the system is secure and will not fail

  • Herd mentality; so many people use the system that it must be safe

  • That conflicts of interest are disclosed or are non existent

6
New cards

The acronym WORM stands for?

write once, read many

7
New cards

Fill in the blank: Privacy is about ____

Privacy is about Choice

8
New cards

what is trust, in reference to network security?

Trust is decision making with imperfect knowledge

9
New cards

Fill in the blank: Security is a ____

Security is a process

10
New cards

Fill in the blank: Security encompasses ____

Security encompasses the entire environment

11
New cards

Fill in the blank: Security and convenience are ____

Security and convenience are inversely proportional (these concepts are trade offs for each other)

12
New cards

Fill in the blank: Security is only as strong as ____

Security is only as strong as its weakest link

13
New cards

True or False, you should change unit tests before deployment to match newly update code, rather than change the code to match the tests

False; Changing the unit tests to match new code might result in the bypassing or oversight of buffer sizes, access permissions, or other future security and intactness issues

14
New cards

True or False, changes and sweeping updates of operating systems and features involves a stepwise implementation, rather than a sweeping, one time—instant—change.

False; Because of the nature of software updates being instant and single-step based, updates should be given extra precaution for security and bug related issues.

15
New cards

Does windows provide it’s buffer control “security guards” with direct access to the Kernel?

Yes, and this is precisely what caused issues with the crowd strike buffer error a few years back.