COC213 - Cyber Security Complete Revision Flashcards

Comprehensive practice flashcards covering all major topics from the COC213 Cyber Security lecture notes including technical concepts, human factors, risk management, threat modelling, and cyber warfare.

How is Cyber security defined in the COC213 notes?

Cyber security is the state or process of protecting and recovering networks, devices, and programs from any type of cyber attack.

According to the Securitisation Framework (Buzan et al., 1998), what is a 'Referent Object'?

The thing being protected, such as a person, organisation, or state.

What are the common software endpoints (ports) for HTTP, SSH, and HTTPS?

HTTP maps to port $80$, SSH to port $22$, and HTTPS to port $443$.

What are the meanings of the HTTP response code ranges 2xx, 4xx, and 5xx?

2xx represents Success (e.g., 200 OK), 4xx represents Client Error (e.g., 404 Not Found), and 5xx represents Server Error (e.g., 500 Internal Server Error).

What is the key difference between a threat and a vulnerability?

A threat is a potential event that could cause harm (like a hacker or malware), while a vulnerability is a weakness that the threat can exploit (like unpatched software).

Define the three pillars of the CIA Triad.

Confidentiality (information accessible only to authorised individuals), Integrity (data remains accurate and unaltered), and Availability (systems and data are accessible when needed).

What was the significance of the Morris Worm (1988)?

It was the first major internet worm; it exploited Unix vulnerabilities and infected approximately $6,000$ machines, which was roughly $10\%$ of the internet at the time.

What occurred during the 2021 Florida Water System attack?

An attempt was made to poison the water supply by remotely increasing sodium hydroxide levels.

What according to the World Economic Forum (2022) is the percentage of cyber security issues traced to human error?

$95\%$.

Name and define the five usability factors identified by Nielsen.

Learnability (ease of first tasks), Efficiency (speed for experienced users), Memorability (ease of re-establishing proficiency), Errors (severity and recovery), and Satisfaction (pleasantness of use).

Explain the Security-Usability-Functionality Triangle.

It is a trade-off where you cannot maximise all three simultaneously; increasing security often decreases usability, and increasing functionality increases the attack surface.

What are the three factors of authentication?

Something you know (Knowledge, e.g., passwords), something you have (Possession, e.g., smartcard), and something you are (Inherence, e.g., fingerprint).

What is the difference between Salting and Peppering in password hashing?

Salting adds a random string unique to each user before hashing, while Peppering adds a global secret stored separately from the database.

Compare System 1 and System 2 thinking as described by Kahneman.

System 1 is fast, automatic, and emotional (often targeted by social engineers), while System 2 is slow, analytical, and requires conscious effort.

What is the general formula for Cyber Risk?

$\text{Risk} = \text{Likelihood} \times \text{Impact}$.

What are the four risk treatment options?

Mitigate (reduce likelihood/impact), Transfer (shift risk to another party), Avoid (remove the risky activity), and Accept (acknowledge and tolerate the risk).

Explain the RACI responsibility chain in risk governance.

R = Responsible (does the work), A = Accountable (owns the decision), C = Consulted (provides input), and I = Informed (kept up to date).

Define 'Risk' according to the FAIR (Factor Analysis of Information Risk) framework.

$\text{Risk} = \text{the probable frequency and probable magnitude of future loss}$.

What are the four core questions of Threat Modelling?

1. What are we building? 2. What can go wrong? 3. What are we going to do about it? 4. Did we do a good job?

List the categories of the STRIDE framework and the security property each violates.

Spoofing (Authentication), Tampering (Integrity), Repudiation (Non-repudiation), Information Disclosure (Confidentiality), Denial of Service (Availability), and Elevation of Privilege (Authorisation).

What are the seven stages of the Cyber Kill Chain developed by Lockheed Martin?

1. Reconnaissance, 2. Weaponisation, 3. Delivery, 4. Exploitation, 5. Installation, 6. Command & Control, 7. Actions on Objectives.

What is the 'Online Disinhibition Effect' (Suler, 2004)?

The reduction of restraint individuals feel online due to anonymity and a lack of face-to-face cues, leading to oversharing or risk-taking.

Define Prebunking in the context of misinformation.

Derived from Inoculation Theory, it involves inoculating people against misinformation by exposing them to weakened versions of it before they encounter the actual false information.

What was the significance of the Stanley Mark Rifkin case (1978)?

He social-engineered $\$10.2\,million$ from Security Pacific National Bank using insider knowledge of procedures without any technical hacking.

Describe the difference between Phishing, Spear Phishing, and Whaling.

Phishing is mass fraudulent email; Spear Phishing is targeted at specific individuals; Whaling is highly targeted at C-suite executives.

What are the three properties of the Bell-LaPadula Model (Confidentiality)?

Simple Security Property (No Read Up), Star Property (No Write Down), and Discretionary Security Property (Property owner can transfer rights).

What are the three properties of the Biba Model (Integrity)?

Simple Integrity Property (No Read Down), Star Integrity Property (No Write Up), and Invocation Property (No Execute Up).

What are the four necessary conditions for Deadlock to occur?

Mutual Exclusion, Hold and Wait, No Pre-emption, and Circular Wait.

What are the five stages of the Intelligence Cycle used in OSINT?

Direction, Collection, Processing, Analysis, and Dissemination.

What are the primary differences between Symmetric and Asymmetric encryption?

Symmetric uses the same key for encryption and decryption (e.g., AES); Asymmetric uses a Public key for encryption and a Private key for decryption (e.g., RSA).

What are the seven principles of GDPR?

1. Lawfulness, fairness, and transparency; 2. Purpose limitation; 3. Data minimisation; 4. Accuracy; 5. Storage limitation; 6. Integrity and confidentiality (security); 7. Accountability.

Define Stuxnet (2010).

A state-sponsored malware targeting Iranian nuclear centrifuges; it was the first known cyber-physical weapon to cause real-world physical destruction.

What is a 'Transduction Attack'?

An attack that manipulates sensors or physical inputs (e.g., using sound waves to affect accelerometers) rather than exploiting software vulnerabilities.