8.2.3 Mitigation processes

    avatar
    Created by
    Dylan Tappenden

    Cards (73)

    • Name 6 ways threats can mitgated against that are in software and hardware?
      Air gapping
      Access control
      Authentication
      Firewalls
      Access levels
      Device hardening
    • What is air gapping, and what is a good factor of it?
      System is seperate from a network, therefore cannot be accessed from outside physical premises

      No recurring costs
    • Air gapping protects against what kind of threats?
      External
    • Anti-virus protects against malware, what are the two main types of detection?
      Heuristic and signature
    • Signature anti-virus does what?
      Searches for known signatures in files to find malware
    • Heuristic anti-virus does what?
      Monitors program behaviour to detect malware-like activity
    • What options do antivirus offer once malware has been detected?
      Quarantine
      Delete
      Ignore
    • Software should be kept up to date to reduce security issues, however what software is very important to update for security?
      Security software
    • Automatic updates are useful as they reduce risk of human error regarding not updating it
    • AUtomatic updates may pose a risk as a Advanced Persistent Threat could potentially prevent an update
    • Manual updating 3 issues?
      Longer time to download
      Patch release isn't newest
      Prevented by incorrect scheduling
    • Why do some users like to update manually?
      To check what the update contains
    • API certification falls into 3 types?
      Private(5/5) - for internal use
      Partner(4/5) - for use with others, as safe as it's weakest link
      Public(2/5) - available to all users, can be exploited
    • Access controls is best to mitgate which kind of threat?
      Internal
    • Access controls involve predefining access of employees, what does it require?
      Clear documentation and accurate authentication and verification of identity
    • Good access controls systems have what key feature?
      Reports to identify which employees have accessed what
    • Access control can be implemented in l and physically
    • Physical access control often involves physical barriers that are opened using tokens unique to the employee
    • An employees unique token can even be something physical such as a key. However this does provide less info such as reports compared to tokens that can be integrated into smart tech such as RFID which can log who enters
    • Name 4 unique tokens aside from a key?
      RFID badge
      Password
      Magstripe card
      Biometrics
    • It is good to include other forms of physical security with access control, name 3 other forms?

      Surveillance
      Metal detectors
      Embedded wires
    • Digital unique tokens for physical access control can be prevented from working instantly
    • Device hardening reduces what of a system?
      Vulnerabilities
    • 4 ways to harden a device?
      Safe mode
      Automatic security patches
      Software access controls
      Disable unused ports
    • Encryption reduces the impact of data theft, as even once taken it cannot be used until decrypted, therefore reducing the effect of a data breach
    • What forms of data need to be encrypted the most?
      Data in transit
    • What form of data needs to be encrypted the least in controlled systems?
      Data in use
    • What are the two types of encryption?
      Asymmetric
      Symmetric
    • Assymetric encryption is?
      Encryption which has a different encryption and decryption key
    • Asymmetric encryption requires what?
      DIfferent encryption from decryption
    • Encryption is reversible as anything that is encrypted can be decrypted with the correct key
    • It is implausible that you can unscramble a hash, as the algorithm is intrinsically one-way as multiple hashes can have the same value
    • Access levels can be physical or logical
    • 3 examples of logical access levels?
      Usernames
      Password
      Verification
    • Username access controls:
      Usernames can be used to give access depending on the associated
    • Passwords prevent unauthorised access to digital systems
    • Passphrases are generally made up of multiple words, making them especially difficult to brute force due to it's length
    • Passphrases can be easier to remember reducing chance to forget
    • Multi-factor authentication can take many forms such as?
      Possession
      Location
      Knowledge
      Biometric
    • Token authentication uses physical items to verify a users identity
    See similar decks