What are the four levels of security measures that are necessary for system protection

/ Exams & Certification / By
  1. What are the four levels of security measures that are necessary for system protection?
  2. What is the most common way for an attacker outside of the system to gain unauthorized access to the target system?
  3. What are the two main methods used for intrusion detection?
    4. What is port scanning and how is it typically launched?
  4. What is the difference between symmetric and asymmetric encryption?
  5. What are the two main varieties of authentication algorithms?
  6. What is an access matrix and how can it be implemented?
  7. How does the lock-key mechanism for implementation of an access matrix work?

The Correct Answer and Explanation is:

  1. Four Levels of Security Measures:
    The four levels of security measures necessary for system protection are:
  • Physical security: Preventing unauthorized physical access to devices and systems through means such as locks, guards, and surveillance.
  • Network security: Protecting the integrity, confidentiality, and availability of data and resources across networks through firewalls, intrusion detection/prevention systems (IDS/IPS), and secure protocols.
  • System security: Ensuring that the operating system and software are free from vulnerabilities through regular patching, system hardening, and secure configurations.
  • Application security: Securing software applications by detecting vulnerabilities in the code, using secure coding practices, and implementing security testing and monitoring.
  1. Most Common Way for an Attacker to Gain Unauthorized Access:
    The most common method an attacker uses to gain unauthorized access to a target system is social engineering. This involves manipulating people into divulging confidential information, such as login credentials or other sensitive data, often through phishing emails or phone calls that appear legitimate.
  2. Two Main Methods for Intrusion Detection:
    The two main methods used for intrusion detection are:
  • Signature-based detection: This method compares network traffic or system behavior to a predefined set of known attack patterns or signatures. It’s effective at detecting known threats but can’t detect new or unknown attacks.
  • Anomaly-based detection: This method establishes a baseline of normal network or system behavior and flags any deviations from that norm. It can detect unknown or novel attacks but may result in false positives.
  1. Port Scanning and How It Is Typically Launched:
    Port scanning is the process of sending packets to specific ports on a system to determine which ports are open and listening for connections. It is typically launched using tools like Nmap or Angry IP Scanner. Attackers use port scanning to identify vulnerable services that could be exploited for unauthorized access.
  2. Difference Between Symmetric and Asymmetric Encryption:
  • Symmetric encryption uses the same key for both encryption and decryption. It is faster and more efficient for encrypting large amounts of data but requires secure key exchange to prevent interception by attackers.
  • Asymmetric encryption uses a pair of keys: a public key for encryption and a private key for decryption. This method is more secure for key distribution, as the private key is never transmitted, but it is slower than symmetric encryption.
  1. Two Main Varieties of Authentication Algorithms:
    The two main varieties of authentication algorithms are:
  • Password-based authentication: Relies on the user proving their identity by entering a password, often combined with multi-factor authentication (MFA).
  • Biometric authentication: Uses unique physical traits of a person, such as fingerprints, facial recognition, or retina scans, to verify identity.
  1. Access Matrix and How It Can Be Implemented:
    An access matrix is a security model that defines the access rights or permissions (read, write, execute) that each subject (user or process) has over an object (file, device, etc.). It can be implemented using:
  • Access Control Lists (ACLs): Each object contains a list of subjects and the permissions they have for that object.
  • Capability Lists: Each subject has a list of objects it can access, along with the allowed operations.
  1. Lock-Key Mechanism for Implementation of an Access Matrix:
    The lock-key mechanism for implementing an access matrix works as follows:
  • The lock represents the object or resource being protected (e.g., a file or database).
  • The key represents the access rights or permissions that a subject (user or process) has for that object (e.g., the ability to read or write).
  • When a subject attempts to access an object, the system checks if the subject possesses the correct key (permissions) for the lock (object). If the subject holds the correct key, access is granted; otherwise, access is denied. This mechanism ensures that only subjects with the appropriate permissions can perform specific actions on the protected objects, aligning with the principle of least privilege and enhancing security by controlling access to sensitive resources.

Related Posts

Scroll to Top