1. What are the Type of Security Attacks ?

Ans:

a). Malware: Malware is a term used to describe malicious software, including spyware, ransomware, viruses, and worms. Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that then installs risky software.
b). Phishing: Phishing is the practice of sending fraudulent communications that appear to come from a reputable source, usually through email. The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine. Phishing is an increasingly common cyberthreat.
c). Man-in-the-middle attack: Man-in-the-middle (MitM) attacks, also known as eavesdropping attacks, occur when attackers insert themselves into a two-party transaction.
d). Denial-of-service attack(DDoS): A denial-of-service attack floods systems, servers, or networks with traffic to exhaust resources and bandwidth. As a result, the system is unable to fulfill legitimate requests. Attackers can also use multiple compromised devices to launch this attack.
e). SQL injection: SQL Injection (SQLi) is an injection attack where an attacker executes malicious SQL statements to control a web application’s database server, thereby accessing, modifying and deleting unauthorized data. SQL Injection attack is one of the popular ways of targeting databases.
f). Zero-day exploit: A zero-day exploit hits after a network vulnerability is announced but before a patch or solution is implemented. Attackers target the disclosed vulnerability during this window of time. Zero-day vulnerability threat detection requires constant awareness.
g). Cross Site Scripting: XSS attacks occur when a web app sends malicious code in the form of a side script to another user thus bypassing access controls of the site to same as the origin.
h). Cryptojacking: It is a specialized attack that involves getting someone else's computer to do the work of generating cryptocurrency for you.

2. What do you mean by Vulnerabilities ?

Ans:

Vulnerability is a weakness which can be exploited by an attacker to perform unauthorized actions within a computer system. It is a flaw in a system that can leave it open to attack.

3.what are the Defense Strategies and Techniques ?

Ans:

Prevent it: by blocking the attack or closing the vulnerability.
Deter it: by making the attack harder but not impossible
Deflect it: by making another target more attractive
Detect it: either as it happens or some time after the fact
Recover from its effects.

4.What Is Access Control ?

Ans:

The process by which resources or services are granted or denied on a computer system or network.

5.What are the Access Control Terminology ?

Ans:

Computer access control can be accomplished by one of three entities: hardware, software, or a policy Access control can take different forms depending on the resources that are being protected
a). Identification: A user accessing a computer system would present credentials or identification, such as a username
b). Authentication: Checking the user’s credentials to be sure that they are authentic and not fabricated
c). Authorization: Granting permission to take the action
d). Granted access: To only certain services or applications in order to perform their duties

6. What is the Access control models ?

Ans:

Provides a predefined framework for hardware and software developers who need to implement access control in their devices or applications
a). Discretionary Access Control (DAC): A subject has total control over any objects that he or she owns, Along with the programs that are associated with those objects. In the DAC model, a subject can also change the permissions for other subjects over objects
b). Mandatory Access Control (MAC): The end user cannot implement, modify, or transfer any controls The owner and custodian are responsible for managing access controls. It is based on security labels. Subjects are given security clearance and objects are classified into (secret, top secret, confidential, etc.) . The benefits of MAC based access control is that it cannot be over written or bypassed and it strongly enforces all requests.
c). Role Based Access Control (RBAC): Also called the Rule-Based Role-Based Access Control (RB-RBAC) model or automated provisioning Can dynamically assign roles to subjects based on a set of rules defined by a custodian Each resource object contains a set of access properties based on the rules. it is also called as Non-Discretionary Access Control Considered a more “real world” approach than the other models . Assigns permissions to particular roles in the organization, and then assigns users to that role Objects are set to be a certain type, to which subjects with that particular role have access.
d). Bell LaPadula Model: The Bell-LaPadula security model deals with the preservation of confidentiality. It was originally defined by Department of Defense in Trusted Computer System Evaluation Criteria which is US Government standard that sets basic requirements for assessing the effectiveness of computer security controls.
e). Attribute-based access control (ABAC): A methodology that manages access rights by evaluating a set of rules, policies and relationships using the attributes of users, systems and environmental conditions.
f). Remote Authentication Dial-In User Service (RADIUS): a networking protocol, operating on port 1812 that provides centralized Authentication, Authorization, and Accounting (AAA or Triple A) management for users who connect and use a network service.
g). Terminal Access Controller Access-Control System (TACACS):
   1). Extended TACACS (XTACACS) is a proprietary extension to TACACS introduced by Cisco Systems in 1990 without backwards compatibility to the original protocol. TACACS and XTACACS both allow a remote access server to communicate with an authentication server in order to determine if the user has access to the network.
   2). Terminal Access Controller Access-Control System Plus (TACACS+) is a protocol developed by Cisco and released as an open standard beginning in 1993. Although derived from TACACS, TACACS+ is a separate protocol that handles authentication, authorization, and accounting (AAA) services. TACACS+ and other flexible AAA protocols have largely replaced their predecessors.