Real-world vulnerabilities

From Computer Science Wiki
Revision as of 13:30, 5 January 2023 by Bmackenty (talk | contribs) (Created page with "=== Students must be able to identify vulnerabilities exploited in a real-world case which led to a security breach/failure and identify the category of the vulnerability (sys...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Students must be able to identify vulnerabilities exploited in a real-world case which led to a security breach/failure and identify the category of the vulnerability (system-based, practice/administrative-based, human-based).[edit]

To be able to identify vulnerabilities exploited in a real-world case and classify them according to their category, students should have a strong understanding of the different types of vulnerabilities that can exist in computer systems and how they can be exploited by attackers. They should also be familiar with the different categories of vulnerabilities and how to identify them based on their characteristics and root causes.

There are three main categories of vulnerabilities: system-based, practice/administrative-based, and human-based.

  1. System-based vulnerabilities are vulnerabilities that exist in the hardware or software of a computer system, such as vulnerabilities in the operating system, application software, or network protocols. These vulnerabilities can be exploited by attackers to gain unauthorized access to the system or to perform other malicious actions.
  2. Practice/administrative-based vulnerabilities are vulnerabilities that exist due to poor practices or inadequate policies and procedures in an organization. These vulnerabilities can include things like weak passwords, lack of security awareness training, or inadequate security controls. These vulnerabilities can be exploited by attackers to gain unauthorized access to the system or to perform other malicious actions.
  3. Human-based vulnerabilities are vulnerabilities that exist due to the actions or behaviors of individuals within an organization. These vulnerabilities can include things like social engineering attacks (e.g., phishing, baiting) or physical security breaches (e.g., lost or stolen devices). These vulnerabilities can be exploited by attackers to gain unauthorized access to the system or to perform other malicious actions.

To identify vulnerabilities exploited in a real-world case, students might consider the following steps:

  1. Gather information about the security breach or failure, including details about how the attack was carried out and what types of data or resources were compromised.
  2. Analyze the information to identify the specific vulnerabilities that were exploited by the attacker. This may involve looking for clues in the method of attack or the types of data or resources that were compromised.
  3. Classify the vulnerabilities according to their category. This may involve considering the root cause of the vulnerability and how it fits into one of the three categories (system-based, practice/administrative-based, human-based).
  4. Document the vulnerabilities and their classification, along with any other relevant information about the security breach or failure. This may include information such as the impact of the breach or failure, the steps taken to mitigate the vulnerabilities, and any recommendations for improving security in the future.

Overall, the ability to identify vulnerabilities exploited in a real-world case and classify them according to their category is an important skill for computer science students, as it enables them to understand the root causes of security breaches and failures and to identify and address vulnerabilities in order to improve the security of their systems and networks.



Students must be able to explain the responsibility of an organisation (ethically and legally) to deploy a security policy, outline the characteristics of a robust security strategy, and identify countermeasures to prevent a future security breach/failure.[edit]

Students must be able to explain the need for organisations to analyse attacks conducted on others to identify risks to their own systems.[edit]

Students must be able to describe the purpose and process in “Red Teaming” and identify the advantages of simulating security attacks for an organisation.[edit]