INFORMATION SECURITY

Q1. Scenario:

You are interning at a university’s IT helpdesk, where a security breach has caused unauthorized
access to student grade records on the Learning Management System (LMS).

• Explain the CIA Triad and identify which element(s) were likely compromised.

• Why is it important to understand the differences between threats, vulnerabilities,

and risks when investigating this breach?

ANSWER :
Part 1: CIA Triad – Explanation & Compromise Analysis
The CIA Triad stands for:
1. Confidentiality: Only authorized people can access data.
2. Integrity: Data should be accurate and not altered without permission.
3. Availability: Data/services must be accessible when needed.
🎯 In This Scenario:
 Unauthorized access to student grades means Confidentiality is compromised.
 If the grades were changed, then Integrity is also compromised.
 If students couldn’t access LMS due to the breach, then Availability may also be affected.
Part 2: Understanding Threats, Vulnerabilities, and Risks
✅ Definitions with Relevance to the Scenario:
 Threat: A potential danger or malicious action.
Example: A hacker trying to access LMS.
 Vulnerability: A weakness in the system that can be exploited.
Example: Weak admin passwords or outdated LMS software.
 Risk: The potential impact if a threat exploits a vulnerability.
Example: If a hacker uses the weak password to access student data, the risk is grade manipulation or
data leakage.
🔍 Conclusion: At least Confidentiality was breached. Possibly Integrity and Availability too, depending on the
exact nature of the breach.
Q2. Scenario: A retail company handling customer data notices discrepancies in payment logs.
During a discussion, a junior IT staff member uses the terms “risk,” “threat,” and “vulnerability”
interchangeably. • Define each term clearly with examples relevant to a retail system. • How
would you explain their relationship using a simple analogy or metaphor?

ANSWER :
Part 1: Definitions with Examples
 Threat: A potential cause of harm.
Retail Example: A cybercriminal trying to steal customer payment data.
 Vulnerability: A weakness that could be exploited by a threat.
Retail Example: A payment portal that doesn’t use HTTPS (unencrypted connection).
 Risk: The likelihood and impact of a threat exploiting a vulnerability.
Retail Example: If the hacker intercepts payment data via the unsecured connection, the risk is
financial fraud and legal action.

Part 2: Simple Analogy to Explain the Relationship

🛡️Analogy: House Security
 Threat: A thief in your neighborhood.
 Vulnerability: You left your front door unlocked.
  Risk: The thief notices the open door and robs your house.
Q3. Scenario:
You are setting up security for a new online platform. You need to choose between using host-based and
network-based firewalls for protection.
 What would you recommend for different layers of security?
 Justify your choices based on system type and usage scenarios.
ANSWER :
What would you recommend for different layers of security?
To provide layered security, I recommend using both types of firewalls:
1. Network-Based Firewall (Perimeter Security)
 Placed at the network edge, between the internal system and the internet.
 Controls incoming and outgoing traffic across the entire platform.
 Filters traffic based on IP, ports, protocols.
 Protects against external threats (DDoS, port scanning, unauthorized access).
2. Host-Based Firewall (Internal Layer Security)
 Installed on individual servers or systems (e.g., database server, web server).
 Monitors and controls traffic to/from that specific machine.
 Useful if one server is compromised — limits lateral movement of the attacker.
 Can enforce fine-grained security policies per system (e.g., only allow certain apps to send data).
System Type Recommended Firewall Justification
Host-based + Protects externally and controls
Web Servers
Network-based application-level communication
Internal Database Limits access to only specific application
Host-based firewall
Servers servers, even inside the network
User Endpoints/Admin Prevents malware or unauthorized apps from reaching
Host-based firewall
PCs the internal systems
First line of defense from external internet-based
Edge Router/Gateway Network-based firewall
attacks

Q4. Scenario :
A company’s security audit reveals several unpatched vulnerabilities. Management asks you to explain the
difference between a vulnerability assessment and penetration testing.
 How would you differentiate the two with respect to this case?
 Name and describe any two tools you would use during this process.
ANSWER :
Aspect Vulnerability Assessment Penetration Testing
Identify and list all known weaknesses in the Actively exploit vulnerabilities to simulate a
Purpose
system real-world attack
Deep and manual/automated testing with
Approach Broad and automated scan
attacker mindset
In-depth, verifies if vulnerabilities can be
Scope Surface-level, identifies potential issues
used to gain access
Generates a report of vulnerabilities Shows how vulnerabilities can lead to actual
Outcome
(unpatched software, misconfigs) data breaches
Use Case (This Tests whether those unpatched systems can be
Helps find which systems are unpatched
Scenario) exploited in practice
Name and describe any two tools you would use during this process:
1. Nessus (for Vulnerability Assessment)
o Scans systems for known vulnerabilities, misconfigurations, missing patches.
o Generates prioritized reports based on severity (CVSS scores).
2. Metasploit (for Penetration Testing)
o Framework for developing and executing exploit code.
o Used to test if identified vulnerabilities can actually be exploited.
Q6. Scenario
You’re hired as a security consultant for a mobile wallet application in the fintech industry.
 What cybersecurity risks would you assess first?
 Mention at least two major threats specific to fintech apps.
ANSWER
Scenario: You’re hired as a security consultant for a mobile wallet app in the fintech industry.
What cybersecurity risks would you assess first?
 Unauthorized Access: Ensure that only authenticated users can access sensitive financial data.
 Data Transmission Risks: Assess if payment data is encrypted during transmission (e.g., HTTPS, TLS).
 Weak Authentication: Check for strong password policies and multi-factor authentication.
 API Security: Fintech apps often rely on APIs; insecure APIs may expose data.
Mention at least two major threats specific to fintech apps:
1. Phishing and Social Engineering Attacks: Users may be tricked into sharing OTPs or login credentials.
2. Man-in-the-Middle (MITM) Attacks: Data interception during transactions if communication isn't
encrypted.
3. (Extra if needed) Malware on User Devices: Mobile malware can steal wallet data or hijack sessions.
Q7. Scenario
Your company is applying for a compliance certification to operate in the financial sector.
 Recommend one ISO standard suitable for the company (e.g., ISO 27001, PCI DSS).
 Explain its purpose and how it improves trust and security.
ANSWER
Scenario: Your company is applying for compliance certification to operate in the financial sector.
✅ Recommend one ISO standard suitable for the company:
ISO/IEC 27001 – International standard for Information Security Management Systems (ISMS).
🎯 Explain its purpose and how it improves trust and security:
 Purpose:
ISO 27001 provides a framework to systematically identify, manage, and reduce risks to
information assets.
 How it helps:
o Builds trust with customers and partners by showing commitment to data
protection.
o Ensures confidentiality, integrity, and availability (CIA) of information.
o Helps meet legal and regulatory requirements in the financial industry.
o Encourages continuous monitoring and improvement of security policies.