1️⃣ Define the CIA triad in network security. Briefly explain each letter and give one concrete example for each.
✅ Confidentiality, Integrity, Availability
Confidentiality – preventing unauthorised disclosure (e.g., encryption).
Integrity – preventing unauthorised modification (e.g., checksums).
Availability – ensuring timely access (e.g., redundant servers).
2️⃣ What is eavesdropping? Which security goal does it violate? Name one tool to counter it.
✅ violates confidentiality
Eavesdropping: interception of information during transmission intended for someone else (slide 7).
Tool: encryption – transforms data so only authorised key can read it.
3️⃣ List three tools that support confidentiality and give a short explanation of each (from slides 8–10).
✅ encryption, authentication, access control
Encryption – uses keys to transform information so only intended recipient can decrypt.
Authentication – verifies identity via something you have/know/are.
Access control – policies limiting access based on “need to know”.
4️⃣ What is an integrity attack? Describe the man‑in‑the‑middle attack as an example of alteration.
✅ unauthorised modification
Integrity attack: unauthorised modification of information (slide 14).
MITM: attacker intercepts communication, modifies messages, then forwards them – violates integrity and confidentiality.
5️⃣ Name three tools for integrity from the lecture. How does a checksum help detect changes?
✅ backups, checksums, error‑correcting codes
Backups – archives to restore original data.
Checksums – function maps file content to a value; even a single bit flip changes the checksum.
Error‑correcting codes – detect and fix small changes automatically.
6️⃣ Explain availability. Give one example of an attack on availability and two protection tools mentioned in the slides.
✅ ability to use info/resources
Attack: Denial‑of‑Service (DoS), physical cutting of links.
Tools: physical protections (redundant power, backup links) and computational redundancies (failover servers).
7️⃣ Based on slide 20, give one example of an attack on confidentiality, one on integrity, and one on availability for data.
✅ data confidentiality: unauthorised read; integrity: modification; availability: deletion
Confidentiality: unauthorised read of data.
Integrity: existing files modified or new files fabricated.
Availability: files deleted, denying access.
8️⃣ What does the extended acronym AAAA stand for? Briefly define each term (slides 21–32).
✅ Assurance, Authenticity, Anonymity, Accountability
Assurance – degree of confidence that systems behave as expected.
Authenticity – verifiable source/origin (prevents impersonation).
Anonymity – actions not attributable to an individual.
Accountability – actions can be traced uniquely to an entity.
9️⃣ What is masquerading (impersonation)? Which AAAA goal does it violate?
✅ violates authenticity
Masquerading: fabrication of information purporting to be from someone else (slide 26).
Violates authenticity – the receiver cannot verify the true source.
🔟 Describe three tools that provide anonymity as covered in slides 28–30: aggregation, mixing, proxies.
✅ aggregation, mixing, proxies
Aggregation – combine data so individuals cannot be identified (e.g., average salary).
Mixing – intertwine transactions (e.g., cryptocurrency mixers).
Proxies – trusted agents act on behalf, hide original IP.
1️⃣1️⃣ Differentiate between asset, vulnerability, and threat using the example of Charlie the dog (slide 36).
✅ asset: Charlie; vulnerability: leash; threat: Charlie runs away
Asset: entity to protect (Charlie).
Vulnerability: weakness (the leash).
Threat: potential exploit (Charlie runs away).
Cyber example: private photo (asset), OS bug (vulnerability), attacker exploiting bug (threat).
1️⃣2️⃣ Compare active and passive adversary. Give an example of each (slides 41–42).
✅ active: modifies traffic; passive: eavesdrops
Active adversary – corrupts messages, prevents communication, injects virus.
Passive adversary – silent, eavesdrops, logs traffic without altering.
1️⃣3️⃣ In security scenarios, what are the typical roles of Eve and Mallory?
✅ Eve: passive eavesdropper; Mallory: active attacker
Eve – passive, listens but does not alter.
Mallory – active, modifies messages, injects, disrupts.
1️⃣4️⃣ Describe the three impact levels (low, moderate, high) for security incidents according to slides 44–46.
✅ low / moderate / high
Low – limited adverse effect; minor financial loss, no life harm.
Moderate – serious adverse effect; significant degradation, significant financial loss, no life threat.
High – severe/catastrophic; loss of life, mission failure, major financial loss.
1️⃣5️⃣ Define accountability in the context of AAAA. Why is it important for forensic analysis?
✅ actions traced uniquely to entity
Accountability ensures every action can be traced back to the responsible party (logs, non‑repudiation).
Essential for audits, intrusion investigation, and legal proceedings.
1️⃣6️⃣ What is correlation and traceback as a threat to anonymity? (slide 31)
✅ integrating data sources to identify source
Combining multiple data flows to determine the origin of a communication – breaks anonymity.
🔑 frequently referenced concepts & equations
CIA triad
Confidentiality · Integrity · Availability
AAAA
Assurance, Authenticity, Anonymity, Accountability
attack impact levels
low / moderate / high
threat vs vulnerability
threat exploits vulnerability
active vs passive
active = modification
passive = eavesdropping
anonymity tools
aggregation, mixing, proxies
ACADEZI 2026