Integrity concerns

6.1 Summarize confidentiality, integrity and availability concerns.

📘CompTIA ITF+ (FC0-U61)

1. Man-in-the-Middle (MITM) Attack

  • What it is: This happens when a hacker secretly intercepts communication between two parties and can read or even change the information being sent.
  • How it affects integrity: The data can be altered during transmission without either party knowing. This breaks trust because the receiver might get fake or changed data.
  • Example in IT: Imagine a user sending a password to a server. A hacker intercepts it, changes the password to something else, and then forwards it to the server. The server thinks it received the correct password, but it has been tampered with.

2. Replay Attack

  • What it is: A replay attack occurs when an attacker captures valid data (like a login request or transaction) and resends it later to trick the system into accepting it again.
  • How it affects integrity: The system believes it’s receiving new or valid information, but in reality, the same information is being reused maliciously. This can lead to unauthorized actions.
  • Example in IT: A user sends a token to authenticate to a server. An attacker captures this token and sends it again to gain access. The server thinks it’s a legitimate request, even though it’s reused.

3. Impersonation

  • What it is: Impersonation is when an attacker pretends to be someone else to gain access to systems or information.
  • How it affects integrity: The attacker can make unauthorized changes because the system thinks the attacker is a trusted user.
  • Example in IT: An attacker pretends to be an admin on a network and changes configuration files or data. The system logs show the “admin” made the changes, but it was actually the attacker.

4. Unauthorized Information Alteration

  • What it is: This occurs when someone changes information without permission.
  • How it affects integrity: The data is no longer accurate or trustworthy. This can happen intentionally (malicious tampering) or accidentally (user error).
  • Example in IT: A database entry for a user’s account is changed by someone who should not have access. Maybe a field like account balance or permissions is altered. This breaks the integrity of the system.

Key Takeaways for the Exam

  • Integrity is about trustworthy, accurate, and unaltered data.
  • Common threats that affect integrity:
    1. Man-in-the-Middle – intercepts and possibly changes data in transit.
    2. Replay Attack – reuses valid data to trick systems.
    3. Impersonation – attacker pretends to be someone else.
    4. Unauthorized Information Alteration – changing data without permission.
  • Solutions often involve:
    • Encryption (protects data during transit)
    • Digital signatures (verify who sent the data)
    • Access controls (ensure only authorized users can change data)
    • Audit logs (track changes and detect tampering)
Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by