12 - Information Security Management

Question 1

Advanced Persistent Threat (APT)

Answer 1

A sophisticated, possibly long-running computer hack that is perpetrated by large, well-funded orgs like governments.

APTs are means to engage in cyber warfare.

Question 2

Adware

Answer 2

Programs installed on user comp without knowledge or permission

Reside in the background and unknown to the user, observer user’s actions and keystrokes, modify comp. activity, and report the user’s activities to sponsoring orgs.

Most adware is benign in that it does not perform malicious acts or steal data. It does, however, watch user activity and produce pop-up ads.

Question 3

Asymmetric Encryption

Answer 3

An encryption method whereby diff. keys are used to encode and decode the message. (Need 2 diff codes)

ie. Public/private keys

Question 4

Authentication

Answer 4

The process whereby an information system verifies (Validates) a user.

Question 5

Biometric authentication

Answer 5

The use of personal physical characteristics, such as fingerprints, facial features, and retinal scans, to authenticate users.

Question 6

Brute Force Attack

Answer 6

A password-cracking program that tries every possible combination of characters.

Question 7

Cookies

Answer 7

A small file that is stored on the user’s computer by a browser.

Cookies can be used for authentication, for storing shopping cart contents and user preferences, and other legitimate purposes.

Cookies can also be used to implement spyware (323)

Question 8

Data administration

Answer 8

An organization-wide function that developes and enforces data policies and standards.

Question 9

Data safeguards

Answer 9

Measures used to protect databases and other data assets from threats. Includes data rights and responsibilities, encryption, backup and recovery, and physical security.

Question 10

DataBASE administration

Answer 10

A person or department that develops procedures and practices to ensure efficient and orderly multiuser processing of the database, to control changes to database structure, and protect the database.

Question 11

Denial of Service

DOS

Answer 11

Security problem in which users are not able to access an information system

Can be caused by human errors, natural disasters, or malicious activity

Question 12

Drive-by sniffer

Answer 12

A person who takes a computer with a wireless connection through an area and searches for unprotected wireless networks in an attampt to gain free internet access, or gather unauthorized data.

Question 13

Email spoofing

Answer 13

Synonym for phishing

Technique for obtaining unauthorized data that uses pretexting via email. The phisher pretends to be a legitimate company, and sends email requests for confidential data, such as account numbers, Social Sec. numbers, account passwords, etc.

Phishers direct traffic to their sites under the guise of legitimate business.

Question 14

Encryption

Answer 14

The process of transforming clear text into coded, unintelligible text for secure storage or communication.

Question 15

Encryption Algorithms

Answer 15

Algorithms used to transform clear text into coded, unintelligible text for secure storage or communication.

Question 16

FIDO

Answer 16

First Identity OnLine

A set of open standards and protocols under development as an alternative to password authentication.

Question 17

Firewall

Answer 17

Computer devices located between public and private networks that prevent unauthorized access to or from the internal network.

A firewall can be a special-purpose computer or it can be a program or general-purpose computer or on a router.

Question 18

Hacking

Answer 18

A form of computer crime in which a person gains unauthorized access to a computer system.

Although some people hack for the sheer joy of doing it, other hackers invade systems for the malicious purposes of stealing or modifying data.

Question 19

https

Answer 19

An indication that a Web browser is using the SSL/TLS protocol to provide secure communication.

Question 20

Human safeguards

Answer 20

Steps taken to protect against security threats by establishing appropriate procedures for users to follow during system use.

Question 21

Identification

Answer 21

The process whereby an information system identifies a user by requiring the user to lsign on with a username and password.

Question 22

Internal firewalls

Answer 22

Firewalls that sit inside the organizational network.

Question 23

Intrusion Detection System (IDS)

Answer 23

A computer program that senses when another computer is attempting to scan the disk or otherwise access a computer.

Question 24

IP Spoofing

Answer 24

A type of spoofing whereby an intruder uses another site’s IP address as if it were that other site.

Question 25

Key

Answer 25

1. A column or group of columns that ID’s a unique row in a table. Also ref.: Primary Key
2. A number used to encrypt data. The encryption algorithm applies the key to the original message to produce the coded message. Decoding (decrypting) a message is similar; a key is applied to the coded message to recover the original text.

Question 26

Key escrow

Answer 26

A control procedure whereby a trusted party is given a copy of a key used to encrypt database data.

Question 27

Malware

Answer 27

Viruses, worms, trojan horses, spyware, and adware.

Question 28

Malware definitions

Answer 28

Patterns that exist in malware code. Antimalware vendors update these definitions continuously and incorporate them into their products in order to better fight against malware.

Question 29

Packet-filtering Firewall

Answer 29

A firewall that examines each packet and determines whether to let the packet pass.

To make this decision, it examines the source address, destination address, and other data.

Question 30

Payload

Answer 30

Program codes of viruses that cause unwanted or hurtful actions, such as deleting programs or data, or even worse, modifying data in ways that are undetected by the user.

Question 31

Perimeter Firewall

Answer 31

A firewall that sits outside the organizational network; it is the first device that Internet traffic encounters.

Question 32

Personal identification number

(PIN)

Answer 32

A form of authentication whereby the user supplies a number that only he or she knows.

Question 33

Phisher

Answer 33

An individual or organization that spoofs legitimate companies in an attempt to illegally capture personal data such as CC numbers, email accounts, and driver’s license numbers.

Question 34

Phishing

Answer 34

A technique for obtaining unauthorized data that uses pretexting via email. The phisher pretends to be a legitimate company and sends an email requesting confidential data.

Question 35

Pretexting

Answer 35

Deceiving someone over the internet by pretending to be another person or organization.

Question 36

Public key/private key

Answer 36

A special version of asymmetric encryption that is popular over the internet.

With this method, each site has a public key for encoding a message and a private key for decoding.

Question 37

Safeguard

Answer 37

Any action, device, procedure, technique, or other measure that reduces system vulnerability to threats.

Question 38

Secure Socket Layer (SSL)

Answer 38

A protocol that uses both asymmetric and symmetric encryption. When SSL is in use, the browser address will begin with https://.

Most recent version of SSL is called TLS.

Question 39

Smart Cards

Answer 39

Plastic cards similar to credit cards that have microchips.

The microchip, which holds much more data than a magnetic strip, is loaded with ID’ing data. Normally requires a PIN.

Question 40

Sniffing

Answer 40

Technique for intercepting computer communications. With wired networks, sniffing requires a physical connection to the network. With wireless networks, no such connection is required.

Question 41

Spoofing

Answer 41

When someone pretends to be someone else with the intent of obtaining unauthorized data. If you pretend to be your professor, you are spoofing your professor.

Question 42

Spyware

Answer 42

Programs installed on the user’s computer without the user’s knowledge or permission that reside in the background and unknown to the user, observer user’s actions and keystrokes, modify comp. activity, and report the user’s activities to sponsoring orgs.

Malicious spyware captures keystrokes to obtain user names, passwords, account #s, and other sensitive information. Other spyware is used for marketing analyses, observing what users do, Web sites visited, products examined and purchased, and so on.

Question 43

SQL injection attack

Answer 43

This situation occures when a user obtains unauthorized access to data by entering a SQL statement into a form in which they are supposed to enter a name or other data.

if the program is improperly designed, it will accept this statement and make it part of the SQL command that it issues to the DBMS.

Question 44

Symmetric encryption

Answer 44

An encryption method whereby the same key is used to encode and decode the message.

Question 45

Target

Answer 45

the asset that is desired by a security threat.

Question 46

Technical safeguards

Answer 46

Security safeguards that involve the hardware and software component of info systems.

Question 47

Text mining

Answer 47

The application of statistical techniques on text streams for locating particular words, word patterns, or even correlating those word patterns with personality profiles.

Question 48

Threat

Answer 48

A person or org that seeks to obtain or alter data or other IS assets illegally, without the owner’s permission and often without the owner’s knowledge.

Question 49

Transport Layer Security (TLS)

Answer 49

The new name for a later version of Secure Socket Layer (SSL)

Question 50

Trojan Horses

Answer 50

Viruses that masquerade as useful programs or files.

A typical trojan horse appears to be a computer gam, MP3 file, or some other innocuous program.

Question 51

Usurption

Answer 51

Occurs when unauthorized programs invade a computer system and replace legitimate programs.

Such unauthorized programs typically shut down the legitimate system and substitute their own processing to spy, steal, and manipulate data or acheieve other purposes.

Question 52

Virus

Answer 52

Computer program that self-replicates.

Question 53

Vulnerability

Answer 53

An opportunity for threats to gain access to individual or organizational assets.

Some vulnerabilities exist because there are no safeguards or because the existing safeguards are ineffective.

Question 54

Worm

Answer 54

A virus that propagates itself using the internet or some other computer network
Worm code is written specifically to infect another computer as quickly as possible.