CH 5

Question 1

Define spoofing.

Answer 1

An attempt to gain access to a network by posing as an authorized user in order to find sensitive information, such as passwords or credit card information.

Question 2

What is the CIA triangle?

Answer 2

The three important aspects of computer and network security: confidentiality, integrity and availability.

Question 3

What are 3 examples of intentional computer and network threats?

Answer 3

• Viruses
• Worms
• Trojan horse

Question 4

Define a Denial-of-Service (DoS) attack.

Answer 4

DoS floods a network or server with service requests to prevent legitimate users’ access to the system.

Question 5

What are 3 recommendations in order to guard against social engineering threats?

Answer 5

• Be careful with unsolicited emails and do not click on attachments
• Be careful of requests for confidential information
• Be cautious about requests that require prompt action

Question 6

What are 5 examples of biometric devices and measures?

Answer 6

• Facial recognition (only one that you do not have to opt-in)
• Fingerprints
• Iris analysis
• Palm prints
• Retinal scanning

Question 7

What are 5 recommendations for establishing a comprehensive security system?

Answer 7

• Set up a security committee with representatives from all departments as well as upper management.
• Post the security policy in a visible place, or post copies next to all workstations.
• Use physical security measures, such as corner bolts on workstations, ID badges and door locks.
• Raise employees’ awareness of security problems.
• Keep sensitive data, software, and printouts locked in secure locations.

Question 8

What is business continuity planning?

Answer 8

Outlines procedures for keeping an organization operational in the event of a natural disaster or network attack.