Ch 8 Questions

Question 1

What is the most common way ransomware attacks are conducted?

Answer 1

Phishing

Through malware through email

Question 2

List 5 ways or controls a company can put in place to mitigate the risk of a ransomware attack.

Answer 2

Antivirus software on every server and machine

Education/Awareness messages

Email filter and security scanner is key in any company

Only corporate email

Secure all computers - Can’t install software, Disable external drives

Question 3

How was the Solar Winds evet conducted? How does this differ from the most common type of ransomware attacks?

Answer 3

Russian hackers put malware in patches – infected all of the computers because every server has the agent running

Spying on government?
Happening for over a year before United States even noticed

No damage – gathering intelligence and spying

Who were prominent customers?
All agencies of the United States government

Question 4

What are the components of an organizational framework for security and control?

Answer 4

General controls – govern the design, security, and use of computer programs and the security of data files in general throughout the organization’s information technology infrastructure

Ex. Software controls
Hardware controls
Computer operations controls
Data security controls
Implementation controls
Administrative controls

Question 5

How to control common risks of eavesdropping on wireless connection?

Answer 5

Encryption

Question 6

How to control common risks of stealing passwords?

Answer 6

Two-factor authentication

Question 7

How to control common risks of phishing?

Answer 7

Training

Awareness

Education

Question 8

Identity management is extremely important. How is this controlled?

Answer 8

AUP Policy

Authentication

Passwords

Tokens

2 Factor Authentication

Biometric Authentication

Question 9

What is a denial of service attack?

Answer 9

Hackers flood a network server or web server with many thousands of false communications or requests for services to crash the network

The network receives so many queries that it cannot keep up with them and is thus unavailable to service legitimate requests

Question 10

What is a denial of distributed service attack?

Answer 10

Uses numerous computers to inundate and overwhelm the network from numerous launch points

So many users trying to log on – filter out traffic and make sure they do not access network

Question 11

How would malware get on your computer?

Answer 11

Operator error - download it

Phishing - emails and attachment

Question 12

What is identity management?

Answer 12

Business processes and software tools for identifying the users of a program and controlling their access to system resources

Question 13

What is and Acceptable Use Policy (AUP)?

Answer 13

Defines acceptable uses of the firm’s information and computing equipment, including desktop and laptop computers, wireless devices, telephones, and the Internet

Question 14

What is authentication?

Answer 14

Refers to the ability to know that a person is who he or she claims to be

Question 15

What are passwords?

Answer 15

Known only to authorized users, used to log onto a computer and system

Question 16

What is a token?

Answer 16

A physical device, similar to an identification card, that is designed to prove the identity of a single user

Question 17

What is biometric authentication?

Answer 17

Uses systems that read and interpret individual human traits, such as fingerprints, irises, and voices to grant or deny access

Question 18

What is two-factor authentication?

Answer 18

Increases security by validating users through a multi-step process

Question 19

What are firewalls?

Answer 19

Prevent unauthorized users from accessing private networks

A combination of hardware and software that controls the flow of incoming and outgoing network traffic

Question 20

What is an intrusion detection system?

Answer 20

Full-time monitoring tools placed at the most vulnerable points or hotspots of corporate networks to detect and deter intruders

Question 21

What is antivirus software?

Answer 21

Prevents, detects, and removes malware including computer viruses, computer worms, Trojan horses, spyware, and adware

Question 22

What is an Information Systems Audit?

Answer 22

Examines the firm’s overall security environment as well as controls governing individual information systems

Question 23

What is the risk assessment process?

Answer 23

Determines the level of risk to the firm is a specific activity or process is not properly controlled

Question 24

What are application controls?

Answer 24

Specific controls unique to each computerized application

Question 25

What is security policy?

Answer 25

Consists of statements ranking information risks, identifying acceptable security goals, and identifying the mechanisms for achieving these goals