Chapter 10

Question 0

CERT

Answer 0

Computer emergency response team

Formed at Carnegie Mellon university with DoD support

Question 1

Security of information assets

Answer 1

Protected with encryption passwords certifications and coding

Laws are slow to catch up with cyber crime

Now a federal crime but with light sentences

Question 2

Why networks need security

Answer 2

Vulnerable due to dependency on internet access for computers and networks

Average 350,000 loss per incident

Question 3

Cost of internet protection

Answer 3

value of data and application far exceeds the cost of networks

Firms spend about 1250/ employee on network security

Question 4

Primary security goals CIA

Answer 4

Confidentiality- protection of data from unauthorized disclosure
Integrity- assurance that data has not been altered
Availability- providing continuous operations of hardware and software for uninterrupted service

Question 5

Disruptions

Answer 5

Loss of network service

Minor or temporary - like a circuit failure

Question 6

Destruction of data

Answer 6

Viruses destroying files, crash of hard disk

Question 7

Natural disasters

Answer 7

Can destroy host computers or sections of networks

Effects 20 percent of organizations each year

Question 8

Intrusion

Answer 8

Hackers gain access to data files
Most incidents involve employees

Will be charged with industrial spying or fraud
Average 100,000 dollars per incident

Question 9

Preventative controls

Answer 9

Mitigate or stop a person from action or an event from occurring

Discouraging or restraining act as a deterrent

Question 10

Detective controls

Answer 10

Reveal or discover unwanted events through auditing

Document events for potential evidence

Question 11

Corrective controls

Answer 11

Remedy an unwanted event or a trespass

Reinitiating a network circuit