Chapter 11

Question 1

What is a traffic anomaly detector?

Answer 1

A special-purpose security device that is installed in the front of the main router.

Question 2

What is a virus?

Answer 2

Malware designed to spread from host to host and has the ability to replicate itself. They cannot reproduce and spread without programming such as a file or document.

Question 3

What is a worm?

Answer 3

A self-replicating computer program that penetrates an operating system with the intent of spreading malicious code.

Question 4

What is a DoS?

Answer 4

A Denial of Service is a cyber-attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.

Question 5

What is a DDoS?

Answer 5

A Distributed Denial of Service is when multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack.

Question 6

What is firewall?

Answer 6

A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules

Question 7

What is spoofing?

Answer 7

A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host.

Question 8

What is sniffer?

Answer 8

Software or hardware that can intercept and log traffic passing over a digital network.

Question 9

What is Trojan Horse?

Answer 9

Any malicious computer program which misleads users of its true intent.

Question 10

What is spyware?

Answer 10

A type of malware that is installed on a computer without the knowledge of the owner in order to collect the owner’s private information.

Question 11

What is PKI?

Answer 11

Public Key Infrastructure Supports the distribution and identification of public encryption keys, enabling users and computers to both securely exchange data over networks such as the Internet and verify the identity of the other party.

Question 12

What is SSL?

Answer 12

Secure Sockets Layer is a protocol developed by Netscape for transmitting private documents via the Internet. Uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message.

Question 13

What is PGP?

Answer 13

Pretty Good Privacy is a popular program used to encrypt and decrypt email over the Internet, as well as authenticate messages with digital signatures and encrypted stored files.

Question 14

What is IPSec?

Answer 14

Internet Protocol Security is a framework of open standards for helping to ensure private, secure communications over Internet Protocol (IP) networks through the use of cryptographic security services.

Question 15

What is phishing?

Answer 15

A term used to describe a malicious individual or group of individuals who scam users. They do so by sending e-mails or creating web pages that are designed to collect an individual’s online bank, credit card, or other login information.

Question 16

What is Triple DES?

Answer 16

Triple Data Encryption Standard is a type of computerized cryptography where block cipher algorithms are applied three times to each data block.

Question 17

What is digital signature?

Answer 17

A mathematical technique used to validate the authenticity and integrity of a message, software or digital document.

Question 18

What is certificate authority?

Answer 18

A trusted entity that issues electronic documents that verify a digital entity’s identity on the Internet.

Question 19

How can unauthorized access be prevented?

Answer 19

Ensuring confidentiality and integrity. Intrusion is done by either external hackers or disgruntled employees. Intrusion can be minor where attacker only looks around or major where attacker may commit industrial espionage.

Question 20

What is business continuity?

Answer 20

Ensuring availability and integrity. Disruptions are loss or reduction in network service. Viruses, hard disk crashes, and natural or human-made disasters can destroy data. Disruptions can be minor or major.

Question 21

What is a SQL injection?

Answer 21

A program which does not affect user directly, but attacks website to gain unauthorized access to database allowing attacker to retrieve valuable information.

Question 22

How is a risk assessment conducted?

Answer 22

Frameworks provide strategies for analyzing and prioritizing security risks to information systems and networks. Should be simple so both technical and nontechnical readers can understand it. After reading assessment anyone should know which components are at risk and which controls have been implemented.

Question 23

What are the steps of a risk assessment.

Answer 23

Develop measurement criteria, inventory assets, identify threats, document controls, identify improvements.

Question 24

what is anti-virus software?

Answer 24

Software used to prevent, detect and remove malware.

Question 25

What is traffic filtering and limiting?

Answer 25

Verifies source address of incoming messages is valid. Limits the number of incoming packets that are allowed into the network.