Chapter 17

Question 1

Intrusion detection systems

Answer 1

A system that monitors network use for potential hacking attempts. Such a system may take preventative action to block, isolate, or identify attempted infiltration, and raise further alarms to warn security personnel.

Question 2

distributed denial of service (DDoS)

Answer 2

An attack where a firm’s computer systems are flooded with thousands of seemingly legitimate requests, the sheer volume of which will slow or shut down the site’s use. DDoS attacks are often performed via botnets.

Question 3

honeypots

Answer 3

A seemingly tempting, but bogus target meant to draw hacking attempts. By monitoring infiltration attempts against a honeypot, organizations may gain insight into the identity of hackers and their techniques, and they can share this with partners and law enforcement.

Question 4

public key encryption

Answer 4

A two key system used for securing electronic transmissions. One key distributed publicly is used to encrypt (lock) data, but it cannot unlock data. Unlocking can only be performed with the private key. The private key also cannot be reverse engineered from the public key. By distributing public keys, but keeping the private key, Internet services can ensure transmissions to their site are secure.

Question 5

hack

Answer 5

A term that may, depending on the context, refer to either 1) breaking into a computer system, or 2) a particularly clever solution.

Question 6

CAPTCHAs

Answer 6

An acronym for Completely Automated Public Turing Test to Tell Computers and Humans Apart. CAPTCHAs are those scrambled character images that many sites require to submit some sort of entry (account setup, ticket buying) and are meant to be a Turing Test—a test to distinguish if a task is being performed by a computer or a human.

Question 7

hacker

Answer 7

A term that, depending on the context, may be applied to either 1) someone who breaks into computer systems, or 2) to a particularly clever programmer.

Question 8

cash-out fraudsters

Answer 8

Criminals that purchase assets from data harvesters to be used for illegal financial gain. Actions may include using stolen credit card numbers to purchase goods, creating fake accounts via identity fraud, and more.

Question 9

encryption

Answer 9

Scrambling data using a code or formula, known as a cipher, such that it is hidden from those who do not have the unlocking key.

Question 10

zero-day exploits

Answer 10

Attacks that are so new that they haven’t been clearly identified, and so they haven’t made it into security screening systems.

Question 11

whitelists

Answer 11

Highly restrictive programs that permit communication only with approved entities and/or in an approved manner.

Question 12

blacklists

Answer 12

Programs that deny the entry or exit of specific IP addresses, products, Internet domains, and other communication restrictions.

Question 13

certificate authority

Answer 13

A trusted third party that provides authentication services in public key encryption schemes.

Question 14

Phishing

Answer 14

A con executed using technology, typically targeted at acquiring sensitive information or tricking someone into installing malicious software.

Question 15

spoofed

Answer 15

Term used in security to refer to forging or disguising the origin or identity. E-mail transmissions and packets that have been altered to seem as if they came from another source are referred to as being “spoofed.”

Question 16

brute-force attack

Answer 16

An attack that exhausts all possible password combinations in order to break into an account. The larger and more complicated a password or key, the longer a brute-force attack will take.

Question 17

white hat hackers

Answer 17

Someone who uncovers computer weaknesses without exploiting them. The goal of the white hat hacker is to improve system security.

Question 18

key

Answer 18

Code that unlocks encryption.

Question 19

multi-factor authentiction

Answer 19

When identity is proven by presenting more than one item for proof of credentials. Multiple factors often include a password and some other identifier such as a unique code sent via e-mail or mobile phone text, a biometric reading (e.g. fingerprint or iris scan), a swipe or tap card, or other form if identification.

Question 20

hacktivists

Answer 20

A protester seeking to make a political point by leveraging technology tools, often through system infiltration, defacement, or damage.

Question 21

black hat hackers

Answer 21

A computer criminal.

Question 22

Botnets

Answer 22

Hordes of surreptitiously infiltrated computers, linked and controlled remotely, also known as zombie networks

Question 23

dumpster diving

Answer 23

Combing through trash to identify valuable assets.

Question 24

firewalls

Answer 24

A system that acts as a control for network traffic, blocking unauthorized traffic while permitting acceptable use.

Question 25

Biometrics

Answer 25

Technologies that measure and analyze human body characteristics for identification or authentication. These might include fingerprint readers, retina scanners, voice and face recognition, and more.

Question 26

Data Harvesters

Answer 26

Cybercriminals who infiltrate systems and collect data for illegal resale.

Question 27

Shoulder Surfing

Answer 27

Gaining compromising information through observation (as in looking over someone’s shoulder).

Question 28

Who’s business is information security?

Answer 28

Information security is everyone’s business and needs to be made a top organizational priority.

Question 29

What sort of things can result from a data breach?

Answer 29

Firms suffering a security breach can experience direct financial loss, exposed proprietary information, fines, legal payouts, court costs, damaged reputations, plummeting stock prices, and more.

Question 30

Is info security just a tech problem?

Answer 30

Information security isn’t just a technology problem; a host of personnel, operational, and procedural factors can create and amplify a firm’s vulnerability.

Question 31

What are some of the motivations behind security threats?

Answer 31

Computer security threats have moved beyond the curious teen with a PC and are now sourced from a number of motivations, including theft, leveraging compromised computing assets, extortion, espionage, warfare, terrorism, national security, pranks, protest, and revenge.

Question 32

Where can threats come from?

Answer 32

Threats can come from both within the firm as well as from the outside.

Question 33

Describe how cybercriminals operate?

Answer 33

Cybercriminals operate in an increasingly sophisticated ecosystem where data harvesters and tool peddlers leverage sophisticated online markets to sell to cash-out fraudsters and other crooks.

Question 34

What makes pursuit and prosecution of cybercriminals difficult?

Answer 34

Technical and legal complexity make pursuit and prosecution difficult.

Question 35

What can result from Govt surveillance and how?

Answer 35

Government surveillance efforts can put citizens and corporations at risk if poorly executed and ineffectively managed.

Question 36

Why do law enforcement find is difficult to deal with the hacker threat?

Answer 36

Many law enforcement agencies are underfunded, underresourced, and underskilled to deal with the growing hacker threat.

Question 37

What makes an organizations information assets vulnerable?

Answer 37

An organization’s information assets are vulnerable to attack from several points of weakness, including users and administrators, its hardware and software, its networking systems, and various physical threats.

Question 38

What is the difference between social engineering and phishing?

Answer 38

Social engineering attempts to trick or con individuals into providing information, while phishing techniques are cons conducted through technology.

Question 39

Can phishing scams be avoided?

Answer 39

While dangerous, a number of tools and techniques can be used to identify phishing scams, limiting their likelihood of success.

Question 40

How can social media sites assist hackers?

Answer 40

Social media sites may assist hackers in crafting phishing or social engineering threats, provide information to password crackers, and act as conduits for unwanted dissemination of proprietary information.

Question 41

Do typical users create sufficient passwords?

Answer 41

Most users employ inefficient and insecure password systems; however, techniques were offered to improve one’s individual password regime.

Question 42

What are 3 types of malware?

Answer 42

Viruses, worms, and Trojans are types of infecting malware. Other types of malware might spy on users, enlist the use of computing assets for committing crimes, steal assets, destroy property, serve unwanted ads, and more.

Question 43

Name a type of attack or scam that might show up on a webpage.

Answer 43

Examples of attacks and scams launched through advertising on legitimate Web pages highlight the need for end-user caution, as well as for firms to ensure the integrity of their participating online partners.

Question 44

What does SQL injection show and how must developers address it and related techniques?

Answer 44

SQL injection and related techniques show the perils of poor programming. Software developers must design for security from the start—considering potential security weaknesses, and methods that improve end-user security (e.g., in areas such as installation and configuration).

Question 45

How does encryption benefit an organization?

Answer 45

Encryption can render a firm’s data assets unreadable, even if copied or stolen. While potentially complex to administer and resource intensive, encryption is a critical tool for securing an organization’s electronic assets.

Question 46

How can end users improve the info security of themselves and their organizations?

Answer 46

End users can engage in several steps to improve the information security of themselves and their organizations. These include surfing smart, staying vigilant, updating software and products, using a comprehensive security suite, managing settings and passwords responsibly, backing up, properly disposing of sensitive assets, and seeking education.

Question 47

What do frameworks such as ISO27k provide?

Answer 47

Frameworks such as ISO27k can provide a road map to help organizations plan and implement an effective security regime.

Question 48

What might be the repercussion of an organization not meeting security compliance commitments?

Answer 48

Many organizations are bound by security compliance commitments and will face fines and retribution if they fail to meet these commitments.

Question 49

Does compliance always equal security?

Answer 49

The use of frameworks and being compliant is not equal to security. Security is a continued process that must be constantly addressed and deeply ingrained in an organization’s culture.

Question 50

Why is security about trade-offs?

Answer 50

Security is about trade-offs—economic and intangible. Firms need to understand their assets and risks in order to best allocate resources and address needs.

Question 51

Why is info security not simply just a technical fix?

Answer 51

Information security is not simply a technical fix. Education, audit, and enforcement regarding firm policies are critical. The security team is broadly skilled and constantly working to identify and incorporate new technologies and methods into their organizations. Involvement and commitment is essential from the boardroom to frontline workers, and out to customers and partners.