Chapter 3 Flashcards
What is Cloud Computing
Software and Data services provided via the Internet
Exploit
Attack on an information system that takes advantage of a system vulnerability
Organizations that capture and report information about software vulnerabilities
Open Source Vulnerability Database (OSVDB), Computer Emergency Response Team (CERT), Common Vulnerabilities and Exposures (CVE)
Types of Exploits
Virus, Worm, Trojan horse, distributed denial-of-service, rootkit, spam, phishing, spear-phishing, smishing, and vishing
Virus
Piece of programming code, disguised as something else, that cause a computer to behave in an unexpected and usually undesirable manner.
Does not spread on it own.
Macro Virus
Insert unwanted words, numbers, or phrases into documents.
Worms
Program that resides in the active memory of the computer and duplicates itself.. Spread without Human intervention
Trojan Horse
Program which harmful code is hidden inside a seemingly harmless program.
Logic bomb
Type of Trojan Horse
Triggered by a specific event
Distributed denial-of-service attack (DDoS)
Hacker takes over computers(uknowingly to owners of those computers) via the Internet and causes them to flood a target site with demands for data and small tasks
Rootkits
set of programs that enables it user to gain administrator level access to a computer without the end user’s consent or knowledge.
CAPTCHA
Completely Automated Public Turing Test to tell Computers And Humans Apart
Phising
using email to try to get the recipient to reveal personal data
Spear-phishing
Variation of phishing that target certain organization’s employee
Looks like the employee’s higher up
Smishing
SMS texting variation of phishing
Vishing
Voice mail version of phishing
Hacker
Test limits of system and/or gain publicly
Cracker
Cause problems, steal data, and corrupt systems
Malicious Insider
Financial gain and/or disrupt company’s information systems and business operations.
Cybercriminal
Gain financially
Hacktivist
Promote political ideology
Cyberterroritst
Destroy infrastructure components of financial institutions, utilities, and emergency response units
lamers/Script kiddies
Technically inept hackers
Steps to reduce potential for attack
Perform a thorough background check as well as psychological and drug testing of candidates for sensitive position
Establish an expectation of regular and ongoing psychological and drug testing as a normal routine for people in sensitive positions
Limit The number of people who can perform sensitive operation and grant only the minimum rights and privileges necessary to perform essential duties
Define job roles and procedures so that same person cannot initiate and approve an action.
Periodically rotate people in sensitive positions
Immediately revoke all rights and privileges necessary to perform essential duties when someone leaves a sensitive position
Implement an ongoing audit process
Defense Advanced Research Projects Agency (DARPA)
exploring new ways to detect malicious insiders
Negligent insiders
Poorly trained and inadequately managed employees who mean well but cause damage
Competitive Intelligence
legally obtained information gathered using sources available
USA Patriot Act
Defines cyber terrorism and penalties
Identity Theft and Assumption Deterrence Act
Makes identity theft a Federal crime with 15 years imprisonment and a maximum fine of $250,000
Fraud and Related Activity in Connection with Access Devices Statute
False claims regarding unauthorized use of credit cards
Computer Fraud and Abuse Act
Accessing a computer without authorization or exceeding authorized access
Transmitting a program, code, or command that causes harm to a computer
Trafficking of Computer passwords
Threatening to cause damage to a protected computer
Stored Wire and Electronic Communications And Transactional Records Access Statutes
Unlawful access to stored communication to obtain, alter, or prevent authorized access to a wire or electronic communication while it is in electronic storage
Trustworthy computing
method of computing that delivers secure, private and reliable computing experiences based on sound business practices
Risk assessment
Assessing security related risks to an organization’s computers and networks from both internal and external threats.
Identify assets Specify loss events Frequency of events Impact of events Options to mitigate Feasibility of options Cost/benefit analysis
Security policy
identifies an organization’s security requirements
Virtual private network (VPN)
works by using the Internet to relay communications.
Firewall
Any Internet traffic that is not explicitly permitted into the internal network is denied entry
Intrusion prevention system (IPS)
block what you explicitly state
Virus signature
presence of a specific virus
Antivirus software
scan a computer’s memory and disk drives regularly for viruses
Critical infrastructures
Include telecommunications, energy, banking and finance, water, government operations, and emergency services
Intrusion detection system (IDS)
software/hardware that monitors system and network resources and activities.
Response
Incident Notification Protection of Evidence and Activity Logs Incident Containment Eradication Incident Follow-up
Computer Forensics
discipline that combines elements of laws and identify, collect, examine, and preserve data from computer systems, networks and storage devices in a manner that preserves the integrity of data gathered so that it is admissible as evidence in a court of law.
Laws governing the collection of evidence
Fourth Amendment
Fifth Amendment
Wiretap Act
