chapter 6info system security CS3

Question 1

Internet and Network Attacks

Malware,

Answer 1

short for malicious software, consists of programs that act without a user’s knowledge and deliberately alter the operations of computers and mobile devices

Question 2

Internet and Network Attacks

firewall

Answer 2

is hardware and/or software that protects a network’s resources from intrusion

Question 3

Internet and Network Attacks

Spoofing

Answer 3

is a technique intruders use to make their network or Internet transmission appear legitimate.

Question 4

Internet and Network Attacks:

Back Door

Answer 4

is a program that allow users to bypass security controls.

Question 5

Internet and Network Attacks

denial of service attack (DoS attack)

Answer 5

disrupts computer access to an Internet service.

Question 6

Internet and Network Attacks

TAntivirus

Answer 6

software is a set of utility programs that looks for and eradicates a wide spectrum of problems such as viruses, Trojan horses, and worms

Question 7

Internet and Network Attacks

Trojan horse

Answer 7

s not a virus. It is a destructive program that looks as a genuine application.

Question 8

Internet and Network Attacks

worm:

Answer 8

s similar to a virus by its design, and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any help from a person.

Question 9

Internet and Network Attacks

WHAT DOES A VIRUS DO?

Answer 9

A virus can perform a trigger event: corrupt and/or destroy data display an irritating message

Question 10

Internet and Network Attacks

computer virus:

Answer 10

s a program that attaches itself to a file, reproduces itself, and spreads to other files

Question 11

Unauthorized Access and Use

Answer 11

A unauthorized access is the use of a computer or network without permission

Question 12

Access controls define

Answer 12

who can access a computer, device, or network; when they can access it; and what actions they can take while accessing it

Question 13

computer/device/network maintain an audit trail that records & File successful/unsuccessful access attempts OF WHAT?

Answer 13

USERN NAME

PASSWORD

Question 14

Unauthorized Access and Use

biometric device?

Answer 14

authenticates a person’s identity by translating a BIO INFORMATION into a digital code.

Question 15

Unauthorized Access and Use:

Digital forensics?

Answer 15

evidence found on computers and networks

Question 16

Unauthorized Access and Use

possessed object?

Answer 16

is any item that you must possess, or carry with you, in order to gain access to a computer or computer facility

Question 17

Unauthorized Access and Use

PIN?

Answer 17

personal identification number)

Question 18

Unauthorized Access and Use

passphrase

Answer 18

is a private combination of words, often containing mixed capitalization and punctuation, associated with a user name that allows access to certain computer resources

Question 19

Information Theft:

secure site

Answer 19

A website that uses encryption techniques to secure its data.

Question 20

Information Theft - digital certificate

Answer 20

s a notice that guarantees a user or a website is legitimate

Question 21

Information Theft - digital signature

Answer 21

is an encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the message sender

Question 22

Information Theft - Encryption

Answer 22

• the process of encoding a message, information, or data in such a way that only authorized parties can access it, prevents unauthorized access.

Question 23

Computer Ethics

code of conduct

Answer 23

is a written guideline that helps determine whether a specification is ethical/unethical or allowed/not allowed

Question 24

Ethics and Society

Green computing?

Answer 24

g involves reducing the electricity and environmental waste while using computers, mobile devices, and related technologies

Question 25

Ethics and Society

Digital rights management (DRM)?

Answer 25

is a strategy designed to prevent illegal distribution of movies, music, and other digital content

Question 26

Ethics and Society

copyright?

Answer 26

protects any tangible form of expression

Question 27

Ethics and Society:

Intellectual property RIGHTS of artist/works?

Answer 27

are the rights to which creators are entitled to their work

Question 28

Ethics and Society:

Intellectual property

Answer 28

unique and original ideas, inventions, art, writings, processes, company and product names, and logos

Question 29

Information Privacy

Web filtering:

Answer 29

software restricts access to specified websites/URL’s

Question 30

Information Privacy

Content filtering:

Answer 30

is the process of restricting access to certain material/content

Question 31

Information Privacy

Adware:

Answer 31

is a program that displays an online advertisement in a banner or pop-up window on webpages, email messages, or other Internet service

Question 32

Information Privacy

Spyware:

Answer 32

is a program placed on a computer or mobile device without the user’s knowledge that secretly collects information about the user.

Question 33

Information Privacy

Websites use cookies for a

variety of reasons:

Answer 33

Allow for personalization

 Store user names and/or passwords

 Assist with online shopping

 Track how often users visit a site

 Target advertisements

Question 34

Information Privacy

cookie

Answer 34

is a small text file that a web server stores on your computer

Question 35

Data Backup & Restore

EXPLAIN BACK UP PROCESS OF DATA

Answer 35

A backup is usually stored on a different storage medium from the original files

The exact steps that you follow depend on your backup equipment, your backup software, and your personal backup plan

Question 36

Data Backup & Restore

restore

Answer 36

data from a backup to the original storage medium or its replacement

Question 37

Data Backup & Restore

backup

Answer 37

is a duplicate of a file, program, or media that can be used if the original is lost, damaged, or destroyed

Question 38

CIA (CONFIDEVTIALITY INTEGRITY AVAILABILITY) Triad

Answer 38

Confidentiality, Integrity, and Availability is a model designed to guide policies for information security within an organization.

Question 39

CIA Triad

Answer 39

Confidentiality, Integrity, and Availability is a model designed to guide policies for information security within an organizati

Question 40

Confidentiality,

Answer 40

preserving authorized restrictions on access and disclosure, including a mean of protecting personal privacy and proprietary information;

Question 41

Integrity:

Answer 41

, guarding against improper information modification or destruction, includes ensuring information accuracy and authenticity

Question 42

Availability:

Answer 42

, ensuring timely and reliable access to and use of information.

Question 43

digital security risk

Answer 43

is any event or action that could cause a loss of or damage to a computer or mobile device hardware, software, data, information, or processing capability

Question 44

computer crime

Answer 44

Any illegal act involving the use of a computer

Question 45

cybercrime

Answer 45

is an online or Internet-based illegal act

Question 46

Hacker,

Answer 46

person who uses computers to gain unauthorized access to data.

Question 47

Cracker,

Answer 47

name given to hackers who break into

computers for criminal gain.

Question 48

Digital Security Risks

;Unethical employees

Answer 48

employees’ actions that don’t conform to the acceptable standards of business operations, failing to do what is right in every situation.

Question 49

Digital Security Risks

Script kiddies

Answer 49

is an unskilled individual who uses scripts or programs developed by others to attack computer systems and networks.

Question 50

Digital Security Risks

Cyberextortionist,

Answer 50

person who demands payment in order to prevent or stop attacks on an organization’s network, website or computer systems.

Question 51

Digital Security Risks

Cyberextortionist,

Answer 51

person who demands payment in order to prevent or stop attacks on an organization’s network, website or computer systems.