Chapter 8 - Cyber Security Threats

Question 1

Information we need to protect

Answer 1

Personal identifier information (PII)

Business information

Classified information

Question 2

Changes that can impact cyber security

Answer 2

Expansion

Acquisitions

Restructuring (new approvers in ICIS)

Hardware changes

Question 3

Changeover Methods for systems

Answer 3

Direct changeover - brand new, lots of different

Parallel - safe but expensive

Pilot Changeover - one goes first before the others

Phased - by department or system

Question 4

Malware types

Answer 4

Ransomware
Trojans
Virus
Spyware

Question 5

Application Attacks

Answer 5

Denial of Service
Distributed Denial of Service

SQL injection

Buffer overflow - large amounts of new data erase old

Question 6

Social engineering

Answer 6

Reciprocity 
Scarcity
Authority
Consistency
Liking
Consensus

Question 7

3 broad areas a threat could come from

Answer 7

Technical deficiency - out of date software
Procedural deficiency - staff not following IT rules
Physical - flood or fire

Question 8

GDPR

Answer 8

Data held must be for a good reason

Lawful and proportionate

Information must be protected

Question 9

GDPR Fines

Answer 9

£10m or 2% if fail to protect data

£20 or 4% if fail to gain consent or act lawfully