Chapter 8: Securing Information Systems

Question 1

Cybersecurity

Answer 1

art of protecting networks, devices, and data from unauthorized access , ensuring CIA

Question 2

CIA Triad

Answer 2

Confidentiality, Integrity, Availability

Question 3

Confidentiality

Answer 3

• controlled access, data kept secret and private

Question 4

Integrity

Answer 4

• data is trustworthy and free from tampering
• accurate

Question 5

Availability

Answer 5

systems must be functioning, data must be accessible

Question 6

Security

Answer 6

Policies, procedures, and technical measures used to prevent unauthorized access or damage to IS

Question 7

Controls

Answer 7

methods, policies, and organizational procedures that ensure the safety or org’s assets, the accuracy and reliability of records, and operational adherence to management standards

Question 8

Vulnerability

Answer 8

weakness or flow in system that can be exploited
- weakest link (poor sys mgmt)
- hardware
- software
- loss or theft
- networks outside control

Question 9

Internet Vulnerabilities

Answer 9

• large networks open to anyone = recipe for widespread impact
• emails could have malicious software
• IM could be backdoor
• sharing info over P2P network can compromise

Question 10

Wireless Security Challenges

Answer 10

• bluetooth, wifi, local area networks (LAN)
• radio frequency bands easy to scan
• SSID

Question 11

SSID

Answer 11

Service Set Identifiers
- identify access points
- broadcast multiple times
- found by sniffer programs
- War Driving

Question 12

War Driving

Answer 12

eavesdroppers drive by and try to detect SSIDs to get on network

Question 13

Software Vulnerability

Answer 13

• bugs (program code defects)
• zero defects can’t be achieved
• 0 day vulnerabilities
• patchwork

Question 14

Malicious Software

Answer 14

• malware
• virus
• worms
• SQL Injection
• Trojan Horse
• RansomWare
• Spyware

Question 15

Malware

Answer 15

malicious software

Question 16

virus

Answer 16

rogue software program that attaches itself to other stuff to be executed
- must deliver payload
- spread from computer to computer

Question 17

Worms

Answer 17

independent programs that copy themselves from one computer to another

Question 18

Trojan Horse

Answer 18

• appear benign, but does something different than expected
• way viruses/malware is introduced

Question 19

SQL Injection

Answer 19

install themselves under the radar to monitor web activity and sense advertising
- Keyloggers

Question 20

Keyloggers

Answer 20

record keystrokes on computers to steal serial numbers for software

Question 21

Red Team

Answer 21

• vulnerability and penetration testing
• treat hunting
• malware analysis
• social engineering

Question 22

Purple Team

Answer 22

red and blue teams working together to improve cybersecurity

Question 23

Blue

Answer 23

• incident responders
• security operations
• IT networks and systems

Question 24

Denial-of-Service

Answer 24

• flooding server with thousands of requests

Question 25

Distributed DOS

Answer 25

multiple computers to launch
- Botnet: network of “zombie” PCs infilitrated by bot malware

Question 26

Computer Crime

Answer 26

violation criminal law that involve knowledge of computer tech for their perpetration, investment, and prosecution
- computer can be either the target or instrument

Question 27

Phishing

Answer 27

setting up fake websites or sending emails that look legit and asking for personal data

Question 28

Spear-Phishing

Answer 28

sends fraud email to organizations’ employees

Question 29

Smishing

Answer 29

sending text telling people to call or login

Question 30

Vishing

Answer 30

leaving voicemail telling people to call or login

Question 31

Evil Twins

Answer 31

wireless networks that pretend to offer trustworthy wifi-connections and look identical to public networks

Question 32

Pharming

Answer 32

redirections users to bogus websites, even when typed correctly

Question 33

Click Fraud

Answer 33

fraudulently click on ad

Question 34

Cyberterrorism

Answer 34

state-sponsored activity designed to cripple and defect another nation

Question 35

Internal Threat

Answer 35

Employees
- insider knowledge
- sloppy security

Question 36

Social Engineering

Answer 36

tricking employees into revealing their passwords by pretending to be legit members of the company

Question 37

Patches

Answer 37

small patches of software released to repair flaws

Question 38

Spoofing

Answer 38

“masquerade”
- steal info from fake website that mirror real one

Question 39

Sniffing

Answer 39

“eavesdropping”
- “grab info” as it passes through transmission
- encryption is only safeguard

Question 40

Business Value of Security + Control

Answer 40

• failed computer systems can lead to significant loss
• firms are more vulnerable than ever
  Breach cuts into firms net value
• liability issues with inadequate security

Question 41

HIPPA

Answer 41

medical security

Question 42

Gramm-Lean Biley Act

Answer 42

Financial inst. to declare security and confidentiality of data

Question 43

Sarbanes-Osley Act

Answer 43

responsibility on company/management to safeguard accuracy and integrity of financial date

Question 44

computer Forenscics

Answer 44

recovering data from computers while preserving evidential integrity
- in court

Question 45

Risk Assessment

Answer 45

determines level of risk to company if not properly dealt with
think: impact and probability

Question 46

Security managment

Answer 46

ranks info risk and identifies acceptable security and goals and means to achieve those goals
- Acceptable use policy
- identity management

Question 47

Acceptable use policy (AUP)

Answer 47

acceptible use’s of firms’ info

Question 48

Identity Management

Answer 48

indenify valid uses, control access

Question 49

Disaster Recovery Planning

Answer 49

devises plans for restoration of disrupted services

Question 50

Business Continuity Planning

Answer 50

focuses on restoring business operations after a disaster

Question 51

Business Impact Analysis

Answer 51

determines impact of outage

Question 52

IS Auditing

Answer 52

• examination of IS security and control governing IT
• internal auditors
• external auditions: review
  ISACA (independent systemp audit and control association)

Question 53

Identity Management (IAM)

Answer 53

autimates process of keeping track of users and their privledges, assigning user each unique identity for assessing each system

Question 54

Authentication

Answer 54

Knowing a person is who they say they are

Question 55

2 factor authentication

Answer 55

something you are and something you own

Question 56

Firewalls

Answer 56

combination of hardware and software that prevents unauthorized users from accessing private network
- security personnel must maintain detailed internal rules for identifying people, apps, or addresses that are allowed

Question 57

Tools for Protecting Info Systems and Resources

Answer 57

• Intrusion Detection Systems
• intrusion prevention systems
• anti-malware
• unified threat management system

Question 58

Intrusion Detection System

Answer 58

full time monitoring placed at most vulnerable points to detect intruders

Question 59

Intrusion Prevention System

Answer 59

monitor network activities to attempt to block threat

Question 60

Anti-malware

Answer 60

checks computer for malware presence and can often eliminate it

Question 61

Unified Threat Management System

Answer 61

combo of various security tools into 1 system and often helping company decrease costs and increase manageability

Question 62

Encryption

Answer 62

transforming text or data into cipher text that cannot be read by unintended recipients
2 methods
- symmetric key
- public key

Question 63

Symmetric Key Encryption

Answer 63

sender and user have 1 shared key

Question 65

Public Key

Answer 65

• uses 2 mathematically related keys
• sender encrypts with recipient public key
• recipient decrypts with private key

Question 66

Ensuring System Availability

Answer 66

online transaction processing requires 100% availability
- Fault-tolerant computer systems
- deep packet inspection
- security outsourcing (MSSP)

Question 67

Fault-tolerant computer systems

Answer 67

contain redundant hard/software and power supply components that create an environment that provides continuous, interrupted service

Question 68

Security for Cloud Computing

Answer 68

Responsibility resides in company owing data
- firms must ensure adequate protection
- service level agreement

Question 69

Security for Mobile Platforms

Answer 69

Costs should include any other costs for mobile

Question 70

Control Updates

Answer 70

-Lockdown/erase lost devices
- encryption
- software for separate corporate data on device

Question 71

Rise of Software Supply Chain

Answer 71

• cost
• quality
• speed
  Can only have 2!!