Chapter 9 Flashcards
Security Concepts and Threats
What is Intellectual property?
Exclusive rights to sell an idea or product for a fair period of time.
What are the 3 ways to protect intellectual property?
Trademarks
Copyright
Patents
What is a Trademark?
Word, words or symbols that are legally registered as representing a company or a product.
Give an example of a Trademark
Just Do It
What are the symbols of a Trademark?
TM
(R)
SM
What is the symbol for Copyright?
(c)
What does Copyright do?
Protects the company brand.
Protects original works or authorship
What does a patent means
It signifies ownership of an invention for limited time.
Do you need to renew a patent?
Yes
What do Social media companies exist as?
Digital Products
Do Social media companies make their money from physical assets?
No
What is the CIA triad?
Confidentiality
Integrity
Availability
What is confidentiality interns of it security?
Ensuring that private information remains private.
What are the different types of attacks there can be on confidentiality?
Snooping Eavesdropping Wiretapping Social engineering Dumpster diving
What is the other name for Snooping?
Sniffing
What is a sniffer?
A snooping tool
It is a protocol analyzer - A popular tool originally made by Network General now NETSCOUT.
What does a protocol analyzer do?
Let’s administrators capture network traffic and analyze it’s contents
Are there wired and wireless protocols?
Yes
What happens in a snooping attack?
A protocol analyzer is used
The attacker captures network traffic and then looks for key pieces of information.
What would happen without encryption?
Data sent would be an easy target for someone with a sniffer within range of the network.
What is eavesdropping?
Low tech attack method in which the attacker simply listens to a conversation to get key network info
Can video cameras, and microphones be used in eavesdropping?
Yes
How is wiretapping done?
By placing a monitoring device in someone’s phone
What is the other name for the monitoring device place in phones for wiretapping?
Bug
Where can wiretapping take place?
Land lines Network cable Cellular WiFi Other wireless connections
What is Social Engineering?
The process in which an attacker attempts to acquire info about you or your network and system by social means such as talking to people in the organization, phone, email or in person
What kind of information can you get from social engineering?
User id Password Preferred email address Telephone no Physical address Personal info (age, date of birth, maiden name, school, favorite sport team and music
Why does social engineering work?
The personal touch is always the hardest to resist and the individuals are good at encouraging you to reveal personal info
What is the golden rule to prevent social engineering
Never give our info on you or anyone one else to anyone whom you are not sure of
What is phishing?
A form of social engineering in which someone uses email to ask you for a piece of information they are missing by making it look like an legitimate address,?
How do you counter measure phishing?
Hover over the link to see the URL
Give 2 forms of phishing
Spear phishing (targetted phising) Whaling(trying to attack the head)
How do you deal with Social Engineering?
Never give Password User I'd Over the phone To anyone anymore who has not been positively identified
What is shoulder surfing
Looking over onee shouldefto get info
What does integrity means in IT?
Data is accurate and consistent and from the indicated source.
List 4 integrity threats
Man-In-The-Middle attack
Replay attacks
Impersonation
Unauthorized information alteration
Explain Man-In-The-Middle attack
Secretly placing a piece of software or an unauthorized rogue router between a server and the client and neither party is aware of it.
The mitm attack software intercepts data and then send the info back and forth as if nothing is happening
How is the Man-In-The-Middle attack accomplished
Via a form of wiretapping
How does the Man-In-The-Middle software create a confidentiality concern?
The software may be recording info for someone to view later
How does the Man-In-The-Middle software create an integrity concern?
Attackers might also alter the data
What is a common solution to Man-In-The-Middle attacks
Enforce a secure wireless authentication protocol such as WPA2
What happens during Replay Attacks?
The attacker captures info from a sender with the intention of using it later
Can snooping or wiretapping be a Replay Attack?
Yes
Give an example of Replay Attack
Capturing transmission from a client computer and later replaying the message to the server in an effort to gain unauthorized access
What is impersonation
Pretending to be someone or something that you are not
Can Unauthorized information alteration come from an internal source?
Yes
What is an availability concern?
That data is accessible when the user needs it
What are the 2 causes of of Availability concern?
Denying Service
Hardware issues
What is a DoS?
Denial of Service
How does a DoS work?
Server flooded with multiple illegitimate connection requests making it unable to respond to legitimate request
How does a DDoS work?
After the administrator tries to resolve a DoS, by using the firewall to shut it down.. hackers command Zombies or bots and execute a distributed denial of service
What can be hit by DoS attack?
Web servers
Wireless network
What is UPS
Uninterrupted power supply
Which devices are hackable?
All devices connected to the internet.
Give an example of a device that is not hackable
Gameboy…it’s not connected to the internet
What is DDoS
Distributed Denial of service
What does DoS attack?
Web servers and wireless network
How can you address a power outage?
Use a UPS
What does UPS stand for?
Uninterrupted power supply
How can you avoid hardware theft?
Use a cable lock
What are the 2 major hardware concerns?
Damage
Theft
What is the best way to secure computer and peripherals?
Focus on securing the the environment
How can you secure the environment against equipment theft?
Use of security keycards to access the office
Having securities present
Keeping doors and windows closed
Being prepared to challenge anyone who isn’t normally a part of your work environment
How can you prevent hardware damage and theft?
By physically securing your area.
What are the tips to securing your laptop?
- Know where it is at all times
- Don’t leave device unattended
- Carry an unconventional bag
- Install an alarm that beeps if your device gets more than a certain distance away
- Use a cable lock
Give 2 devices that can secure a laptop
K-slot (Kensington security slot)
LoJack
Kill switch
How does a lojack work?
Track the device through a small radio installed inside the device. Preinstalled in the BIOS
How do kill switches work?
Disable the device
What are the types of malware?
- Exploits
- Viruses
- Trojan horses
- Adware
- Spyware
- Ransomware
- Backdoors
- Keyloggers
What does Exploits do?
Take advantage of flaws in the OS or application.
What does Viruses do?
Used to cause damage and or disruption
What do worms do?
Used to transmit malware.
What do Trojan horses do
Application that mask their true intent
What do adware do?
Used to display unwanted advertisement
What do spyware do?
Used to report on your computer.
What do Ransomware do?
Used to extract payment from the infected user.
What do Rootkits do?
Conceal themselves on the host OS, allowing for full control access of the computer at a later date.
What do Backdoors do?
Open ports or other routes into your system.
What do Keyloggers do?
Record every keystroke and then use that data for identity theft
What is Malware?
Anything installed on the computer without their intent and designed dokey for mischief.
Software that is malicious/bad
What was the original reason for UAC?
Because they couldn’t verify who was on the computer
How do OSes guard against exploits?
They have mechanisms to update and patch themselves automatically
How often should you download and install updates
Promptly as they are available
What are service packs?
Collection of critical updates and minor enhancements that are released as a group
What the difference between a service packs and an update?
Service pack takes longer to download and install
You usually cannot remove a service pack after it has been installed
Which software is the most hacked software and why?
Excel
Financial software
Where do viruses hide
Inside the host file/ RAM
How are viruses triggered?
By clicking on them
What is the main thing about a virus
It self replicates
Which files do viruses attach themselves to
Exe
How are viruses classified?
By Different attack strategy
By Different consequences
What are the different classification of viruses?
Polymorphic Multipartite Phage Stealth Armored Macrovirus Retro virus Companion
List symptoms of virus infection
1 Program loading slow
2 unusual files on hard drive
3 Files disapearing
4 program size change from installed version
5 browser, word processor app and other software behaving strange
6 system shuts down itself
7 loss of access to a diskdrive or system resource
8 System not rebooting
What should be done if a system is infected?
Quarantine
How are viruses detected and removed?
Antivirus software
How is a virus different from a worm?
It’s self contained
It doesn’t need a host application to be transported
It can reproduce itself
What is a payload
The additional malware that a worm might carry. It is a worm
Can worms be active or passive?
Yes
What does an active worm do?
Self transport
What does a passive worm do?
Rely on user’s innocence to transport them normally through email or social media
What can be used to detect and remove worms
Most anti-malware programs
What is the most common way that Trojan horses spread?
Via worms
What is a Trojan horse?
An application that enters the system or network disguised as another program.
What kind of malware is one that claims to scan your system for malware but instead installs a Keylogger?
Trojan horse
What does a Keylogger do?
Records keystroke with the intention of use the information to impersonate you
Do Trojan horse replicate
No
What do adware do?
Display unrequsted ads on a computer
What do spyware do?
Record computer usage
Are spyware self replicating
No
How is spyware spread
Through low level social engineering
What is the most common way to get spyware?
Install a free application from a website
Or
Run Active X or Java component
Which application is designed to remove Spyware?
Windows Defender
What is Windows defender?
An antivirus designed for Windows which is installed by default
What does Ransomware do?
Extorts the infected users for money
What is cryptoviral extortion
The name given to Ransomware threat
What software blocks Ransomware?
Most anti-malware software
If your system is infected, locked or encrypted by ransomware what can be done?
you can wipe your system and restore from backup
Where do you associate rootkits
In the OS
What is a Rootkits used for
To access Exploits
What is Backdoor?
A method to circumvent the normal security system on a computer
How can backdoors take place?
By not changing a default password
What is used to create a backdoor?
A worm
How can spam be sent?
Email Instant message Blog Smart phone Message group Online classification
What is the name of the program that generates spam
Spambot
What is the best way to handle spam
Delete it
What is the brute Force password cracking method?
When a program tries random strings of characters in an attempt to guess your password
What is the Triple A framework in Access control
Authentication - who are you
Authorization
Accounting
What are the types of Authentication?
Single Factor authentication
Multifactor authentication
Explain single Factor authentication
Only need one piece of information other than username
Is single Factor authentication secure
No
Explain multifactor authentication
Use username + 2 or more others Something you know -password Something you have- smart card Something you are Somewhere you are
What is an algorithm?
A set of instructions.
Is having Single sign on a good practice
No
What does Authorization do
Determines what the user can do?
What are the 4 access control methods?
Mandatory Access control
Discretionary Access control
Role based access control
Rule based access control
What happens with Mandatory access control?
Everything is locked until you are given permission
Where is mandatory access control used
In highly secure environment
What happens with Discretionary Access control?
Users are allowed to set their own security
They manage privileges based on ACL
If the question is asked
Is this person authorized to get into the system. What access control methods is being used?
Authentication
What is Role based access control
Access is granted to an entire role
Who controls role based access control
The administrator
If accounts can only be assigned to one role at a time what access control method is that
Role based
What happens in rule based access control?
Uses ACL list and an administrator defines the rules that allow or deny access to resources
What happens in Accounting Access control?
It keeps track of what is happening/keeps a log
Where can you go to see Windows log?
Event Viewer
What is the goal of non repudiation?
To make it so that people cannot deny that an event took place
What are the 4 methods of repudiation?
Video
Biometric _ very strong form
Signature
Receipt
What is spoofing?
Sending fake information.
Would you find spoofing taking place
Replay Attack
Impersonation
Impersonation
