Chapter 9 Flashcards
Security Concepts and Threats
1
Q
What is Intellectual property?
A
Exclusive rights to sell an idea or product for a fair period of time.
2
Q
What are the 3 ways to protect intellectual property?
A
Trademarks
Copyright
Patents
3
Q
What is a Trademark?
A
Word, words or symbols that are legally registered as representing a company or a product.
4
Q
Give an example of a Trademark
A
Just Do It
5
Q
What are the symbols of a Trademark?
A
TM
(R)
SM
6
Q
What is the symbol for Copyright?
A
(c)
7
Q
What does Copyright do?
A
Protects the company brand.
Protects original works or authorship
8
Q
What does a patent means
A
It signifies ownership of an invention for limited time.
9
Q
Do you need to renew a patent?
A
Yes
10
Q
What do Social media companies exist as?
A
Digital Products
11
Q
Do Social media companies make their money from physical assets?
A
No
12
Q
What is the CIA triad?
A
Confidentiality
Integrity
Availability
13
Q
What is confidentiality interns of it security?
A
Ensuring that private information remains private.
14
Q
What are the different types of attacks there can be on confidentiality?
A
Snooping Eavesdropping Wiretapping Social engineering Dumpster diving
15
Q
What is the other name for Snooping?
A
Sniffing
16
Q
What is a sniffer?
A
A snooping tool
It is a protocol analyzer - A popular tool originally made by Network General now NETSCOUT.
17
Q
What does a protocol analyzer do?
A
Let’s administrators capture network traffic and analyze it’s contents
18
Q
Are there wired and wireless protocols?
A
Yes
19
Q
What happens in a snooping attack?
A
A protocol analyzer is used
The attacker captures network traffic and then looks for key pieces of information.
20
Q
What would happen without encryption?
A
Data sent would be an easy target for someone with a sniffer within range of the network.
21
Q
What is eavesdropping?
A
Low tech attack method in which the attacker simply listens to a conversation to get key network info
22
Q
Can video cameras, and microphones be used in eavesdropping?
A
Yes
23
Q
How is wiretapping done?
A
By placing a monitoring device in someone’s phone
24
Q
What is the other name for the monitoring device place in phones for wiretapping?
A
Bug
25
Where can wiretapping take place?
```
Land lines
Network cable
Cellular
WiFi
Other wireless connections
```
26
What is Social Engineering?
The process in which an attacker attempts to acquire info about you or your network and system by social means such as talking to people in the organization, phone, email or in person
27
What kind of information can you get from social engineering?
```
User id
Password
Preferred email address
Telephone no
Physical address
Personal info (age, date of birth, maiden name, school, favorite sport team and music
```
28
Why does social engineering work?
The personal touch is always the hardest to resist and the individuals are good at encouraging you to reveal personal info
29
What is the golden rule to prevent social engineering
Never give our info on you or anyone one else to anyone whom you are not sure of
30
What is phishing?
A form of social engineering in which someone uses email to ask you for a piece of information they are missing by making it look like an legitimate address,?
31
How do you counter measure phishing?
Hover over the link to see the URL
32
Give 2 forms of phishing
```
Spear phishing (targetted phising)
Whaling(trying to attack the head)
```
33
How do you deal with Social Engineering?
```
Never give
Password
User I'd
Over the phone
To anyone anymore who has not been positively identified
```
34
What is shoulder surfing
Looking over onee shouldefto get info
35
What does integrity means in IT?
Data is accurate and consistent and from the indicated source.
36
List 4 integrity threats
Man-In-The-Middle attack
Replay attacks
Impersonation
Unauthorized information alteration
37
Explain Man-In-The-Middle attack
Secretly placing a piece of software or an unauthorized rogue router between a server and the client and neither party is aware of it.
The mitm attack software intercepts data and then send the info back and forth as if nothing is happening
38
How is the Man-In-The-Middle attack accomplished
Via a form of wiretapping
39
How does the Man-In-The-Middle software create a confidentiality concern?
The software may be recording info for someone to view later
40
How does the Man-In-The-Middle software create an integrity concern?
Attackers might also alter the data
41
What is a common solution to Man-In-The-Middle attacks
Enforce a secure wireless authentication protocol such as WPA2
42
What happens during Replay Attacks?
The attacker captures info from a sender with the intention of using it later
43
Can snooping or wiretapping be a Replay Attack?
Yes
44
Give an example of Replay Attack
Capturing transmission from a client computer and later replaying the message to the server in an effort to gain unauthorized access
45
What is impersonation
Pretending to be someone or something that you are not
46
Can Unauthorized information alteration come from an internal source?
Yes
47
What is an availability concern?
That data is accessible when the user needs it
48
What are the 2 causes of of Availability concern?
Denying Service
| Hardware issues
49
What is a DoS?
Denial of Service
50
How does a DoS work?
Server flooded with multiple illegitimate connection requests making it unable to respond to legitimate request
51
How does a DDoS work?
After the administrator tries to resolve a DoS, by using the firewall to shut it down.. hackers command Zombies or bots and execute a distributed denial of service
52
What can be hit by DoS attack?
Web servers
| Wireless network
53
What is UPS
Uninterrupted power supply
54
Which devices are hackable?
All devices connected to the internet.
55
Give an example of a device that is not hackable
Gameboy...it's not connected to the internet
56
What is DDoS
Distributed Denial of service
57
What does DoS attack?
Web servers and wireless network
58
How can you address a power outage?
Use a UPS
59
What does UPS stand for?
Uninterrupted power supply
60
How can you avoid hardware theft?
Use a cable lock
61
What are the 2 major hardware concerns?
Damage
| Theft
62
What is the best way to secure computer and peripherals?
Focus on securing the the environment
63
How can you secure the environment against equipment theft?
Use of security keycards to access the office
Having securities present
Keeping doors and windows closed
Being prepared to challenge anyone who isn't normally a part of your work environment
64
How can you prevent hardware damage and theft?
By physically securing your area.
65
What are the tips to securing your laptop?
1. Know where it is at all times
2. Don't leave device unattended
3. Carry an unconventional bag
4. Install an alarm that beeps if your device gets more than a certain distance away
5. Use a cable lock
66
Give 2 devices that can secure a laptop
K-slot (Kensington security slot)
LoJack
Kill switch
67
How does a lojack work?
Track the device through a small radio installed inside the device. Preinstalled in the BIOS
68
How do kill switches work?
Disable the device
69
What are the types of malware?
1. Exploits
2. Viruses
3. Trojan horses
4. Adware
5. Spyware
6. Ransomware
7. Backdoors
8. Keyloggers
70
What does Exploits do?
Take advantage of flaws in the OS or application.
71
What does Viruses do?
Used to cause damage and or disruption
72
What do worms do?
Used to transmit malware.
73
What do Trojan horses do
Application that mask their true intent
74
What do adware do?
Used to display unwanted advertisement
75
What do spyware do?
Used to report on your computer.
76
What do Ransomware do?
Used to extract payment from the infected user.
77
What do Rootkits do?
Conceal themselves on the host OS, allowing for full control access of the computer at a later date.
78
What do Backdoors do?
Open ports or other routes into your system.
79
What do Keyloggers do?
Record every keystroke and then use that data for identity theft
80
What is Malware?
Anything installed on the computer without their intent and designed dokey for mischief.
Software that is malicious/bad
81
What was the original reason for UAC?
Because they couldn't verify who was on the computer
82
How do OSes guard against exploits?
They have mechanisms to update and patch themselves automatically
83
How often should you download and install updates
Promptly as they are available
84
What are service packs?
Collection of critical updates and minor enhancements that are released as a group
85
What the difference between a service packs and an update?
Service pack takes longer to download and install
| You usually cannot remove a service pack after it has been installed
86
Which software is the most hacked software and why?
Excel
| Financial software
87
Where do viruses hide
Inside the host file/ RAM
88
How are viruses triggered?
By clicking on them
89
What is the main thing about a virus
It self replicates
90
Which files do viruses attach themselves to
Exe
91
How are viruses classified?
By Different attack strategy
| By Different consequences
92
What are the different classification of viruses?
```
Polymorphic
Multipartite
Phage
Stealth
Armored
Macrovirus
Retro virus
Companion
```
93
List symptoms of virus infection
1 Program loading slow
2 unusual files on hard drive
3 Files disapearing
4 program size change from installed version
5 browser, word processor app and other software behaving strange
6 system shuts down itself
7 loss of access to a diskdrive or system resource
8 System not rebooting
94
What should be done if a system is infected?
Quarantine
95
How are viruses detected and removed?
Antivirus software
96
How is a virus different from a worm?
It's self contained
It doesn't need a host application to be transported
It can reproduce itself
97
What is a payload
The additional malware that a worm might carry. It is a worm
98
Can worms be active or passive?
Yes
99
What does an active worm do?
Self transport
100
What does a passive worm do?
Rely on user's innocence to transport them normally through email or social media
101
What can be used to detect and remove worms
Most anti-malware programs
102
What is the most common way that Trojan horses spread?
Via worms
103
What is a Trojan horse?
An application that enters the system or network disguised as another program.
104
What kind of malware is one that claims to scan your system for malware but instead installs a Keylogger?
Trojan horse
105
What does a Keylogger do?
Records keystroke with the intention of use the information to impersonate you
106
Do Trojan horse replicate
No
107
What do adware do?
Display unrequsted ads on a computer
108
What do spyware do?
Record computer usage
109
Are spyware self replicating
No
110
How is spyware spread
Through low level social engineering
111
What is the most common way to get spyware?
Install a free application from a website
Or
Run Active X or Java component
112
Which application is designed to remove Spyware?
Windows Defender
113
What is Windows defender?
An antivirus designed for Windows which is installed by default
114
What does Ransomware do?
Extorts the infected users for money
115
What is cryptoviral extortion
The name given to Ransomware threat
116
What software blocks Ransomware?
Most anti-malware software
117
If your system is infected, locked or encrypted by ransomware what can be done?
you can wipe your system and restore from backup
118
Where do you associate rootkits
In the OS
119
What is a Rootkits used for
To access Exploits
120
What is Backdoor?
A method to circumvent the normal security system on a computer
121
How can backdoors take place?
By not changing a default password
122
What is used to create a backdoor?
A worm
123
How can spam be sent?
```
Email
Instant message
Blog
Smart phone
Message group
Online classification
```
124
What is the name of the program that generates spam
Spambot
125
What is the best way to handle spam
Delete it
126
What is the brute Force password cracking method?
When a program tries random strings of characters in an attempt to guess your password
127
What is the Triple A framework in Access control
Authentication - who are you
Authorization
Accounting
128
What are the types of Authentication?
Single Factor authentication
| Multifactor authentication
129
Explain single Factor authentication
Only need one piece of information other than username
130
Is single Factor authentication secure
No
131
Explain multifactor authentication
```
Use username + 2 or more others
Something you know -password
Something you have- smart card
Something you are
Somewhere you are
```
132
What is an algorithm?
A set of instructions.
133
Is having Single sign on a good practice
No
134
What does Authorization do
Determines what the user can do?
135
What are the 4 access control methods?
Mandatory Access control
Discretionary Access control
Role based access control
Rule based access control
136
What happens with Mandatory access control?
Everything is locked until you are given permission
137
Where is mandatory access control used
In highly secure environment
138
What happens with Discretionary Access control?
Users are allowed to set their own security
They manage privileges based on ACL
139
If the question is asked
| Is this person authorized to get into the system. What access control methods is being used?
Authentication
140
What is Role based access control
Access is granted to an entire role
141
Who controls role based access control
The administrator
142
If accounts can only be assigned to one role at a time what access control method is that
Role based
143
What happens in rule based access control?
Uses ACL list and an administrator defines the rules that allow or deny access to resources
144
What happens in Accounting Access control?
It keeps track of what is happening/keeps a log
145
Where can you go to see Windows log?
Event Viewer
146
What is the goal of non repudiation?
To make it so that people cannot deny that an event took place
147
What are the 4 methods of repudiation?
Video
Biometric _ very strong form
Signature
Receipt
148
What is spoofing?
Sending fake information.
149
Would you find spoofing taking place
Replay Attack
Impersonation
Impersonation
