Chapters 3 and 4 - Security and Privacy

Question 1

What is financial identity theft?

Answer 1

Stealing someone’s bank information to apply for a loan and create a financial obligation for you:(

Question 2

What’s medical identity theft?

Answer 2

Stealing someone’s personal information to obtain medical care, buy drugs, etc. …. it’s dangerous because your records could include incorrect information that could be dangerous to you

Question 3

What is criminal identity theft?

Answer 3

Giving another person’s information to police. Bad.

Question 4

Fun: What’s a white-hat hacker?

Answer 4

Someone hired by a company to break into the organization’s systems to expose vulnerabilities

Question 5

What is the CIA triad?

Answer 5

Three areas of security that could be endangered by hackers and insider threats.

Confidentiality, Integrity, Availability

Question 6

Authentication and authorization -
what is it and which part of the CIA triad does it enforce?

Answer 6

Two- step process to enforce confidentiality

Question 7

What are the three main factors of authentication?

Answer 7

Something-you-know (password), something-you-have (door key), something-you-are (edna mode eye scanner)

Question 8

What is social engineering?

Answer 8

A technique to gain access to private accounts by tricking people:(

Question 9

What is phishing?

Answer 9

A type of social engineering where someone uses an email to gain private information.

Question 10

What does encryption protect against?

Answer 10

Network sniffing

Question 11

Private & public keys:
which is used to encrypt data and which is used to decrypt data?

Answer 11

Public: encrypt
Private: decrypt

Question 12

http VS https

Answer 12

http does NOT encrypt your data
https DOES!

Question 13

What is the “availability” part of the CIA triad?

Answer 13

“ensuring that authorized users can access information and resources when they need to”

ie not TOO secure

Question 14

What are some threats to availability?

Answer 14

Forgetting passcodes, hardware failure

Question 15

How does redundancy help protect against hardware failure?

Answer 15

Having information in more than one place ensures that hardware failure won’t take your only copy of something important

Question 16

What is a disaster recovery plan?

Answer 16

Processes, policies, and procedures for the recovery and continuation of an IT system in case of emergency

Question 17

What are the 3 different types of malware?

Answer 17

• viruses
• worms
• trojan horses

Question 18

What is a virus?

Answer 18

A malicious program that attaches itself to a program or file and spreadas

Question 19

What is a worm?

Answer 19

It is similar to a virus, except it can spread from computer to computer by itself

Question 20

What is a Trojan horse?

Answer 20

A malicious program desguised as a legitimate one

Question 21

What is a denial-of-service attack?

Answer 21

An army of zombie computers all flood one website to crash it

Question 22

How can you defend a denial-of-service attack? Also what is that thing?

Answer 22

With a firewall!

A firewall is the bouncer of a website to decide who can come in or not.

Question 23

What does the I in CIA triad stand for? What is it?

Answer 23

Integrity

Protecting data from modification or deletion

Question 24

Which element of the CIA triad does “file permissions” help with?

Answer 24

Integrity. It specifies what can and cannot be done to a file. (“read only”)

Question 25

What’s version control?

Answer 25

An integrity management technique that saves earlier versions so you can restore data if it goes downhill

Question 26

What’s a checksum?

Answer 26

Compares hashes to see if the file has been modified (like a label or tag)