Exam 4: Chapter 4- Information Security Flashcards
1
Q
the degree of protection against criminal activity, danger, damage, or loss.
A
security
2
Q
all of the processes and policies designed to protect an organization’s information and information systems (IS) from unauthorized access, use, disclosure, disruption, modification, or destruction.
A
information security
3
Q
any danger to which a system may be exposed.
A
Threat (to an information resource)
4
Q
the harm, loss, or damage that can result if a threat compromises that resource.
A
Exposure (of an information resource)
5
Q
the possibility that a threat will harm that resource.
A
Vulnerability (of an information resource)
6
Q
What are the 5 key factors contributing to the increasing vulnerability of organizational information resources?
A
- Today’s interconnected, interdependent, wirelessly networked business environment.
- Smaller, faster, cheaper computers and storage devices
- Decreasing skills necessary to be a computer hacker
- International organized crime taking over cybercrime
- Lack of management support
7
Q
any network within your organization
A
trusted network
8
Q
any network external to your organization.
A
untrusted network
9
Q
________ _________ enable employees to compute, communicate, and access the Internet anywhere and at any time.
A
wireless technologies
10
Q
__________ is an inherently unsecure broadcast communications medium.
A
wireless
11
Q
users with limited skills can download and use to attack any information system that is connected to the Internet.
A
scripts
12
Q
illegal activities conducted over computer networks, particularly the Internet.
A
cybercrime
13
Q
T or F: cybercrimes are typically nonviolent; however, they are quite lucrative. Losses from computer crimes can average hundreds of thousands of dollars. Computer crimes can be committed from anywhere in the world at any time, effectively providing an international safe haven for cybercriminals.
A
True
14
Q
What are the 2 major categories of threats?
A
Unintentional and deliberate threats
15
Q
acts performed without malicious intent that nevertheless represent a serious threat to information security. A major category of this is human error.
A
unintentional threats
16
Q
the higher the level of employee, the (smaller/greater) the threat he or she poses to information security
A
greater
17
Q
Employees in two areas of the organization pose especially significant threats to information security:
Why are these two significant threats?
A
- human resources and information systems
- H.R. employees generally have access to sensitive personal information about all employees.
- IS employees not only have access to sensitive organizational data, but they also frequently control the means to create, store, transmit, and modify those data.
18
Q
What are 3 other relevant employees in regard to information security?
A
- Contract labor (such as temporary hires)
- Consultants
- Janitors and guards
19
Q
an attack in which the perpetrator uses social skills to trick or manipulate legitimate employees into providing confidential company information such as passwords.
A
social engineering
20
Q
What are 2 social engineering techniques?
A
Tailgating and shoulder surfing
21
Q
a technique designed to allow the perpetrator to enter restricted areas that are controlled with locks or card entry. The perpetrator follows closely behind a legitimate employee and, when the employee gains entry, the attacker asks him or her to “hold the door.”
A
tailgating
22
Q
occurs when a perpetrator watches an employee’s computer screen over the employee’s shoulder. This technique is particularly successful in public areas such as in airports and on commuter trains and airplanes.
A
shoulder surfing
23
Q
What are 10 common types of deliberate attacks?
A
- Espionage or trespass
- Information extortion
- Sabotage or vandalism
- Theft of equipment/information
- Identity theft
- Compromises to intellectual property
- Software attacks
- Alien software
- SCADA attacks
- Cyberterrorism and cyberwarfare
24
Q
occurs when an unauthorized individual attempts to gain illegal access to organizational information
A
espionage or trespass
25
occurs when an attacker either threatens to steal, or actually steals, information from a company. The perpetrator demands payment for not stealing the information, for returning stolen information, or for agreeing not to disclose the information
information extortion
26
An increasingly serious type of information extortion is _________.
ransomware
27
blocks access to a computer system or encrypts an organization’s data until the organization pays a sum of money. Victims are told to pay the ransom, usually in Bitcoin. Attackers typically use the anonymizing Tor network.
ransomware
28
Most commonly, ransomware attacks use _____ ______ and _______ attacks. These emails are carefully tailored to look as convincing as possible.
sphear phishing; whaling
29
Some ransomware developers distribute ransomware to any hacker who wants to use it. This process is called
ransomware-as-a-service
30
Rather than threatening to delete encrypted data, some cybercriminals are beginning to threaten to release it to the public, a strategy known as
doxxing
31
What are the 5 things to do to protect against ransomware?
1. all organizations must provide education and training
2. Organizations must install the latest versions of software and apply patches immediately.
3. Organizations must back up crucial data and information often
4. Organizations should employ anti-ransomware software.
5. Organizations should utilize the No More Ransom initiative
32
deliberate acts that involve defacing an organization’s website, potentially damaging the organization’s image and causing its customers to lose faith.
sabotage or vandalism
33
T or F: not all attacks on organizations involve sophisticated software.
true
34
a form of theft that involves rummaging through commercial or residential trash to find discarded information
dumpster diving
35
the deliberate assumption of another person’s identity, usually to gain access to his or her financial information or to frame him or her for a crime.
identity theft
36
T or F: Recovering from identity theft is costly, time consuming, and burdensome.
true
37
the property created by individuals or corporations that is protected under trade secret, patent, and copyright laws.
intellectual property
38
an intellectual work, such as a business plan, that is a company secret and is not based on public information. (ex: formula for Coca Cola)
trade secret
39
an official document that grants the holder exclusive rights on an invention or a process for a specified period of time.
patent
40
a statutory grant that provides the creators or owners of intellectual property with ownership of the property, also for a designated period.
copyright
41
Current U.S. laws award patents for ____ years and copyright protection for the life of the creator plus ____ years. Owners are entitled to collect fees from anyone who wants to copy their creations.
20; 70
42
The most common intellectual property related to IT deals with _________.
software
43
copying a software program without making payment to the owner—including giving a disc to a friend to install on his or her computer
piracy
44
Software attacks have evolved from the early years of the computer era, when attackers used malicious software—called ________—to infect as many computers worldwide as possible, to the profit-driven, Web-based attacks of today.
malware
45
T or F: Not all cybercriminals are sophisticated.
true
46
segment of computer code that performs malicious actions by attaching to another computer program
virus
47
segment of computer code that modifies itself (ex: changes its computer code) to avoid detection by anti-malware systems, while keeping its same functionality
polymorphic virus
48
segment of computer code that performs malicious actions and will replicate, or spread, by itself (without requiring another computer program)
worm
49
attacks that use deception to acquire sensitive personal information by masquerading as official looking emails or instant messages
phishing attack
50
phishing attacks target large groups of people. In these phishing attacks, the attackers find out as much information about an individual as possible to improve their chances that phishing techniques will be successful and obtain sensitive, personal information.
spear phishing
51
attack that targets high-value individuals such as senior executives in an attempt to steal sensitive information from a company such as financial data or personal details about employees
whaling attack
52
an attacker sends so many information requests to a target computer system that the target cannot manage them successfully and typically ceases to function (crashes)
denial-of-service attack
53
an attacker first takes over many computers, typically by using malicious software. These computers are called zombies or bots. The attacker uses these bots—which form a botnet—to deliver a coordinated stream of information requests to a target computer, causing it to crash.
Distributed denial-of-service attack
54
Software programs that hide in other computer programs and reveal their designed behavior only when they are activated.
trojan horse
55
Typically a password, known only to the attacker, that allows him or her to access a computer system at will, without having to go through any security procedures (also called a trap door)
back door
56
A segment of computer code that is embedded within an organization’s existing computer programs and is designed to activate and perform a destructive action at a certain time or date
logic bomb
57
clandestine software that is installed on your computer through duplicitous methods. It typically isn’t as malicious as viruses, worms, or Trojan horses, but it does use up valuable system resources. It can also enable other parties to track your Web surfing habits and other personal behaviors
alien software (or pestware)
58
The vast majority of pestware is _______
adware
59
software that causes pop-up advertisements to appear on your screen; common because it works
adware
60
software that collects personal information about users without their consent.
spyware
61
3 common types of spyware:
1. stalkerware
2. keystroke loggers
3. screen scrapers
62
spyware used to monitor people close to the perpetrator. Victims typically don’t know it is on their device unless they run an antivirus scan. Developers of this market their apps as child safety or anti-theft tools. However, these apps can easily be used for the purpose of spying on a partner.
stalkerware
63
record both your individual keystrokes and your Web browsing history. The purposes range from criminal—for example, theft of passwords and sensitive personal information such as credit card numbers—to annoying—for example, recording your Internet search history for targeted advertising.
keystroke loggers (or keyloggers)
64
How have companies attempted to counter keyloggers?
By using CAPTCHA
65
software that records a continuous “movie” of a screen’s contents rather than simply recording keystrokes.
screen scrapers (screen grabbers)
66
pestware that uses your computer as a launch pad for spammers.
spamware
67
unsolicited email, usually advertising for products and services.
spam
68
T or F: Spam wastes time and money; costs U.S. companies billions of dollars every year.
True
69
small amounts of information that websites store on your computer, temporarily or more or less permanently. In many cases, they are useful and innocuous.
cookies
70
can be used to track your path through a website, the time you spend there, what links you click on, and other details that the company wants to record, usually for marketing purposes. They can also combine this information with your name, purchases, credit card information, and other personal data to develop an intrusive profile of your spending habits.
tracking cookies
71
a large-scale distributed measurement and control system.
SCADA
72
used to monitor or to control chemical, physical, and transport processes such as those used in oil refineries, water and sewage treatment plants, electrical generators, and nuclear power plants; provide a link between the physical world and the electronic world.
SCADA systems
73
malicious acts in which attackers use a target’s computer systems, particularly through the Internet, to cause physical, real-world harm or severe disruption, often to carry out a political agenda. These actions range from gathering data to attacking critical infrastructure; for example, through SCADA systems.
cyberterrorism/cyberwarfare
74
Which describes cyberterrorism and which describes cyberwarfare?
1. typically carried out by individuals or groups
2. carried out by nation-states or non-state actors such as terrorists.
1. cyberterrorism
2. cyberwarfare
75
T or F: IT security is the business of everyone in an organization.
true
76
the probability that a threat will impact an information resource.
risk
77
The goal of _______ _______ is to identify, control, and minimize the impact of threats. In other words, it seeks to reduce risk to acceptable levels.
risk management
78
What are the 3 types of Information Security controls?
1. Physical controls
2. Access controls
3. Communications (network controls)
79
What are the two parts of access controls?
1. Authentification (identification)
2. Authorization
80
Security is almost all (good/bad) news; the bad guys only have to be right ____ time and the good guys (defenders) have to be right _____ time.
bad; one; every
81
T or F: Cybersecurity people make a lot of money, but it is a very difficult proposition.
True
82
As computer code software has gotten more complex, the number of errors that bad guys can exploit (increase/decrease).
increase
83
Unfortunately, we are almost totally _______, not proactive.
reactive
84
People are backing up their data now in ____ _____. To backup your data, you’ve got to back it up in almost real time, which connects your backup with your main site. The issue is: the bad guys know this, so they encrypt both.
hot sites
85
an off-premises location where an organization can resume normal operations during a commercial disaster. All the equipment needed for the work to resume is available there, including phones, backup data, and computers.
hot site
86
A backup facility that has the necessary electrical and physical components of a computer facility, but does not have the computer equipment in place.
cold site
87
consists of elements providing power, networking capability, and cooling. It doesn't include other hardware elements such as servers and storage.
cold site
88
T or F: Using a cold site is very limiting to a business since before it can be used, backup data and some additional hardware must be sent to the site and installed
true
89
contain all the elements of a cold site while adding additional elements, including storage hardware such as tape or disk drives, servers, and switches. Warm sites are "ready to go" in one sense, but they still need to have data transported for use in recovery should a disaster occur
warm sites
90
Who drives the process of risk optimization?
You
91
As security increase, productivity (decreases/increases)
decreases
92
SCADA attacks are ________ attacks
infrastructure
93
T or F: SCADA systems are critical
true
94
Cyber crime is being taken over by the _______
cartel
95
Most ransomeware attacks come from _________
Russia
96
What is the biggest white collar theft right now?
Identity theft
97
What is the cheapest software attack? Most expensive?
- Cheapeast= cyberwarfare
- Most expensive = nuclear
98
T or F: Risk analysis is the MIS's job.
False; it is YOUR job
99
What are the 4 steps of risk management?
1. Risk
2. Risk management
3. Risk analysis
4. Risk Mitigation
100
What are 3 ways to avoid risk (aka risk mitigation)?
1. Risk acceptance (not rlly used anymore)
2. Risk limitation (control measures)
3. Risk transference (insurance)
101
T or F: risk optimization has nothing to do with MIS
True
102
Less potential loss = spending (less/more) on countermeasures
more
103
Who handles communication controls?
MIS
