Information Security

Question 1

What is a firewall?

Answer 1

A firewall consists of hardware, or software, or both, that help detect security problems and enforce security policies on a computer system. Like a door with a lock for a computer system. There are multiple types, and levels, of firewalls.

Question 2

Describe some characteristics of a “strong” (i.e., good) password.

Answer 2

At least eight characters long; uses both upper and lower case letters; uses at least one numeral; uses at least one special character; must be periodically changed.

Question 3

Define “biometric controls.”

Answer 3

A physical characteristic is used to gain access instead of a password. Common choices for biometric controls include fingerprint or thumbprint, retina patterns, and voice print patterns. Biometric controls can be very reliable, but generally require special input equipment.

Question 4

Why does multi-factor authentication increase control?

Answer 4

All authentication techniques may fail. Requiring multi-factor authentication procedures—the use of several separate authentication procedures at one time (e.g., user name, password, one-time password and fingerprint) enhances the authentication process.

Question 5

Describe smart cards and identification badges.

Answer 5

These have identification information embedded on a magnetic strip on the card and require the use of additional hardware (a card reader) to read the data into the system. Depending on the system, the user may only need to swipe the card to log onto the system, or may need to key in other information in order to log on.

Question 6

Describe the operation of “one-time” passwords.

Answer 6

The “one time” password derives from an algorithm which usually involves the date and time. The user enters this password along with their user name and personal password. Once received, the computer independently recalculates the “password.” If the entered value and computed value are the same, the computer then recognizes the individual.

Question 7

List some examples of security tokens.

Answer 7

Includes (1) devices which provide “one-time” passwords that must be input by the user and (2) “smart cards” that contain additional user identification information and must be read by an input device.

Question 8

Why are “one-time” passwords used by organizations?

Answer 8

They provide an additional level of authentication. Used to strengthen the standard password by requiring access to a physical device which displays a new “one-time password” every 30-60 seconds.

Question 9

What are logical access controls?

Answer 9

Control electronic access to systems via internal and external networks.

Question 10

Describe four electrical system risks.

Answer 10

1. Failure (outage), 2. reduced voltage (brownout), 3. Sags, spikes, and surges, 4. Electromagnetic interference (EMI).

Question 11

What purpose does setting file attributes serve?

Answer 11

This logically restricts the ability of the user to read, write, update, and/or delete records in a file.

Question 12

Describe a good location site for a computer operations facility.

Answer 12

Climate controlled including air-conditioned; away from risks of natural disasters (fire, flood, humidity), away from windows. Not on a top floor or basement.

Question 13

What purpose do file protection rings or locks serve?

Answer 13

Physically prevent the media from being overwritten.

Question 14

Define “social engineering.”

Answer 14

A set of techniques used by attackers to fool employees into giving them access to information resources.

Question 15

What considerations should be given by an organization regarding fire-suppression systems?

Answer 15

Such systems are required in IT operations. Need to be appropriate for electrical fires (not halon). Should be periodically inspected.

Question 16

Define “external labels.”

Answer 16

A tag placed on data storage media (floppy disks, magnetic tape, CDs, etc.) designed to prevent inadvertent use of the wrong file.

Question 17

Define “internal labels” (header and trailer labels).

Answer 17

Descriptive information stored at the beginning and end of a file that identifies the file, the number of records in the file, and provides data enabling detection of processing errors.

Question 18

Define “encryption.”

Answer 18

The process of coding data so that it cannot be understood without the correct decryption algorithm.

Question 19

Describe the use of secure electronic transactions (SET) protocols.

Answer 19

A protocol that is often used in credit card payments. Used by the merchant to securely transmit payment information and authenticate trading partner identity.

Question 20

Identify the two internet protocols that are typically used for secure Internet transmission protocols.

Answer 20

Sensitive data sent via the internet is usually secured by one of two encryption protocols: SSL (Secure Sockets Layer) or S-HTTP (Secure Hypertext Transport Protocol).

Question 21

Describe how digital certificates work.

Answer 21

Provides legally recognized electronic identification of the sender and verifies the integrity of message content. Based on public/private key technology (like the digital signature).

Question 22

Describe how digital signatures work.

Answer 22

Uses public/private key pair technology to provide authentication of the sender and verification of the content of the message.

Question 23

Describe asymmetric encryption (also called public/private-key encryption and private-key encryption).

Answer 23

Uses two paired encryption algorithms to encrypt and decrypt the text: if the public key encrypts, the private key decrypts. If the private key encrypts, the public key decrypts.

Question 24

Define “ciphertext.”

Answer 24

Text that has been mathematically scrambled so that its meaning cannot be determined without the use of an algorithm and key.

Question 25

Define “cleartext (or plaintext).”

Answer 25

Text that can be read and understood.

Question 26

Describe symmetric encryption (also called single-key encryption or private-key encryption).

Answer 26

Uses a single algorithm to encrypt and decrypt. Sender uses the encryption algorithm to create the ciphertext and sends the encrypted text to the recipient. Sender tells recipient which algorithm was used to encrypt. The recipient uses the algorithm to decrypt. Common in data storage applications.

Question 27

Define the four types of computer crime

Answer 27

1. Computer as target, 2. Computer as subject, 3. Computer as tool, 4. Computer as symbol.

Question 28

Define “Trojan horse”.

Answer 28

A malicious program that is hidden inside a seemingly benign file.

Question 29

Define “denial of service attacks.”

Answer 29

An attack that attempts to prevent legitimate users from gaining access to the system. These attacks, called denial of service attacks, are perpetrated by flooding the server with incomplete access requests.

Question 30

Define “password crackers.”

Answer 30

Password cracking software generates and tests a large number of potential passwords to try to access a system.

Question 31

What is a logic bomb attack on a system?

Answer 31

An unauthorized program which is planted in the system. The logic bomb lies dormant until the occurrence of a specified event or time (e.g., a specific date, the elimination of an employee from “active employee” status, etc.).

Question 32

What is a back door attack on a system?

Answer 32

A software program that allows an unauthorized user to gain access to the system by side-stepping the normal logon procedures;. Back doors were once commonly used by programmers to facilitate access to systems under development.

Question 33

Define “worm.”

Answer 33

Similar to viruses except that worms attempt to replicate themselves across multiple computer systems. They generally try to accomplish this by activating the system’s email client and sending multiple emails.

Question 34

Define “virus.”

Answer 34

An unauthorized program, usually introduced through an email attachment, which copies itself to files in the users system. These programs may actively damage data, or they may be benign.

Question 35

Define “malicious software (malware).”

Answer 35

Programs that exploit system and user vulnerabilities to gain access to the computer. There are many types of malware.

Question 36

Define session hijacking or masquerading.

Answer 36

This occurs when an attacker identifies an IP address (usually through packet sniffing) and then attempts to use it to access a network. If successful, the hacker has “hijacked” the session, i.e., gained access to the session by pretending to be another user.

Question 37

Define “packet sniffers”.

Answer 37

Programs called packet sniffers capture packets of data as they move across a computer network. Packet sniffing has legitimate uses to monitor network performance or troubleshoot problems with network communications. However, it is often used by hackers to capture user names and passwords, IP addresses, and other information that can help the hacker break into the network. Packet sniffing a computer network is similar to wire tapping a phone line.