Lesson 2

Question 1

The primary mission of information security is to…

Answer 1

…ensure that systems and their contents remain the same.

Question 2

What are the four (4) important factors of information security?

Answer 2

Protecting the Functionality of an Organization
Enabling Safe Operation
Protecting Data
Safeguard Technology Assets

Question 3

Shared by general management and IT management; addresses infosec in terms of business impact.

Answer 3

Protecting the Functionality of the Organization

Question 4

Requires integrated, efficient, and capable applications; must protect critical applications (operating systems, electronic mail, instant messaging)

Answer 4

Enabling Safe Operation

Question 5

Data provides record of transactions (e.g. banking), includes data in motion (online transactions) and data at rest (offline transactions).

Answer 5

Protecting Data

Question 6

Must have secure infrastructure services.

Answer 6

Safeguard Technology Assets

Question 7

More complex; additional service for larger businesses.

Answer 7

Public Key Infrastructure (PKI)

Question 8

What are the twelve (12) categories of threats?

Answer 8

Acts of Human Error or Failure
Compromise to Intel. Property
Deliberate Acts of Espionage
Deliberate Acts of Information Extortion
Deliberate Acts of Sabotage or Vandalism
Deliberate Acts of Theft
Deliberate Software Attacks
Forces of Nature
Deviations in Quality or Service
Technical Hardware Failures
Technical Software Failures
Technological Obsolence

Question 9

Includes viruses, worms, Trojan horses, active web scripts, state-of-the-art (polymorphic or multivector worms, CERT, Symantec, etc. warnings), has attack vectors (IP scan and attack, web browsing, unprotected shares, mass mail).

Answer 9

Malicious Code

Question 10

Also referred to as trap doors; previously discovered access mechanisms to gain access to a system; left by system designers and maintenance staff; hard to detect.

Answer 10

Back Doors

Question 11

Reverse-calculate a password; component of dictionary attacks.

Answer 11

Password Crack

Question 12

Contains hashed representation of a user’s password.

Answer 12

Security Account Manager (SAM) File

Question 13

Also called password attack: trying every combination for a password.

Answer 13

Brute Force Attack

Question 14

Uses a list of commonly used passwords instead of random combinations.

Answer 14

Dictionary Attack

Question 15

Overloads target with requests.

Answer 15

Denial of Service (DoS)

Question 16

Sends many TCP connection requests; clogs server.

Answer 16

TCP SYN Flood Attack

Question 17

Uses compromised machines called zombies to attack the target system.

Answer 17

Distributed Denial of Service (DDoS)

Question 18

Sending messages to a computer using a source IP address that indicates the messages are coming from a trusted host.

Answer 18

Spoofing

Question 19

Also called TCP Hijacking Attack; attacker sniffs packets from the network, modifies them, then inserts them back into the network; uses IP spoofing to allow a hijacker to eavesdrop.

Answer 19

Man-in-the-Middle Attack

Question 20

Email DoS attack; social engineering and SMTP flaws.

Answer 20

Mail Bombing

Question 21

Also called packet sniffers; program or device that can monitor data traveling over a network.

Answer 21

Sniffers

Question 22

Using social skills to persuade people to reveal access credentials or other valuable information; impersonating someone higher; scam.

Answer 22

Social Engineering

Question 23

Includes war driving, garbage diving, and tapping; through the use of physical means.

Answer 23

(Illegal) Physical Access

Question 24

Illegal physical access through driving around, trying to catch a signal (can be wireless or non-wireless).

Answer 24

War Driving

Question 25

Illegal physical access through disposed documents.

Answer 25

Garbage Diving

Question 26

Illegal physical access through any cable that is not optical.

Answer 26

Tapping

Question 27

Uses buffers; attackers can take advantage of this to cause unintended side effects.

Answer 27

Buffer Overflow

Question 28

Used for data storage on a logical level (AKA queue in networking); implemented as arrays.

Answer 28

Buffer

Question 29

Something bad happens when a certain time is reached; explores browser cache.

Answer 29

Timing Attack

Question 30

A process of systematically scanning a computer system or network to identify open ports and services available on a host.

Answer 30

Port Scanning