Module 3: Cyberattacks and Cybersecurity Flashcards
What factors have contributed to the increase in the number, variety, and severity of security incidents.
Increasing computing complexity, expanding and changing systems, an increase in the prevalence of BYOD policies, and growing reliance on software with known vulnerabilities, and the increasing sophistication of those who would do harm have caused a dramatic increase in security incidents.
What is an exploit in the context of computer security?
An exploit is an attack on an information system that takes advantage of a particular system vulnerability, often due to poor system design or implementation.
Who are the different types of individuals that launch computer attacks and what are their motivations?
The different types of people who launch computer attacks include black hat hackers, crackers, malicious insiders, industrial spies, cybercriminals, hacktivists, and cyberterrorists, each with different motivations.
What is the role of a white hat hacker?
A white hat hackers is someone who has been hired by an organization to test the security of its information systems, allowing the organization to improve its defenses.
What are some of the most common types of computer exploits?
Ransomware, viruses, worms, Trojan horses, logic bombs, blended threats, spam, DDoS attacks, rootkits, advanced persisten threats, phishing, spear phishing, smithing, vishing, cyberespionage, and cyber terrorism are among the most common computer exploits.
What is the role of the Department of Homeland Security (DHS) in cybersecurity?
The DHS has the responsibility to provide for a “safer, more secure America, which is resilient against terrorism and other potential threats.” The agency’s OFfice of Cybersecurity and COmmunications is responsible for enhancing the security, resilience, and reliability of U.S. cyber and Communications infrastructure.
What is the purpose of the US-CERT partnership?
The US-CERT is a partnership between DHS and the public and private sectors established to protect the nation’s internet infrastructure against cyberattacks by serving as a clearinghouse for information on new viruses, worms, and other computer security topics.
What laws have been enacted to prosecute those responsible for computer-related crime?
Several laws have been enacted to prosecute those responsible for computer-related crime, including the Computer Fraud and Abuse Act, the Fraud and Related Activity in Connection with Access Devices Statute, the Stored Wire and Electronic Communications and Transactional Records Access Statutes, and USA Patriot Act.
What are the key focuses of IT security practices to ensure a strong security program?
The IT security practices of organizations must focus on ensuring confidentiality, maintaining integrity, and guaranteeing the availability of their systems and data, referred to as the CIA security triad.
What levels should an organization’s security strategy encompass?
An organizaiton’s security strategy must include security measures that are planned for, designed, implemented, tested, and maintained at the organization, network, application, and end-user levels.
What should be included in a risk-based strategy to minimize the impact of security incidents?
A risk-based strategy should include a risk assessment to identify and prioritize threats, a well-defined disaster recovery plan, security policies, periodic security audits, compliance standards, and a security dashboard to track key performance indicators.
What does the concept of reasonable assurance mean in the context of IT security?
The concept of reasonable assurance in IT security recognizes that managers must use their judgment to ensure that the cost of control does not exceed the benefits or risks involved.
What are the key elements of the network security layer?
Key elements of the network security layer include authentication methods, a firewall, routers, encryption, proxy servers, VPN, and an intrusion detection system (IDS).
What are the key elements of the application security layer?
The key elements of the application security layer include authentication methods, user roles and accounts, and data encryption.
What are the key elements of the end-user security layer?
Key elements of the end-user security layer include security education, authentication methods, antivirus software, and data encryption.
