Module 6 Flashcards
T/F
Operating System plays a key role in computer system security.
True
T/F
Any vulnerability at the operating system level opens the entire system to attack
True
T/F
The more complex and powerful the operating system, the more likely it is to have no vulnerabilities to attack
False
___ must be on guard to arm their operating systems with all available defenses against attack
System administrators
Capability of a system to do its mission in the presence of attacks, failures, or accidents
System Survivability
What key property is:
Strategies for repelling attacks
Resistance to attacks
What key property is:
Strategies for detecting attacks and evaluating damage
Recognition of attacks and damage
What key property is:
Strategies for limiting damage, restoring information or functionality, maintaining or restoring essential services
Recovery of essential and full services after attack
What key property is:
Strategies improving system survivability based on knowledge from prior intrusions
Adaptation and evolution to reduce effectiveness of future attacks
Vulnerabilities of Single computer (without e-mail or Internet)
Passwords, viruses
Vulnerabilities of LAN connected (without Internet)
Sniffers, spoofing (+passwords, viruses)
Vulnerabilities of LAN connected (with Internet)
E-mail, Web servers, FTP, Telnet (+sniffers, spoofing, passwords, viruses)
T/F
Backup and recovery are essential for most computing systems.
True
Many system managers use a ____.
Layered Backup Schedule
T/F
Backups stored on-site are crucial to disaster recovery
False (Off-site dapat para efas)
Written security procedures should recommend:
(FRGCNGR):
oFrequent password changes
oReliable backup procedures
oGuidelines for loading new software
oCompliance with software licenses
oNetwork safeguards
oGuidelines for monitoring network activity
oRules for terminal access
T/F
A gap in system security can be malicious or not
True
Intrusions can be classified as:
oDue to uneducated users and unauthorized access
oPurposeful disruption of the system’s operation
oPurely accidental
T/F
A breach of security severely does not damage the system’s credibility
False
Any breach of security or modification of data that was not the result of a planned intrusion
Unintentional Intrusions
A hacker taking over computers flood a target site with demands for data and tasks causing a computer to perform repeated unproductive task.
Denial of service (DoS)
Unauthorized users gain access to search through secondary storage for information they don’t have the privilege to read.
Browsing
Unauthorized users monitor or modify a user’s transmission
Wire Tapping
Entering systems by guessing authentic passwords
Repeated Trials
Unspecified and undocumented entry point
Trap Doors
Use of discarded materials to enter the system illegally.
Trash Collection
Small programs written to alter how a computer operates without permission of the user
Viruses and Worm
____ must be self-executing and self-replicating
Viruses
Infects files on the computer, normally executable files
File infector virus
Viruses that reside in memory and infect any clean executable program that runs on that computer.
File infector virus
Infects the boot record, the system area of a floppy disk or hard drive.
Boot sector virus
These viruses activate whenever the user boots up the computer.
Boot sector virus
Infects the boot record of a disk, saving a legitimate copy in a different location on the volume.
Master Boot Record Virus
Infects both the boot record and program files, making them difficult to repair.
Multipartite virus
Virus that must be removed all at once or a single instance of the virus will infect the system again.
Multipartite virus
Infects data files, newer versions infect other program files.
Macro virus
With this virus, users should disable automatic execution of macros on files they don’t trust.
Macro virus
