Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

PV > PRV2 > Flashcards

PRV2 Flashcards

1
Q

Outside Attackers

A

Hackers, crackers:
Motives: challenge, self esteem, rebellion status money

Types

  • > white hats (usually penetration test or the like, within legal scope)
  • > grey hats (prove abilities find flaws within a system, highly skilled, publish security loopholes)
  • > Black hats (criminal intent)

Script Kiddies

  • Motive attention
  • Often immature
  • Use existing tools

Intelligence agencies (on behalf of governments)

Terrrorist (blackmail, destruction, revenge, political motives, media coverage)

Industrial espionage (competitive advantage, disruption)

Inside perpetrators (self esteem, espionage, money, revenge, accidents)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Attacks Example

A

Eavesdropping (Key-Logger installed)

Unauthorized access to data

Password sniffing: Stealing passwords as man in the middle attack

spoofing: pretend different identity to gain advantage phishing

denial of service: Try to make server unavailable by sending too many request e.g. DDOS by bot nets

ransomware: lock the computer by a malware

social engineering: try to get information to exploit Security Questions for password resets (nowadays not that easy as then because of 2FA and notifications)

identify theft: people creating fake accounts to defame a real person

Online fraud: Selling products in advance without ever getting the product

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Disclosure and Sharing of Information Sec.

A

An increasing number of organizations disclose practices regarding information security (e.g. annual report)

  • > signal activity and engagement in information security
  • > Might deter hackers due to a decreased probability of a successful attack

Information sharing among firms can reduce security breaches

  • > Security related information offered by multiple organizations can provide a more integrated view of relevant security risks
  • > More valuable in competitive industries (high similarity, similar potential, security risk, benefit from share information)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

certifications as signals

A

organization can have there processes audited and certified

this signals information security activities to partners, customers, and other entities ( e.g Attackers)

e.g ISO270001, IT Grundschutz (BSI)

Individuals can obtain certificates as well ( certified information systems security professional)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

PV (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions