Security

Question 1

What is information security?

Answer 1

All the processes and policies designed to protect an orgs info and IS from unauthorized access, use, disclosure, disruption, modification, or destruction

Question 2

What is a Threat to an info source?

Answer 2

any danger to which a system may be exposed

Question 3

What is the exposure of an info resource?

Answer 3

The harm, loss, or damage that can result if a threat compromises that resource

Question 4

What is an info resources vulnerability

Answer 4

Possibility that a threat will harm that resource

Question 5

What is cybercrime?

Answer 5

illegal activities conducted over computer networks, particularly the internet

Question 6

What are 5 factors contributing to vulnerability of organizational resources?

Answer 6

1. Interconnected, interdependent, wirelessly networked business environment
2. Smaller, faster, cheaper computers and storage devices
3. Decreasing skills necessary to be a computer hacker
4. International organized crime taking over cybercrime
5. Lack of management support

Question 7

What are human errors risk areas

Answer 7

Higher level employees and greater access privileges are a greater threat

2 areas: HR and IS

Question 8

What are human mistakes

Answer 8

1. Carelessness with devices
2. Opening questionable emails
3. Careless internet surfing
4. Poor passwords
5. Carelessness with one’s office
6. Carelessness using unmanaged devices
7. Carelessness with discarded equipment
8. Careless monitoring of environmental hazards

Question 9

What is social engineering

Answer 9

An attack in which the perpetrator uses social skills to trick a legitimate employee into providing confidential company information such as passwords

Question 10

What are social engineering methods

Answer 10

1. Impersonation: pretending to be a manager of an IS employee
2. Tailgating: following behind an employee to enter restricted areas
3. Shoulder surfing: watching over shoulder

Question 11

Examples of deliberate threats to IS

Answer 11

1. Espionage
2. Theft of equipment and info
3. ID theft
4. Software attacks

Question 12

What is espionage/trespass

Answer 12

Occurs when an unauthorized individual attempts to gain illegal access to an orgs info.

Used for competitive intelligence

Question 13

What is identity theft

Answer 13

Deliberate assumption of another person’s identity, usually to gain access to their financial info or to frame them for a crime

Stealing mail, stealing personal info, infiltrating orgs that store large amounts of personal info, phishing

Question 14

What are the types of software attacks?

Answer 14

1. Remote attacks needing user action
2. Remote attacks needing no user action
3. Attacks by a programmer developing system

Question 15

What are types of remote attacks needing user action

Answer 15

1. Virus: malicious actions by attaching to another computer program
2. Worm: malicious actions and will spread by itself
3. Phishing: deception to acquire info
4. Spear phishing: attacks a large group of people

Question 16

What are types of remote attacks needing no user action

Answer 16

1. Denial-of-service attack: an attacker sends so many info requests to a computer system that the target cannot handle them successfully and crashes
2. Distributed denial of service attack: first takes on many computers, these computers are zombies or bots, the attacker uses the bots to form a botnet to deliver coordinated stream of info requests to a target computer causing it to crash

Question 17

What are types of attacks by a programmer developing system

Answer 17

1. Trojan horse: software program that hide in other computer programs and reveal their designed behaviour only when activated
2. Back door: password only known to attacker that allows them to access a computer system at will
3. Logic bomb: code that is embedded within an orgs existing computer programs designed to activate and perform destructive action under specific conditions

Question 18

What is a ransomware

Answer 18

Malicious software that blocks access to a computer system or encrypts an orgs data until the org pays a sum of money

Question 19

What are orgs doing to protect info resources

Answer 19

Risk management with 3 processes:
risk analysis
risk mitigation
controls evaluation

Question 20

What is involved in risk analysis

Answer 20

1. Assessing the value of the asset
2. Estimate the probability that each asset will be compromised
3. Compare the probable cost of the asset being compromised with the cost of protecting it

Question 21

What is risk mitigation?

Answer 21

Process where an org takes concrete actions against risks

implementing controls to prevent threats from occurring and developing a means of recovery if the threat becomes a reality

Question 22

What are the most common risk mitigation strategies

Answer 22

1. Risk acceptance: accept the potential risk, continue operating with no controls
2. Risk limitation: implementing controls that minimize impact of threat
3. Risk transference: transfer the risk by using other means to compensate for the loss, such as by purchasing insurance

Question 23

What are controls evaluation

Answer 23

Org identifies security deficiencies and calculates the costs of implementing adequate control measures to compare against the value of those measures

if the costs of implementing a control is greater than the value of the asset, the control is not cost effective

Question 24

What are info security controls

Answer 24

1. Physical controls: stop unauthorized individuals. Walls, doors, gates…
2. Access controls: physical or logical (PIN, password programs, advanced biometric security)
3. Communication/network controls: can data securely move across your network. Firewalls, VPN

Question 25

What is authentication and authorization?

Answer 25

Authentication: confirms the ID of the person requiring access–> something the user is, something they have, something they do (signature), something they know (PIN)

Authorization: determines which actions, rights or privileges the person has, based on their verified ID

Question 26

What is encryption?

Answer 26

Process of converting an original message into a form that cannot be read by anyone except the intended receiver, all systems use a key which is the code that scrambles and decode the messages

Question 27

Symmetric vs symmetric key algorithms

Answer 27

Symmetric: encryption which use the same key for encryption and decryption

Asymmetric: a pair of keys a public key and private key
Public keys are used for encryption or signature verification
Private keys decrypt and sign

Question 28

What is a digital certificate

Answer 28

Electronic document attached to a file that certifies that the file if from the org it claims to be from and has not been modified from its original format