Security Flashcards
What is a code that runs on a computer without the users knowledge; it infects the computer when the code is accessed and executed?
Virus
What is similar to viruses except that it self replicates whereas a virus does not?
Worm
What appears to perform a desired functions but are actually performing malicious functions behind the scenes?
Trojan horse
What malicious software either downloaded unwittingly from a website or installed along with some other third-party software?
Spyware
What software designed to gain administrator local control over a computer system without being detected?
Rootkit
What is the abuse of electronic messaging system such as email, broadcast media, and instant messaging?
Spam
Some ways to prevent and troubleshoot viruses are:
Antivirus software. Update the antivirus software. Make sure the computer has the latest service packs and updates. Run Windows Update. Make sure a firewall is enabled and up to date.
You should also disable Autorun for CD, DVD, and Blu-ray.
To disable AutoRun in Windows 7:
Click Start and type gpedit.msc
Go to Computer Configuration > Administrative Templates > Windows Components > Autoplay Policies
Double click the Turn Off Autoplay setting. Click Enabled radio button and click OK.
Some symptoms of viruses are:
Computer runs slower than usual. Computer locks up frequently. Computer restarts on its own or crashes frequently. Strange sounds occur. Antivirus programs won't run.
If a system is infected with a virus:
Disconnect the network cable from the computer. Make sure you back up critical data. Run a thorough scan with the antivirus program.
Preventing and troubleshooting Spyware:
Download and install anti-spyware protection software.
Adjust Internet Explorer security settings.
Turn on the Phishing filter in IE.
Uninstall unnecessary application’s.
Educate users on how to surf the web safely.
Consider technologies that discourage spyware.
Some symptoms of spyware are:
The web browser’s default homepage has been modified.
A particular website comes up every time you perform search.
Excessive pop up windows appear.
The network adapter’s activity LED blinks frequently even when the computer is not transmitting data.
To repair Spyware:
First disconnect the system from the Internet.
Then try uninstalling the program from Control Panel > Programs and Features in Windows 7/Vista, and Add/Remove Programs in XP.
Then reboot the computer.
You can use HijackThis program.
Preventing and troubleshooting rootkits:
The best way to identify root kit is to use removable media to boot the computer. Reinstall all software.
Preventing and troubleshooting spam:
Use a strong password.
Use a spam filter.
Use whitelists and blacklists.
Train your users.
What is access to an organization’s premises, computer resources and date out without consent of the owner?
Unauthorized access
Unauthorized access can be prevented through the use of authentication.
Something that the user knows, for example, a password or PIN.
Something that user has, for example a smart card or other security token.
Something that user is, for example the biometric reading of a fingerprint or retina scan.
Something that user does, for example a signature or speaking words.
You should always lock rooms and closets and you can even lock PCs and laptops.
Configure the BIOS to lock whether someone opened the case of the computer.
This is logged as chassis intrusion.
What is software designed to infiltrate a computer system and possibly damage it without the user’s knowledge or consent?
Malware
The most common electronic entry system is the card key system.
Other electronic systems will use key towards incorporate a photo ID, or magnetic stripe, barcode, or a radio frequency identification chip (RFID).
Some organizations will design what is known as a mantrap, an area with two locking doors.
What is the science of recognizing humans based on one or more physical characteristics?
Biometrics
An example of biometric hardware is the Microsoft Fingerprint Scanner.
Protecting data physically:
Password should not be written down and not left on the desk or taped to a monitor.
Users should lock their computers when they leave their workstation.
What is the act of manipulating users into revealing confidential information or performing other actions detrimental to the user?
Social engineering
What is the attempt at fraudulently obtaining private information?
Phishing
An example of phishing would be an email that requests verification of private information.
What is when a person uses direct observation to find out a target’s password, PIN, or other such authentication information?
Shoulder surfing
What is when an unauthorized person tags along with an authorized person to gain entry to a restricted area usually with the person’s consent?
Piggybacking
When a hard drive is removed from my computer it either needs to be recycled or disposed of in a proper manner.
Sanitizing the hard drive is a common way of removing data.
What are three options for data removal?
Clearing: this is the removal of data with a certain amount of assurance that it cannot be reconstructed.
Purging: this is the removal data done in such a way so that I cannot be reconstructed by any known technique. The media is released outside the company.
Destruction: this is when the storage media is physically destroyed through pulverizing, drilling holes through the platters, and so on.
Which of the following malware self replicates?
A. Virus
B. Worm
C. Trojan
D. Rootkit
B. Worm
What type of malware is the abuse of electronic messaging?
A. Virus
B. Spyware
C. Spam
D. Worm
C. Spam
Which is the following are symptoms of viruses? (Select the the best answers.)
A. Computer runs slowly. B. Computer locks up. C. Excessive pop-up windows appear. D. A strange website is displayed when a seedy is done. E. Unusual error messages are displayed.
A, B, and E.
Which of the following is the science of recognizing humans based on physical characteristics?
A. Mantraps
B. Biometrics
C. Tailgating
D. Something a person is
B. Biometrics
A hard drive needs to be disposed of in a way so that no one can access the data. Which method should you use?
A. Phishing
B. Cleaning
C. Shoulder surfing
D. Destruction
D. Destruction
Which of the following is the best mode to use when scanning for viruses?
A. Safe Mode
B. Last Known Good Configuration
C. Command Prompt only
D. Boot into Windows normally
A. Safe Mode
Which of the following is one way to prevent spyware?
A. Use firewall exceptions
B. Adjust Internet Explorer settings
C. Adjust the Internet Explorer homepage
D. Remove the spyware from Add/Remove Programs
B. Adjust Internet Explorer settings
One of your customers tells you that a bank employee called and asked for the person’s bank balance and telephone number. What is this an example of?
A. Spam
B. Virus
C. Social Engineering
D. Trojan
C. Social Engineering
There are four types of user accounts:
Administrator
User
Power User
Guest
This account has full control of an operating system.
Administrator