Security - Chapter 17 Flashcards

Question 1

Q

A system that monitors network use for potential hacking attempts. Such a system may take preventative action to block, isolate, or identify attempted infiltration, and raise further alarms to warn security personnel.

Answer

A

Intrusion detection systems

Question 2

Q

An attack where a firm’s computer systems are flooded with thousands of seemingly legitimate requests, the sheer volume of which will slow or shut down the site’s use. These attacks are often performed via botnets.

Answer

A

distributed denial of service (DDoS)

Question 3

Q

A seemingly tempting, but bogus target meant to draw hacking attempts. By monitoring infiltration attempts against a these, organizations may gain insight into the identity of hackers and their techniques, and they can share this with partners and law enforcement.

Answer

A

honeypots

Question 4

Q

A two key system used for securing electronic transmissions. One key distributed publicly is used to encrypt (lock) data, but it cannot unlock data. Unlocking can only be performed with the private key. The private key also cannot be reverse engineered from the public key. By distributing public keys, but keeping the private key, Internet services can ensure transmissions to their site are secure.

Answer

A

public key encryption

Question 5

Q

A term that may, depending on the context, refer to either 1) breaking into a computer system, or 2) a particularly clever solution.

Question 6

Q

Those scrambled character images that many sites require to submit some sort of entry (account setup, ticket buying) and are meant to be a Turing Test—a test to distinguish if a task is being performed by a computer or a human.

Answer

A

CAPTCHAs

An acronym for Completely Automated Public Turing Test to Tell Computers and Humans Apart

Question 7

Q

A term that, depending on the context, may be applied to either 1) someone who breaks into computer systems, or 2) to a particularly clever programmer.

Question 8

Q

Criminals that purchase assets from data harvesters to be used for illegal financial gain. Actions may include using stolen credit card numbers to purchase goods, creating fake accounts via identity fraud, and more.

Answer

A

cash-out fraudsters

Question 9

Q

Scrambling data using a code or formula, known as a cipher, such that it is hidden from those who do not have the unlocking key.

Answer

A

encryption

Question 10

Q

Attacks that are so new that they haven’t been clearly identified, and so they haven’t made it into security screening systems.

Answer

A

zero-day exploits

Question 11

Q

Highly restrictive programs that permit communication only with approved entities and/or in an approved manner.

Answer

A

whitelists

Question 12

Q

Programs that deny the entry or exit of specific IP addresses, products, Internet domains, and other communication restrictions.

Answer

A

blacklists

Question 13

Q

A trusted third party that provides authentication services in public key encryption schemes.

Answer

A

certificate authority

Question 14

Q

A con executed using technology, typically targeted at acquiring sensitive information or tricking someone into installing malicious software.

Question 15

Q

Term used in security to refer to forging or disguising the origin or identity. E-mail transmissions and packets that have been altered to seem as if they came from another source are referred to as this.

Question 16

Q

An attack that exhausts all possible password combinations in order to break into an account. The larger and more complicated a password or key, the longer this type of attack will take.

Answer

A

brute-force attack

Question 17

Q

Someone who uncovers computer weaknesses without exploiting them. Their goal is to improve system security.

Answer

A

white hat hackers

Question 18

Q

Code that unlocks encryption.

Question 19

Q

When identity is proven by presenting more than one item for proof of credentials. Multiple factors often include a password and some other identifier such as a unique code sent via e-mail or mobile phone text, a biometric reading (e.g. fingerprint or iris scan), a swipe or tap card, or other form if identification

Answer

A

multi-factor authentication

Question 20

Q

A protester seeking to make a political point by leveraging technology tools, often through system infiltration, defacement, or damage.

Answer

A

hacktivists

Question 21

Q

black hat hackers

Answer

A

A computer criminal.

Question 22

Q

Hordes of surreptitiously infiltrated computers, linked and controlled remotely, also known as zombie networks.

Question 23

Q

Combing through trash to identify valuable assets.

Answer

A

dumpster diving

Question 24

Q

A system that acts as a control for network traffic, blocking unauthorized traffic while permitting acceptable use.

Answer

A

firewalls

Question 25

Q

Technologies that measure and analyze human body characteristics for identification or authentication. These might include fingerprint readers, retina scanners, voice and face recognition, and more.

Answer

A

Biometrics

Question 26

Q

Gaining compromising information through observation (as in looking over someone’s shoulder).

Answer

A

shoulder surfing

Question 27

Q

Cybercriminals who infiltrate systems and collect data for illegal resale.

Answer

A

data harvesters

Question 28

Q

honeypots

Answer

A

A seemingly tempting, but bogus target meant to draw hacking attempts. By monitoring infiltration attempts against a honeypot, organizations may gain insight into the identity of hackers and their techniques, and they can share this with partners and law enforcement.

Question 29

Q

Intrusion detection systems

Answer

A

A system that monitors network use for potential hacking attempts. Such a system may take preventative action to block, isolate, or identify attempted infiltration, and raise further alarms to warn security personnel.

Question 30

Q

distributed denial of service (DDoS)

Answer

A

An attack where a firm’s computer systems are flooded with thousands of seemingly legitimate requests, the sheer volume of which will slow or shut down the site’s use. DDoS attacks are often performed via botnets.

Question 31

Q

con games that trick employees into revealing information or performing other tasks that compromise a firm are known as

Answer

A

social engineering

Question 32

Q

Firms use information for what two purposes

Answer

A

Transactional purposes

Analytical purposes

Question 33

Q

Transactional purposes firms use information for

Answer

A

Day-to-day operations

Question 34

Q

Analytical purposes firms use information for

Answer

A

Trend analyses, forecasts, and input generation for strategies that improve profit or long-term sustainability - compete on analytics

Question 35

Q

Major purpose of a database

Answer

A

To keep track of related information about more than one thing

Question 36

Q

public key encryption

Answer

A

A two key system used for securing electronic transmissions. One key distributed publicly is used to encrypt (lock) data, but it cannot unlock data. Unlocking can only be performed with the private key. The private key also cannot be reverse engineered from the public key. By distributing public keys, but keeping the private key, Internet services can ensure transmissions to their site are secure.

Question 37

Q

DBMS

Answer

A

Database Management Systems

Question 38

Q

The set of defenses put in place to counter threats to technology infrastructure and data resources

Question 39

Q

The process of identifying and measuring information systems security risks, and devising the optimal risk mitigation strategy

Answer

A

IT Risk Managment

Question 40

Q

social engineering

Answer

A

con games that trick employees into revealing information or performing other tasks that compromise a firm are known as

Question 41

Q

What is the CIA triad?

Answer

A

Confidentiality - integrity - availability

Fundamental conflict in security; balancing the three

Question 42

Q

If data cannot be seen by unauthorized people, its

Answer

A

Confidential

Question 43

Q

Involves ensuring the consistency, accuracy, and trustworthiness of data - data cannot be changed in transit and/or by unauthorized people

Answer

A

Integrity

Question 44

Q

If data can be accessed by people who should have access to it, it is appropriately ______.

Answer

A

Available

Question 45

Q

Why is it sometimes difficult to make the business case for security measures?

Answer

A

IT security risks are hard to assess in the absence of an attack
Security is a negative deliverable
Forward looking investment with hypothetical benefits
Recurring investment
IT departments have limited budgets

Question 46

Q

Integrity

Answer

A

Involves ensuring the consistency, accuracy, and trustworthiness of data - data cannot be changed in transit and/or by unauthorized people

Question 47

Q

Confidential

Answer

A

If data cannot be seen by unauthorized people

Question 48

Q

Security

Answer

A

The set of defenses put in place to counter threats to technology infrastructure and data resources

Question 49

Q

Available

Answer

A

If data can be accessed by people who should have access to it

Question 50

Q

If a firm stops investing in security and maintains the old defenses too long, then a harmful attack occurrence becomes a matter of when, rather than if

Answer

A

Recurring investment

Question 51

Q

IT Risk Managment

Answer

A

The process of identifying and measuring information systems security risks, and devising the optimal risk mitigation strategy

Question 52

Q

Designed to manage the trade-off between the degree of desired security and the investment necessary to achieve it

Answer

A

Cost/benefit analysis (CBA$

Question 53

Q

Cost benefit analysis (CBA) - security

Answer

A

Designed to manage the trade off between the degree of desired security and the investment necessary to achieve it

Question 54

Q

5 costly actions that a firm might need to engage in as a result of a data breach involving customer information

Answer

A

Investigation and remediation associated with the exploited vulnerability
Notification of the impacted consumers via mail
Identity theft and credit monitoring
Lost business
Lawsuits

Question 55

Q

Investigation and remediation associated with the exploited vulnerability

Answer

A

Figure out how data was stolen/compromised, and put in place safeguards/patches to prevent future exploits of the same vulnerability

Question 56

Q

Lost business as a result of a data breach involving customer information

Answer

A

Disruptions in normal business if services are down or denied, credit card companies may refuse to provide credit card service, lost business due to defecting customers

Question 57

Q

What are typical internal security threats

Answer

A

Careless, ignorant, or negligent behavior

Intentional malicious behavior

Question 58

Q

3 ways to combat insider threats

Answer

A

User training, user activity/behavior monitoring, information security (formal) governance program

Question 59

Q

Attacks that exploit a vulnerability that a developer did not have time to address and patch

Answer

A

Zero-day (zero-hour, day-zero) attacks

Question 60

Q

Training (response to security threats)

Answer

A

Reduce ignorance and indifference

Question 61

Q

User activity and behavior monitoring (response to security threats)

Answer

A

Check compliance with polices

Look for suspicious activities

Question 62

Q

Formal governance program (response to security threats)

Answer

A

Onboarding and “deboarding” procedures
Password standards
Statement of behaviors that individual employees should follow in order to minimize security risks
Statement of user rights and responsibilities, and of legitimate uses of portable devices
Periodic audits

Question 63

Q

Code designed into software programs to allow access to the application by circumventing password protection
In some cases, they are built in order to prevent high-level accounts such as admin accounts from being made inaccessible

Answer

A

Backdoors

Question 64

Q

Lying to and deceiving legitimate users

Tricking them into divulging restricted information

Answer

A

Social engineering

Answer 58

A

Bugs (flaws) in the code
Heartbleed bug
Zero-day (zero-hour, day-zero) attacks
SQL injection attack
Trojan
Spyware
Virus
Worm
Denial of service attack (DoS)
Ransomware

Answer 59

A

Heartbleed bug

Answer 60

A

Phishing scams via SMS

Answer 61

A

SQL Injection Attack

Answer 62

A

Bugs (flaws) in the code

Answer 63

A

Lying to and deceiving legitimate users

Tricking them into divulging restricted information

Answer 64

A

“Zero day” vulnerability window

Answer 65

A

Sometimes can cause modules to freeze or malfunction, potentially weakening defenses

in other cases, poorly implemented functions/modules/operations can create opportunities for exploits (e.g., exposure to SQL Injections, Heartbleed bug affecting OpenSSL)
November 2017. Apple raced to fix MacOS High Sierra but that made it possible to log in without a password and gain administrator rights

Answer 66

A

Automated social engineering scams
-exposing individuals to official-sounding spam appearing to be from known/respectable/legitimate institutions that asks people to confirm private data in an effort to capture that data

Answer 67

A

Code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field (such as a username or password login authentication fields) for execution (e.g. to dump the database contents to the attacker)

in essence, this arises because the fields available for user input allow SQL statements to pass through unsanitized and query the database directly
one of the most common application layer attack techniques

Answer 68

A

Code designed into software programs to allow access to the application by circumventing password protection
In some cases, they are built in order to prevent high-level accounts such as admin accounts from being made inaccessible

Answer 69

A

Select everything (all fields) from Table

Answer 70

A

A program that

appears to provide useful functionality
delivers a hidden, malicious payload, after installation (which could include backdoors for remote access and control)

Answer 71

A

Secure socket layer
A technology that was developed to make secure communication possible
-the https:// encryption

Answer 72

A

Half a million

Answer 73

A

From the moment the software with the flaw was released until the patch is released (technically until users install the patch but some users may abandon a system that is known to be vulnerable once that is public information

Answer 74

A

Hidden software that
-monitors behavior, collects information, transfers information to a third party, performs unwanted operations
Diverts resources and often slows down the computer

Answer 75

A

Malicious code that spreads by attaching itself to (mostly executable) files that are part of legitimate installed programs
-usually needs human action to replicate and spread - running or copying the infected program/code (e.g., running an executable file, etc)

Answer 76

A

Harmful set of actions performed after machine is infected
-damage may vary in severity from just some occasional pop-up messages to files being corrupted/deleted or entire systems being shut down

Answer 77

A

Self-replicating malicious code that exploits security holes in network software to spread across nodes in a network

Answer 78

A

Do not usually attach to a file
Are standalone software programs that may self-replicate/spread without a host program or human action (e.g., send a copy of itself to everyone in the users’ address book, replicate by exploiting network vulnerabilities)

Answer 79

A

Worm that attacked web servers running IIS

installed back door and propagated 100 times over per infection
patch issued by Microsoft on June 18, 2001
worm struck on July 19, 2001 (a month after patch was made available)

Answer 80

A

Denial-of-Service Attack (DoS)

Answer 81

A

Digital assault carried out over a computer network
Objective: concerted effort (often times using botnets) to overwhelm an online service with requests and slow it down or force it to shut down altogether
-can be used to divert attention to allow the attacker to exploit other security vulnerabilities

Answer 82

A

Ransomware

Answer 83

A

Type of malware that restricts access to the infected computer system in some way (inability to log in or encryption of files), and requests that the user pays a ransom for the restrictions to be removed

a lot of times in the form of a Trojan
sometimes used as a distraction from more serious hacking

Answer 84

A

CryptoLocker Trojan (later versions evolving to worm) - encrypted files on the affected system - demand ransom in the form of bitcoins
Cryptowall (Windows), KeRanger (OS X)

Answer 85

A

Malware kits

Answer 86

A

Defense in depth

Answer 87

A

Use of passwords

Answer 88

A

Firewalls

Answer 89

A

The encryption process

Answer 90

A

IT professionals install detection software (antivirus, anti spyware, etc)

Answer 91

A

Mitigation method

Answer 92

A

Malware (for malicious software)

Answer 93

A

Botnets or zombie networks

Answer 94

A

Botnets or zombie networks

Answer 95

A

Malicious adware

Answer 96

A

Keylogger

Answer 97

A

Screen capture

Answer 98

A

Card Skimmer

Answer 99

A

RAM scraping or storage scanning software

Answer 100

A

Ransomware

Answer 101

A

Blended threats

Answer 102

A

SQL injection technique

Brainscape's Knowledge GenomeTM

Security - Chapter 17 Flashcards

Brainscape's Knowledge Genome^TM