Security Interests

Question 1

what is information security?

Answer 1

the protection of information systems from accidental or intentional misuse by persons inside or outside an organization
the info needs to be protected from both digital and physical threats

Question 2

outside threats

Answer 2

natural disasters
internet (unauthorized users, denial of service, malware eg viruses, worms etc)
human-made disasters

Question 3

inside threats

Answer 3

employees
other insiders eg cleaners
hardware threats
systems software

Question 4

viruses

Answer 4

software written with the malicious intent to cause annoyance or damage

• trojan- horse virus
• backdoor programmes

Question 5

What is a denial of service attack (DoS) ?

Answer 5

cyberattack in which the perpetrator seeks to make a machine or network source unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the web

Question 6

What is the trojan horse virus?

Answer 6

exploit: contains code that attacks a weakspot in software
backdoor: gives malicious users remote access to the infected computer
rootkit: these are designed to effectively prevent malicious programs being detected
trojan-banker: its purpose is to steal your account data for online banking systems; e-payment systems and credit or debit cards

Question 7

what is phishing?

Answer 7

a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent email

Question 8

What is risk?

Answer 8

an incident or occurrence emanating from internal or external sources that prevents implementation of strategy or achievement of objectives

Question 9

What are the Risk management responses ?

Answer 9

mitigate: implement effective internal controls
accept: do nothing, accept likelihood of risk
transfer: buy insurance, outsource
avoid: do not engage in activity that produces risk