Test #2 Flashcards

1
Q

What is the goal of security programs?

A

Mitigate risk (Not eliminate but reduce)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What threat considerations should we make (6)

A

Threat vectors, threat sources and targets, types of attacks, malicious mobile code, advanced persistent threats (ATPs), manual attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a threat vector?

A

A threat vector is a term used to describe where a threat originates and the path it takes to reach a target.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Types of Malicious Mobile Code (3)

A

Virus, Worm, and Trojan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Malicious Code Lifecycle

A

Find, exploit, infect, repeat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a virus?

A

A virus is a self-replicating program that uses other host files or code to replicate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a payload?

A

The damage routine of a virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a worm?

A

A computer worm uses its own coding to replicate, although it may rely on the existence of other related code to do so.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a Trojan

A

Trojan horse programs, or Trojans, work by posing as legitimate programs that are activated by an unsuspecting user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is an Advanced Persistent Threat?

A

The use of sophisticated malware for targeted cybercrime is known as advanced persistent threats (APTs).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a physical attack?

A

When a person gains information by physically removing a part of a system or whole system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are Network-layer attacks?

A

Network-layer attacks attempt to compromise network devices and protocol stacks. Network-layer attacks include packet-sniffing and protocol-anomaly exploits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is packet-sniffing?

A

Sniffing occurs when an unauthorized third party captures network packets destined for computers other than their own. Packet sniffing allows the attacker to look at transmitted content and may reveal passwords and confidential data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How can we stop packet sniffing?

A

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a buffer overflow?

A

Buffer overflows occur when a program expecting input does not do input validation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How does ARP Poisoning work?

A

ARP poisoning works by simply responding to Address Resolution Protocol (ARP) requests with the attacker’s MAC address

17
Q

Risk Equation

A

Risk=Probability (Threat + Exploit of Vulnerability) * Cost of Asset Damage

18
Q

Three methods of Authentication

A

Something you know, something you have, something you are

19
Q

What is biometrics?

A

Using a physical attribute like a fingerprint or iris scan to authenticate

20
Q

What is authentication?

A

Authentication establishes who the user is

21
Q

What is authorization?

A

Authorization establishes what the user is allowed to do

22
Q

What is encryption?

A

Keeping secrets by disguising them, hiding them, or making them indecipherable to others is an ancient practice

23
Q

Transposition

A

Rearranging letters to encrypt