Topic 5: Security policies Flashcards

1
Q

Name three types of security threat.

A
Criminal vandalism/sabotage
Hacking or theft
White collar crime
Natural disasters (eg flooding) and fire
Accidents and errors
State-sponsored hacking
Politically-motivated attacks or data breaches
Terrorism
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is hacking? Give an example.

A

Hacking is when an individual or criminal gang finds a way to break into a company’s ICT systems. They may steal customers’ information, especially their bank account details. Or hackers may use ransomware to encrypt a company’s files. They then demand the company pays a ransom to unencrypt the files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is an example of white collar cybersecurity crime?

A

White collar cybersecurity crime is when an employee uses their access to ICT systems to steal information from their company, or misuses the network for criminal activity. For example, an employee in a bank might steal customers’ account details. Or they might sell confidential information to a rival company.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Why are natural disasters a security threat?

A

A natural disaster such as flooding could damage a company’s data centre. The company could lose important information and would need to replace equipment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is an example of a security threat due to misuse or accidents?

A

Common mistakes that employees make include accidentally deleting important data, or sending confidential information by email to the wrong people.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is state-sponsored hacking?

A

State-sponsored hacking is when a country uses its cybersecurity expertise to attack another country’s ICT, or a specific company that it doesn’t approve of.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Give an example of state-sponsored hacking involving the entertainment industry.

A

When Sony Pictures launched a comedy film about the leader of North Korea in 2014, a hacker group allegedly backed by the government attacked Sony’s ICT systems. It posted on the Internet copies of their films and confidential emails about film stars. Sony initially withdrew the film, but later changed its mind.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Give an example of state-sponsored hacking involving an industrial target.

A

Allegedly, the Stuxnet virus was created by the US and Israeli governments to attack Iran’s nuclear facility in 2010. The virus caused equipment at the plant to run out of control. Stuxnet has been described as the most dangerous virus ever released.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Give an example of a politically-motivated data breach.

A

Edward Snowden was an IT security contractor employed by the National Security Agency in the US. In 2013, he leaked thousands of documents to journalists in protest at the US government’s secret mass surveillance of American citizens.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How can physical access security protect companies?

A

Doors, locks, keypad codes, swipe cards, voice recognition, facial recognition, and CCTV are examples of physical access security. They protect data centres and server rooms so that only authorised people can enter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What operational procedures can protect companies from security threats?

A

Operational procedures include:
A schedule for regular data back-ups;
Regular updates of anti-virus software and firewalls to protect against latest threats;
Have a plan for responding to natural or other disasters;
Store data in different geographic locations;
Have a recovery plan for restoring data if it is corrupted or lost;
Test back-up power supplies, batteries and diesel generators;
Enforce an employee code of conduct to protect company data and equipment;
Regular training for IT staff
Monitor network traffic for unusual activity
Configure routers to detect and filter DDoS attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How can an employee Code of Conduct protect companies against security threats?

A

A Code of Conduct ensures staff know how to avoid taking risks that could expose the company to viruses or other threats. Employees should never click on email attachments from people they don’t know, for example.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is an uninterruptable power supply?

A

An uninterruptable power supply is a large battery and diesel generator that keeps equipment running for a few hours or days if the normal power supply is lost.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a BYOD policy?

A

A Bring Your Own Device (BYOD) policy restricts the type of devices (phones and laptops etc) that employees can use on the company network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Name 3 potential consequences for a company if hackers breach its security systems and steal customer data.

A

If customer data is stolen or posted online then the company’s reputation would be damaged.
Customers may leave and the company could have difficulty winning new customers.
The company might be sued by customers and it would need to pay legal fees to defend itself.
Regulators may impose a fine.
Competitors may gain access to confidential information.
Production, distribution and delivery may be delayed.
The company is likely to lose business and cash-flow.
The company’s share price could fall if investors lose confidence in it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Describe 3 factors a company should consider in order to minimise security risks.

A
  1. Understand the threat landscape - what types of threat could impact the company?
  2. Calculate the likelihood of a breach - what is the likelihood of different types of threat occurring?
  3. Understand the consequences - what are the short-term and long-term consequences if a security breach occurs?
  4. Security procedures - what procedures does the company have in place? For example, back-ups, anti-virus updates, disaster recovery plans etc.
17
Q

What is risk management? (or ‘risk analysis’)

A

Risk management is the process of 1) assessing the threat landscape 2) estimating the likelihood of any potential threat occurring 3) estimating the cost of the consequences and of recovering lost data 4) assessing how well prepared the company is to respond to or avoid the threat.

18
Q

What is a proxy server?

A

A proxy server is an intermediary server between a client computer and a resource, such as access to the Internet.

19
Q

How is a proxy server used to protect computers on a company network?

A

A proxy server protects computers on a network by relaying requests for access to network services. For example, a proxy server intercepts requests to a web server from a client computer in order to provide indirect access to the Internet. This means the client’s IP address is not visible to the web server and so protects the user’s privacy.

20
Q

How do user accounts help to keep data secure?

A

The IT Administrator gives a username and password to each user and allocates a level of access appropriate to their role. For example, a student only has access to their own files, whereas a teacher has access to their own files and those of their students. A superuser in IT has access to everyone’s account.

21
Q

How do user logs help to keep data secure?

A

User logs provide an audit trail of activity on the network. Logs are a record of who logged on and off and when. They also show what computer they were on, what programs they used, the files they accessed and any changes made to data.
Authorised IT staff can analyse the logs to identify abuses of the system, for example if an employee tried to guess a password for a database they shouldn’t be able to access.

22
Q

Define disaster recovery

A

A plan to restore data and systems as quickly as possible and to minimise disruption following a loss of data, network or IT system.

23
Q

Name 3 types of back-up media

A

Optical disk drive, magnetic tape, solid state drives (SSD), USB memory stick

24
Q

Method to prevent loss of data due to disk failure

A

Redundant Array of Independent Disks (RAID)