Week 7 Flashcards
What is IT Security?
The protection of computer systems and networks from the theft of or damage to their hardware, software or electronic data, as well as from the disruption or misdirection of services they provide.
What is the security triad?
C I A - Important about an information system is that it is available, confidential and integer.
- Available (system needs to be available for use)
- Confidential (Data in a system needs to be confidential)
- Integrity (Software on a server needs to do what it is supposed to do)
Why is security important?
- Brand image - customer loyalty and trust
- Staying compliant to the law
- Everything is connected to the internet nowadays (easier to hack)
- If IS is damaged, the whole organization is damaged.
What are direct effects of security failure?
- computer outages
- operation disruptions
What are indirect effects of security failures?
- legal problems
- image problems
Why is security not an IT problem?
- IT security affects organizational security;
- IT security needs managerial decision making
- Security is a negative deliverable
- Security is diffuclt to fund’
- A manager needs to make the trade-off to spend more on security or face higher risk
What is meant by security is a negative deliverable?
It produces no revenue and makes IT less efficient
Why is security difficult to fund?
- IT departments have limited funds
What are recent developments in security?
- GDPR
- Mobile malware
- Non protected IoT devices
- Nations engaging in cyber warfare and espionage
- Social engineering
What are internal IT security threats?
- Intentional malicious behaviour
- Careless behaviour
-What are external IT security threats?
- Intrusion threats
- Social engineering
- Phishing
- Security weaknesses
- Backdoors
- Malicious code
- Denial of service attack
What is meant by intrusion threat?
An unauthorized attacker gains access to IT resources
What is meant by social engineering?
Lying to and deceiving legitimate users to get restricted or private information
What is phishing?
Kind of social engineering. Asking to confirm personal data to actually acquire it.
What are security weaknesses?
Bugs that enable unauthorized access
What are backdoors?
Code specifically designed to grant access to unauthorized users to access an application
What are forms of malicious code?
Any software designed to cause damage to IT assets
- Virus
- Trojan Horse
- Worms
- Spyware
- Ransomware
What is a virus?
Performs a payload -> harmful set of actions
Spreads by attaching itself to legitimate software
What is a trojan horse
Program that claims to be legitimate but delivers a hidden payload
What is a worm
Malicious code to networking software that generates a lot of traffic on the network
What is a denial of service attack?
Digital assault by overwhelming an online service with traffic to force it offline
-> can be used to create a backdoor for later
How can you limit security threats (main focus internal)?
- Security policies including:
- Password standards
- user rights
- Legimitate use of portable devices
AUDIT POLICIES
-> Authentication and acces control
How can you limit external security threats?
- Use of passwords
- Firewalls
- Encryption (public/private)
- Backups
What is a DMZ?
- Demilitarized zone in a server. It is after the first firewall and systems are stored here that are accessed by the public. More private servers are stored behind more firewalls
What can you do against malware?
- Detection software
- Train employees
What can you do agains a denial of service attack?
- Preventing of DOS is difficult because they use slave computers;
- Difficult to identify the location of attack
- Shut down your system or part of your system
- Make use of national and international security communities.
What is IT Risk Management?
Process of identifying and measuring information system security risks. Goal is to develop the best risk mitigation strategy.
What are the three steps in IT Risk Management?
- Risk Assesment
- Risk Analysis
- Risk Mitigation
What is risk assesment?
First step in risk management.
-> Audit current resources, expose vulnerabilities
What is Risk Analysis?
Quantifying the risks that are identified.
Look at: hazards, exposure and vulnerability
What are hazards?
Events that can happen that poses a potential risk
What is exposure?
What resources can be affectd by hazards?
What is vulnerability?
How can the organization deal with the risk / what is the likelihood that it happens?
What are risk mitigation strategies?
- Risk Acceptance (don’t do anything)
- Risk Reduction (spend some, less risks)
- Risk transference (passing it on to a third party)
What is the crisis response cycle?
Crisis -> Response -> Recovery -> Mitigation -> Preparedness
