Week 7

Question 1

What is IT Security?

Answer 1

The protection of computer systems and networks from the theft of or damage to their hardware, software or electronic data, as well as from the disruption or misdirection of services they provide.

Question 2

What is the security triad?

Answer 2

C I A - Important about an information system is that it is available, confidential and integer.

• Available (system needs to be available for use)
• Confidential (Data in a system needs to be confidential)
• Integrity (Software on a server needs to do what it is supposed to do)

Question 3

Why is security important?

Answer 3

• Brand image - customer loyalty and trust
• Staying compliant to the law
• Everything is connected to the internet nowadays (easier to hack)
• If IS is damaged, the whole organization is damaged.

Question 4

What are direct effects of security failure?

Answer 4

• computer outages

- operation disruptions

Question 5

What are indirect effects of security failures?

Answer 5

• legal problems

- image problems

Question 6

Why is security not an IT problem?

Answer 6

• IT security affects organizational security;
• IT security needs managerial decision making
• Security is a negative deliverable
• Security is diffuclt to fund’
• A manager needs to make the trade-off to spend more on security or face higher risk

Question 7

What is meant by security is a negative deliverable?

Answer 7

It produces no revenue and makes IT less efficient

Question 8

Why is security difficult to fund?

Answer 8

• IT departments have limited funds

Question 9

What are recent developments in security?

Answer 9

• GDPR
• Mobile malware
• Non protected IoT devices
• Nations engaging in cyber warfare and espionage
• Social engineering

Question 10

What are internal IT security threats?

Answer 10

• Intentional malicious behaviour

- Careless behaviour

Question 11

-What are external IT security threats?

Answer 11

• Intrusion threats
• Social engineering
• Phishing
• Security weaknesses
• Backdoors
• Malicious code
• Denial of service attack

Question 12

What is meant by intrusion threat?

Answer 12

An unauthorized attacker gains access to IT resources

Question 13

What is meant by social engineering?

Answer 13

Lying to and deceiving legitimate users to get restricted or private information

Question 14

What is phishing?

Answer 14

Kind of social engineering. Asking to confirm personal data to actually acquire it.

Question 15

What are security weaknesses?

Answer 15

Bugs that enable unauthorized access

Question 16

What are backdoors?

Answer 16

Code specifically designed to grant access to unauthorized users to access an application

Question 17

What are forms of malicious code?

Answer 17

Any software designed to cause damage to IT assets

• Virus
• Trojan Horse
• Worms
• Spyware
• Ransomware

Question 18

What is a virus?

Answer 18

Performs a payload -> harmful set of actions

Spreads by attaching itself to legitimate software

Question 19

What is a trojan horse

Answer 19

Program that claims to be legitimate but delivers a hidden payload

Question 20

What is a worm

Answer 20

Malicious code to networking software that generates a lot of traffic on the network

Question 21

What is a denial of service attack?

Answer 21

Digital assault by overwhelming an online service with traffic to force it offline
-> can be used to create a backdoor for later

Question 22

How can you limit security threats (main focus internal)?

Answer 22

• Security policies including:
• Password standards
• user rights
• Legimitate use of portable devices
  AUDIT POLICIES

-> Authentication and acces control

Question 23

How can you limit external security threats?

Answer 23

• Use of passwords
• Firewalls
• Encryption (public/private)
• Backups

Question 24

What is a DMZ?

Answer 24

• Demilitarized zone in a server. It is after the first firewall and systems are stored here that are accessed by the public. More private servers are stored behind more firewalls

Question 25

What can you do against malware?

Answer 25

• Detection software

- Train employees

Question 26

What can you do agains a denial of service attack?

Answer 26

• Preventing of DOS is difficult because they use slave computers;
• Difficult to identify the location of attack
• Shut down your system or part of your system
• Make use of national and international security communities.

Question 27

What is IT Risk Management?

Answer 27

Process of identifying and measuring information system security risks. Goal is to develop the best risk mitigation strategy.

Question 28

What are the three steps in IT Risk Management?

Answer 28

• Risk Assesment
• Risk Analysis
• Risk Mitigation

Question 29

What is risk assesment?

Answer 29

First step in risk management.

-> Audit current resources, expose vulnerabilities

Question 30

What is Risk Analysis?

Answer 30

Quantifying the risks that are identified.

Look at: hazards, exposure and vulnerability

Question 31

What are hazards?

Answer 31

Events that can happen that poses a potential risk

Question 32

What is exposure?

Answer 32

What resources can be affectd by hazards?

Question 33

What is vulnerability?

Answer 33

How can the organization deal with the risk / what is the likelihood that it happens?

Question 34

What are risk mitigation strategies?

Answer 34

• Risk Acceptance (don’t do anything)
• Risk Reduction (spend some, less risks)
• Risk transference (passing it on to a third party)

Question 35

What is the crisis response cycle?

Answer 35

Crisis -> Response -> Recovery -> Mitigation -> Preparedness