Week 9 Flashcards
1
Q
```
~~~
define Security
A
- policies, procedures and technical measures used to prevent unathourized access, alteration, theft or physical damage to infomation ystems
2
Q
define controls
A
- methods policies and organzational procedure that ensure saftey of organzations assets: accuracy and reliability of its accounting records: and operational adhernece to mangement standards
3
Q
why are systems vulnuable
A
- accesbility of data on networks
- hardware problems
- software problems
- disatsers
- use of networks outside of firms control
- loss and theft of portable devices
4
Q
internet vulnurabilites
A
- email, instant messaging, peer-peer networking (P2P)
sniffing
- an eavesdropping program that monitors informations travelling over a network
- the interception and analysis of data packets as they travel across a network
5
Q
SSIDs (service set idenitfiers)
A
indeintfy access points, broadcast multiple times can be idenitfied by sniffer programsn that monitor your internet activity
6
Q
define war driving
A
- Eavesdropper drive by building and try to detect SSID and gain access to network and resources
7
Q
define rouge access points
A
a wireless access point has been installed on a secure network without explicit authorization from a local network
8
Q
name the 5+ malicious software
A
- virsuses
- worms
- trojan horses
- SQL injection attacks
- ransomware
- spyware
9
Q
define viruses
A
a rogue software program that attaches itself to other software programs
10
Q
define worms
A
independent computer program that copy themselves across computers
11
Q
trojan horse
A
a software program that downloads itself disguised as a legitimate program
12
Q
SQL injection attacks
A
interface with queries and gaining access to data
13
Q
define ransomware
A
extort money from users by taking control of their computers
14
Q
define spyware
A
malicious software monitoring user activity
- keyloggers - reset browsers home pages - redirect search request - slow computer performance by taking up memory
15
Q
define hackers
A
-can cause systems intrusion or system damage
16
Q
define cybervandilism
A
intentional disruption, defacement, destruction of website or corporate information system
Spoofing get that they are interacting with a known, trusted source
17
Q
denial of service (DoS)
A
-Hackers flood a network server or web server with many thousands of false communications or requests for services to crash the network
18
Q
distrubuted denial of servce attacks (DDoS)
A
Uses numerous computers to inundate and overwhelm the network from many launch points
19
Q
define Botnets
A
a group of computers which have been infected by malware and have come under the control of a malicious actor
20
Q
define cycbercrime
A
- Any crime where a cyber element has a substantial role in the commision of a criminal offence
21
Q
two categories of cybercrime
A
technology as target
- unauthorized use of a computer
- mischeif of data
technology as instrument
- fraud
- indentity theft
22
Q
define phishing
A
Spear phishing
Whaling
- Evil twins: bogus wifi network
- pharming: redirecting to a bogus web page
23
Q
define click fruad
A
- Click bots
- Trick a platform or service into thinking real users are interacting with a web page or app
24
Q
define cyberterrorism
A
- Cyberattack using exploiting computer or communication networks to cause sufficient destruction or disruption to generate fear or to intimidate a society into an ideological goal
- Use cyberspace to cause physical, psychosocial, political, economic, ecological, or other damage
25
define cyberwarfare
State sponsored activity designed to cripple and defeat another state or nation by penetrating its computers or networks to cause damage and disruption
26
internal threats: employees
- Security threats often originate inside an organization
- Insider knowledge
- Sloppy security procedures
- Users lack of knowledge
- Social engineering: manipulating people into information
27
define bugs
Bugs (program code defects)
- Zero defects cannot be achieved
- Flaws can open networks to intruders
Zero-day vulnerabilities, patches and patch management, vulnerabilities in microprocessors chip design
28
business value of security and control
- Significant or total loss of business functions
Breaches into
- Confidential personal and financial data
- Trade secrets, new products, strategies
Affects a firm's market value almost immediately, liability
29
PIPEDA
Personal information protection and electronic documents act (PIPEDA)
Federal privacy law for private sector organizations
30
PHIPA (ON)
PHIPA (ON) personal health information protection act
- Provincial medical security and privacy rules and procedures
31
FIPPA
Freedom of informations and protection of privacy act (FIPPA)
- Personal right to access records
32
what is personal information?
- Recorded information about you as an individual
- Name, address, sex, age, education and medical or employment history
- Identifying numbers such as a social insurance number
- Your personal views or opinions
- If the context of business → no longer personal
33
electronic evidence
Proper control of data can save time and money when responding to legal discovery request
34
computer forensic
- Scientific collection, examination, authentication, preservation and analysis of data from computer storage media for use as evidence in court of law
- Recovery of ambient data (data not visible to the average user)
35
general controls
- Govern the design, security and use of computer programs and security of data files
- Software controls, hardware controls, computer operations controls, saya security controls, system development controls, administrative controls
36
application controls
- Controls unique to each computerized applications
- Input controls, processing controls, output controls
37
what are the 5+ types of genral control
1. software controls
2. hadware controls
3. computer operations control
4. data security controls
5. implementation controls
6. adminstrative controls
38
software controls
Monitor the use of system software and prevent unauthorized access and use of software programs, systems software and computer programs
39
hardware controls
Ensure that computer hardware is physically secure and check for equipment malfunction organzations are critically dependent on their computers, must make provisions for backup or cotiuned operations to maintain constant service
40
computer operations controls
Oversee the work of the computer department to ensure that programmed procedures are consistently and correctly applied to the storage and processing of data. They include controls over the setup of computer processing jobs and backup and recovery procedures for processing that ends abnormallyy
41
data security controls
Ensure that valuable business data files maintained internally or by an external hosting service are not subject to unauthorized access change, or destruction while they are in use or in storage
42
implementation controls
Audit the systems development process at various points to ensure that the process is properly controlled and managed
43
adminstrative controls
Formalize standards rules procedures and control disciplines to ensure that the organzations general and application control are propelt executed and enforced.
44
risk assement
Determines level of risk to firm if specific activity or process is not properly controlled
- Types of threats
- Probability of occurrence during the year
- Potential losses, value of threat
- Expected annual loss
45
security policy
Ranks information risks, idenitfes security goals and mechinsms for achiening these goals
46
acceptable use policy (AUP)
Defines accetable uses of firms information resources and computing equipment
47
idenity mangement
- Identifying valid users
- Controlling access
48
disaster recovery planning
-Devises plans for restoration of disrupted services
49
business continuty planning
-Focuses on restoring business operations after disaster
50
# ```
```
infromation systems audit
Examinies firms overall security environment as well as controls gonvering indivduals information systems
51
security audits
Review technologies, procedures, documentation, training and personnel
May even simulate disater to test responses
- read team/ blue team
- list and rank control weaknesses and the profitability of occurrence
- assess finical and organzaitonal impact of each threat
52
identity mangement software
- Automates keeping track of all users and privileges
- Authenticates users, protecting identities, controlling access
53
authentication
- The ability to know that a person who he or she cliams to be
- Passwords
54
firewalls
- Combination of hardware and software that prevents unauthorized users from accessing private networks
55
4 firewall screening technologies
- Packet filtering
- Stateful inspection
- Network address translation (NAT)
- Application proxy filtering
56
intrusion detection systems
Monitors hot spots on corporate networks to detect and deter intruders
57
antimalware and antispyware software
- Prevents detect and removes malware including computer viruses, computer worms tojan horses, spyware and adware
- Requires continual updating
58
unified threat management (UTM)
A single secuirty solution and usally a signle security appliance that provides multiple security functions at a single point
59
3 wireless networks
WEP security, WPA2 specifactions, WPA3 specifications
60
WEP security
- Static encryption keys are relatively easy to crack
- Improved if used in conjunction with VPN
61
WPA2 specifactions
- Replaces WEP with stronger standards
- Continually changing longer encryption keys
62
define encryption
Transforming text or data into cipher text that cannot be read by unintended recipients
63
two methods for encryption
1. Secure sockets layer (SSL) and successor transport layer security (RLS)
2. Secure hypertext transfer protocol (S-HTTP)
64
1. symetric encryption
Sender and receiver use signle shared key
65
public key encription
Uses two mathemeaticcaly related keys: public key and private key
- Sender encrypts message with recipients public key
- Recipient decrypts with private key
66
digital certifacte
- data file used to establish the identity of users and electronic assets for protection of online transactions
- Uses a trusted third paty, certification authority (CA) to validate a users identity
- CA verifies users identity stores information in the CA sever which generates encrypted digital certificate containing owner ID information and copy of owners public key
67
blockchain
- Secure transaction database
- Encryption used to verify users and transactions
- Decenterailzed
- Records cannot be changed
- Blockchain has some vulnerabilities requiring attention to security and controls
68
security outsourcing
Managed security service providers (MSSPs)
69
security issues for cloud computing
Responsibility for security resides with company owning the data
Firms must ensure providers provide adequate protection
- Where dats are stores
- Meeting corporate requirements, legal privacy laws
- Segregation of data from other clients
- Audit and security certifications
Service level agreements (SLAs)
70
security issues for mobile
Security policies should include and cover any special
requirements for mobile devices
- Guidelines for use of platforms and applications
Mobile device management tools
- Authorization
- Inventory records
- Control updates
- lockdown/earse lost devices
- Encryption
71
software metrics
objective assessments of systems in form of quantified measurements
72
walkthrough
review of specaction or design document by small group of qualified people
73
debugging
process by which errors are eliminated
