CP3302 – Chap2 – Flashcards
Unlock all answers in this set
Unlock answersquestion
Why is information security a management problem? What can management do that technology cannot?
answer
Management need to perform risk assessments and spend hundreds of thousands of dollars to protect the day to day functioning of the organisation. Technology set policy nor fix issues
question
Why is data the most important asset an organization possesses? What other assets in the organization require protection?
answer
Because data represents the ability to deliver value to its customers, without data the organisation would not be able to carry out its day to day functions.
question
Which management groups are responsible for implementing information security to protect the organizations ability to function?
answer
IT management, Senior Management
question
Has the implementation of networking technology created more or less risk for businesses that use information technology? Why?
answer
It has created more of a risk because information can travel much faster from locations.
question
What is information extortion? Describe how such an attack can cause losses, using an example not found in the text.
answer
Information extortion occurs when an attacker or trusted insider steal information from a computer system and demands compensation for its return or for an agreement not to disclose it.
question
Why do employees constitute one of the greatest threats to information security?
answer
Because they typically have access to sensitive information and have the potential to cause damage or harm to it.
question
What measures can individuals take to protect against shoulder surfing?
answer
- Be aware of who is around you - Limit the number of times you access confidential information - Avoid accessing confidential information while others are present
question
How has the perception of the hacker changed over recent years? What is the profile of a hacker today?
answer
Hacking used to be reserved for knowledgeable people who would pull things apart to see how they worked whereas these days it has a more malicious undertone to it and.
question
What is the difference between a skilled hacker and an unskilled hacker (other then the lack of skill)? How does protection against each differ?
answer
A skilled hacker develops software and code exploits, and masters many technologies like programming, networking protocols and operating systems. An unskilled hacker uses expert written software to exploit a system with little knowledge of how it works.
question
What are the various types of Malware? How do worms differ from viruses? Do Trojan horses carry viruses or worms?
answer
Malware: Torjans, Worms, Viruses, logic bombs, backdoors. Viruses and Worms both replicate but worms are typically standalone programs. A trojan horse may carry either.
question
Why does polymorphism cause greater concern than traditional malware? How does it affect detection?
answer
Because it changes overtime which makes it more difficult to detect
question
What is the most common form of violation of intellectual property? How does an organization protect against it? What agencies protect from it?
answer
Software piracy. Preventions can be licensing with a product key. Key agencies are Software Information Industry Association and Business Software Alliance
question
What are the various types of force majeure? Which type might be of greatest concern to an organization in Las Vegas? Oklahoma City? Miami? Los Angeles?
answer
Force majeure = force of nature LA - dust storms Atlanta - tornados
question
How does technology obsolescence constitute a threat to information security? How can an organization protect against it?
answer
It occurs when technology becomes outdated. Planning is the best way to avoid this by planning to update outdated technology in a timely fashion.
question
What are the 3 types of password attacks? What can a systems administrator do to protect against them?
answer
Cracking, brute force and dictionary attacks. Limit the number of password attempts, enforce a minimum complexity policy for the passwords and don't allow dictionary words in passwords
question
What is the difference between a denial-of-service attack and a distributed denial-of-service attack? Which is potentially more dangerous and devastating? Why?
answer
DOS attacks are a single user sending a large number of connections in an attempt to overwhelm or crash a target server. DDOS is when many users (or many compromised systems) simultaniously perform a DOS attack. The DDOS is more dangerous because ulike a DOS there is no single user you can block and no easy way to overcome it.
question
For a sniffer attack to succeed, what must the attacker do? How can an attacker gain access to a network to use the sniffer system?
answer
The attacker must first gain access to a network to install the sniffer. Usually this is done using social engineering to get into the building to plant a sniffer device.
question
What method does a social engineering hacker use to gain information about a user's login and password? How would this method differ if it were targeted towards an administrator's assistant versus a data-entry clerk?
answer
Most commenly it is done by roleplaying someone else. e.g a maintenance team or a janitor to get a physical access to assets. A data entry clerk may be easily persuaded by mentioning the CEO would get upset, whereas someone higher up would require more convincing.
question
What is a buffer overflow, and how is it used against a Web server?
answer
A buffer overflow occurs when more data is sent than can be receivers buffer can handle - usually resulting in non-buffer application memory being overwritten. Buffer overflow on a webserver may allow an attacker to run executable code on the webserver either manipulating files directly or creating a backdoor for later use.
question
The principle goal of the information security program should be to ________.
answer
Ensure that the systems and their contents stays the same
question
Information Security has more to do with _______ than with _________.
answer
management, technology
question
True or False - Many organisations find that their most valuable asset is their data
answer
True
question
A _______ is an object, person or other entity that represents a constant danger to an asset.
answer
Threat
question
When an unauthorised individual gains access to the information an organisation is trying to protect, that act is categorised as a deliberate act of ______.
answer
Trespass
question
A ______ hacks the public telephone network to make free calls or disrupt services.
answer
Phreaker
question
When an individual steals information from computer system and demands compensation for its return or nondisclosure, that act is categorized as a deliberate acts of ________.
answer
information extortion
question
Attacks on the face of organization (i.e. its Web site), is categorized as a deliberate acts of __________.
answer
sabotage or vandalism
question
________ are software programs that hide their true nature and reveal their designed behavior only when activated.
answer
Trojan horses
question
True or False: Warnings of attacks that are not valid are usually called hoaxes.
answer
True
question
Applying computer and network resources to try exhaustive combinations for access is called a(n) _______ attack.
answer
brute force
question
When a program tries using all commonly used passwords, __________ this is known as a(n) .
answer
dictionary attack
question
When a program tries to reverse-calculate passwords, this is known as a(n) _________ .
answer
password crack
question
Using a known or previously installed access mechanism is called using a _____. a) hidden bomb b) vector c) spoof d) back door
answer
d
question
Unsolicited commercial e-mail is also called _______
answer
spam
question
Another name for TCP hijacking is . a) man-in-the-middle b) mail bombing c) spoong d) denial of service
answer
a