T/F: There is a straightforward and easy solution to securing computers |
FALSE |
T/F: Today, many attack tools are freely available and do not require any technical knowledge to use |
TRUE |
T/F: Attack tools can initiate new attacks without any human participation, thus increasing the speed at which systems |
TRUE |
T/F: Script kiddies typically have advanced knowledge of computers and networks |
FALSE |
T/F: In a well-run information security program, attacks will never get through security perimeters and local defenses |
FALSE |
NOT a factor that contributes to difficulties faced in defending against attacks? |
Enhanced encryption algorithms |
Security |
the goal to be free from danger as well as the process that achieves that freedom |
Where are you most likely to find a PKES system? |
An automobile |
From January 2005 through July 2015 approximately how many electronic data records in the United States were breached, exposing to a range of personal electronic data, such as address, Social Security numbers, health records, and credit card numbers? |
853 million |
How do attackers today make it difficult to distinguish an attack from legitimate traffic? |
by using common Internet protocols |
Security is _____________ convenience. |
inversely proportional to |
Securing information that is in a digital format |
information security |
Ensures that information is correct and no unauthorized person or malicious software has altered it |
Integrity |
Ensures that data is accessible when needed to authorized users? |
Availability |
Information contained on devices is protected by three layers |
products, policies, and application |
type of action that has the potential to cause ham |
threat |
Past term used to refer to a person who uses advanced computer skills to attach computers |
hacker |
Law that requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information |
Gramm-Leach-Bliley Act (GLBA) |
FBI defines this as any "premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents?" |
cyberterrorism |
Involves stealing another person’s personal information such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain |
Identity theft |
Law requiring healthcare enterprises to guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format |
Health Insurance Portability and Accountability Act (HIPAA) |
Person or element that has the power to carry out a threat |
threat agent |
Flaw or weakness that allows a threat agent to bypass security |
vulnerability |
Attacker category might have the objective of retaliation against an employer |
insider |
Terrorists who turn their attacks to the network and computer infrastructure to cause panic among citizens |
cyberterrorists |
steps that ensure that the individual is who he or she claims to be |
authentication |
the process of providing proof of genuineness |
Authentication |
the act of providing permission or approval to technology resources |
confidentiality |
targeted attacks against financial networks, unauthorized access to information, and the theft of personal information |
cybercrime |
automated attack package that can be used without an advanced knowledge of computers |
exploit kit |
stealing another person’s personal information, such as SSN, and then using the information to impersonate the victim – generally for financial gain |
Identity theft |
employees, contractors, and business partners who can be responsible for an attack |
insiders |
security actions that ensure that the information is correct and no unauthorized person or malicious software has altered the data |
Integrity |
the means by which an attack could occur |
threat vector |
T/F: A worm is designed to enter a computer through the network and then take advantage of a vulnerability in an application or an operating system on the host computer |
TRUE |
T/F: Almost all viruses infect a system by inserting themselves into a computer file |
TRUE |
T/F: Malware usually enters a computer system with the user’s knowledge |
FALSE |
T/F: It is recommended that a copy of a data backup be stored at an off-site location |
TRUE |
T/F: Data backups only protect data against computer attacks |
FALSE |
What type of backup is performed continually without any intervention by the user? |
Continuous backup |
What can an attacker use that gives them access to a computer program or service that circumvents normal security protections? |
backdoor |
Which type of malware exploits a vulnerability on one system and then immediately searches for another computer on the network that has the same vulnerability? |
worm |
Botnets can flood a Web server with thousands of requests and overwhelm it to the point that it cannot respond to legitimate requests What is this called? |
denying services |
Which Windows feature provides information to users and obtains their approval before a program can make a change to the computer’s settings? |
User Account Control |
What are the three types of malware that have the primary traits of circulation and/or infection? |
viruses, Trojans, and worms |
An infected robot computer is known as a |
zombie |
Which type of malware self-replicates between computers (from one computer to another)? |
worm |
Which term can be described as a publicly released software security update intended to repair a vulnerability? |
patch |
What type of software update is a cumulative package of all patches and feature updates? |
service pack |
Which type of malware will hide or remove all traces of evidence that may reveal the malware, such as log entries? |
Rootkit |
What type of spyware silently captures and stores each keystroke that a user types on the computer’s keyboard? |
keylogger |
What type of device is inserted between the computer keyboard connection and USB port for the purposes of stealing information? |
keylogger |
AV software on a computer must have its ________________ files regularly updated by downloads from the internet. |
signature |
Which of the following is a program advertised as performing one activity but actually does something else? |
Trojan |
Which type of malware is a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms? |
rootkit |
Which virus detection method creates a virtual environment that simulates the central processing unit (CPU) and memory of the computer? |
code emulation |
What type of malware is typically added to a legitimate program but lies dormant until it is triggered by a specific event? |
logic bomb |
Which of the following is NOT a technology typically used by spyware? |
Disk drive formatting software |
Which of the following is a general term that refers to a wide variety of damaging or annoying software programs? |
Malware |
What type of malware can, for example, locks up a user’s computer and then display a message that purports to come from a law enforcement agency that states the user must pay a fine for illegal activity? |
ransomware |
A software program that delivers advertising content in a manner that is unexpected and unwanted by the user |
adware |
An attacker who controls a botnet |
bot herder |
A logical computer network of zombies under the control of an attacker |
botnet |
Enhancements to the software to provide new or expanded functionality, but do not address security vulnerability |
feature update |
Hardware or software designed to limit the spread of malware |
firewall |
Computer code that lies dormant until it is triggered by a specific logical event |
logic bomb |
A database of viruses that is used to identify an infected file |
signature file |
A malicious program designed to enter a computer via a network |
worm |
An infected computer that is under the remote control of an attacker |
zombie |
T/F: Virtually anyone could type in a person’s username and pretend to be that person |
TRUE |
T/F: Passwords are still considered a strong defense against attackers |
FALSE |
T/F: The weakness of passwords centers on human memory |
TRUE |
T/F: When creating passwords, the most important principle is that length is more important than complexity |
TRUE |
T/F: FACTA grants consumers the right to request one free credit report from each of the three national credit-reporting firms every 12 months |
TRUE |
What type of attack begins with the attacker creating digests of common dictionary words, and then comparing those in a stolen password file? |
dictionary |
Which type of attacks might send an e-mail or display a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information? |
Phishing |
Using which Social engineering principle might an attacker impersonate a CEO of a company? |
Authority |
With which type of social engineering attack are users asked to respond to an email or are directed to a website where they are requested to update personal information, such as passwords or credit card numbers? |
phishing |
Which type of social engineering attack depends on the user incorrectly entering a URL? |
typo squatting |
Whereas phishing involves sending millions of generic e-mail messages to users, which type of similar attack targets only specific users? |
spear phishing |
Which document identifies individuals within the organization who are in positions of authority? |
Organizational charts |
technique might an attacker employ to find documents that may reveal the true level of security within an organization? |
Dumpster diving |
Which of the following involves using someone’s personal information, such as a Social Security number, to fraudulently establish bank or credit card accounts? |
Identity theft |
What popular online activity involves grouping individuals and organizations into clusters or groups based on their likes and interests? |
social networking |
What is the best approach to establishing strong security with passwords? |
Use technology for managing passwords |
Which of the following is described as an attacker who pretends to be from a legitimate research firm who asks for personal information? |
Pretexting |
What type of attack is a false warning, often contained in an email message claiming to come from the information technology (IT) department? |
hoaxes |
What can an attacker use to divert all mail to their post office box so that the victim is never aware that personal information has been stolen? |
change-of-address form |
Which of the following is a characteristic of a weak password? |
used on multiple accounts |
What type of program lets a user create and store multiple strong passwords in a single user database file that is protected by one strong master password? |
password management application |
What law contains rules regarding consumer privacy? |
Fair and Accurate Credit Transactions Act |
HOW often does FACTA grants consumers the right to request one free credit report from each of the three national credit-reporting films? |
every 12 months |
In the US, if a consumer finds a problem on her credit report, she must first send a letter to the credit-reporting agency. Under federal law, how many days does the agency have to investigate and respond to the alleged inaccuracy and issue a corrected report? |
30 |
Which of the following is a numerical measurement used by lenders to assess a consumer’s creditworthiness? |
credit score |
Which type of attacker is most likely to use information you have posted about yourself on a social networking site? |
Identity thief |
The steps that ensure that the individual is who he or she claims to be |
Authentication |
A password attack in which every possible combination of letters, numbers, and characters is used to match passwords in a stolen password file |
Brute force attack |
A password attack that compares common dictionary words against those in a stolen password file |
Dictionary attack |
A secret combination of letters, numbers, and/or symbols that serves to authenticate a user by what he or she knows |
Password |
Viewing information that is entered by another person |
Shoulder surfing |
Grouping individuals and organizations into clusters based on an affiliation |
Social networking |
Redirecting a user to a fictitious website based on a misspelling of the URL |
Typo squatting |
A phishing attack in which the attacker calls the victim on the telephone |
Vishing |
A phishing attack that targets wealthy individuals |
Whaling |
CIA Triad |
Confidentiality Integrity Availability |
Three protections that must be extended over information |
CIA Confidentiality integrity Availability |
AAA |
Authentication Authorization Accounting |
Three protections, in addition to CIA, that must be implemented to secure information |
AAA Authentication Authorization Accounting |
The tasks of securing information that is in a digital format. This digital information is manipulated by a microprocessor (such as on a personal computer), stored on a storage device (like a hard drive or USB flash drive), and transmitted over a network (such as a local area network or the Internet). |
information security |
Information security layers |
Policies and procedures –> People –> Products |
Forms the security around the data. May be as basic as door locks or as complicated as network security equipment. |
Products |
Those who implement and properly use security products to protect data. |
People |
Plans and policies established by an organization to ensure that people correctly use the products. |
Policies and procedures |
An item that has value |
Asset |
type of action that has the potential to cause ham |
Threat |
Person or element that has the power to carry out a threat |
Threat agent | Could be person or event like hurricane |
Flaw or weakness that allows a threat agent to bypass security |
vulnerability |
means by which an attack can occur |
threat vector |
probability of threat coming to fruition |
threat likelihood |
situation that involves exposure to some type of danger |
risk |
will not purchase scooter |
risk avoidance |
buy the scooter knowing there is a chance of it being stolen |
risk acceptance |
complain to the apartment manager about the hole in the fence to have it repaired |
risk mitigation |
appartment post signs that "trespassers will be punished to the full extent of the law" |
risk deterrence |
purchase insurance |
risk transference |
is an attempt to fight corporate corruption. This covers the corporate officers, auditors, and attorneys of publicly traded companies. Stringent reporting requirements and internal controls on electronic financial reporting systems are required. Corporate officers who willfully and knowingly certify a false financial report can be fined up to $5 million and serve 20 years in prison. |
Sarbanes-Oxley Act of 2002 (Sarbox) |
requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information. All electronic and paper data containing personally identifiable financial information must be protected. The penalty for noncompliance for a class of individuals is up to $500,000 |
Gramm-Leach-Bliley Act (GLBA) |
a set of security standards that all companies that process, store, or transmit credit card information must follow. It applies to any organization or merchant, regardless of its size or number of card transactions, that processes transactions either online or in person. The maximum penalty for not complying is $100,000 per month |
Payment Card Industry Data Security Standard (PCI DSS) |
laws typically require businesses to inform residents within a specific period of time (typically 48 hours) if a breach of personal information has or is believed to have occurred. In addition several states have recently strengthened their own security laws. For example, Connecticut requires any organization doing business in the state to "scramble" all sensitive personal data that is being transmitted over a public Internet connection or stored on portable devices like a USB flash drive, and companies must notify any potential victims of a data breach within 90 days of the attack and offer at least one year of identity theft prevention services. Oregon’s law includes protection of an individual’s healthcare information while New Hampshire requires the state’s education department to notify students and teachers if their personal data was possibly stolen |
State notification and security laws |
"premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against noncombatant targets by subnational groups or clandestine agents." |
cyberterrorism |
Anything that can be found and indexed by a search engine |
Surface web |
Content that cannot be found by a search engine but only through a search dialog box on the site |
Deep web |
Information that has been intentionally hidden and cannot be accessed through a standard web browser |
Dark web |
individuals who uncover vulnerabilities that do not report it to the software vendor but sells them to the highest bidder |
Brokers |
modivated by ideology and are not well defined; right a percieved wrong |
Hactivists |
fortune over fame |
Cybercriminals |
thrills, notoriety |
Script Kiddies |
retaliate against employer, shame government |
Insiders |
cause disruption and panic |
Cyberterrorists |
spy on citizens, disrupt foreign government |
State-sponsored attackers |
perimeter wall |
blocking |
some attacks will get through security perimeters and local defenses; taking steps to reduce impact |
minimizing losses |
commonly the first part of identification in the authentication process |
user name |
provide proof of genuineness |
authentication (eg password) |
software that enters a computer system without the user’s knowledge or consent and then performs an unwanted and usually harmful action. |
Malware |
One method of classifying the various types of malware is by using the primary trait that the malware possesses. These traits are: |
circulation, infection, concealment, and payload capabilities |
Three types of malware that have the primary traits of circulation and/or infection |
viruses, worms, Trojans |
basic type of infection where the virus attaches or appends itself to the end of an infected file, then inserts at the beginning of the file a ‘jump’ instruction that points to the end of the file (the beginning of the virus) |
appender infection |
type of appender infection where the malicious code is divided into parts and randomly dispursed within legitimate code |
split infection |
malware whos primary purpose is to spread and uses a computer network to replicate |
worm |
an executable program that masquerades as performing a benign activity but also does something malicious |
Trojan hors or just Trojan (capitalized) |
T/F: Virus infects a files |
TRUE |
T/F: Worms infect files |
FALSE |
Do Trojans infect files? |
IT CAN |
Two types of Malware that depend on user action |
Viruses and Trojans |
a set of software tools used to hide the actions or presence of other types of software, such as Trojans, viruses, or worms |
rootkit |
T/F: One approach used by rootkits is to alter or replace operating system files with modified versions that are specifically designed to ignore malicious evidence. |
TRUE |
T/F: When payload capabilities are the primary emphasis of malware, the focus is on what nefarious action(s) the malware performs |
TRUE |
primary payload capabilities are to |
execute commands, collect data, delete data, modify system security settings, and launch attacks |
the payload that allows an attacker to execute virtually any command on the victim’s computer |
arbitrary code execution |
software that secretly spies on users by collecting information without their consent |
Spyware |
T/F: All spyware is malicious |
FALSE |
Payload types |
execute commands, collect data (spyware/keylogger/adware/ransomware), delete data (logic bomb), modify system security settings (backdoor), and launch attacks (zombie/botnet/bot herder) |
T/F: Zombie computers wait for instructions through a command and control structure (C&C or C2) |
TRUE |
common botnet command and control (C&C) mechanism |
Hypertext Transport Protocol (HTTP), which is the standard protocol for Internet usage |
common botnet attacks |
Spamming, spreading malware, manipulating online polls, denying services |
Windows 10 update features |
Forced updates, no selective updates, continual updates, choices on when to reboot, more efficient distribution, up-to-date resets |
A newer approach to AV which uses a variety of techniques to spot the characteristics of a virus instead of attempting to make matches using a signature file |
dynamic heuristic detection |
One dynamic heuristic detection AV identification technique used is where a "virtual" environment is created that simulates the central processing unit (CPU) and memory of the computer |
code emulation |
two methodologies used to identify virus infected software |
static analysis and dynamic heuristic detection |
T/F: A popup blocker is antispyware |
TRUE |
Types of Windows User Account Control (UAC) user accounts |
Guest account – very few settings can be changed, Standard accounts – designed for everyday computing activities and allows some settings to be modified, administrator account – highest level which provides the most control |
T/F: A scheduled backup is performed intentionally by the user |
TRUE |
SecAware – MidTerm
Share This
Unfinished tasks keep piling up?
Let us complete them for you. Quickly and professionally.
Check Price