Information Systems Security Midterm Review

¡Supera tus tareas y exámenes ahora con Quizwiz!

List and describe the steps in the Risk Management Process.

1. Asset identification 2. Identify threats 3. Identify vulnerabilities 4. Assess risks 5. Determine countermeasures

Describe Advanced Persistent Threat.

Advanced Persistent Threat is an attacker who has sophisticated tools and expertise to perform different forms of attacks in order to gain access to a system and remain in the system undetected for as long as possible

What is an example of Personal Identifiable Information (PII)

Any data that can potentially be used to identify a particular person- social security number, driver's license number, bank account number

List at strategies for controlling risk.

Apply safeguards (Avoidance) Transfer the risk (Transference) Reduce impact (Mitigation) Understand consequences and accept risk (Acceptance)

What are the objectives of emergency actions taken at the beginning stage of a disaster? Preventing injuries, loss of life, and ...

Business Continuity and Disaster Recovery Planning

The ____ is the individual primarily responsible for the assessment, management, and implementation of information security in the organization.

CISO (Chief Information Security Officer)

In a computer forensics investigation, what describes the route that evidence takes from the time you find it until the case is closed or goes to court?

Chain of custody

What are the three components of the C.I.A. triad? What are they used for?

Confidentiality, Integrity, Availability

Describe defense in depth

Defense in depth is an information assurance concept where multiple layers of security controls are placed throughout an information technology system

__________ plans usually include all preparations for the recovery process, strategies to limit losses during the disaster, and detailed steps to follow when the smoke clears, the dust settles, or the flood waters recede.

Disaster recovery (DR)

In a ____________________ attack, the attacker sends a large number of connection or information requests to disrupt a target from a small number of sources.

Distributed denial of service

Why are employees one of the greatest threats to information security?

Employee mistakes can to the revelation of classified data, entry of erroneous data, accidental deletion or modification of data, storage of data

True/False Digital evidence is not volatile.

F

True/False The Health Insurance Portability and Accountability Act of 1996 requires government agencies to identify sensitive systems, conduct computer security training, and develop computer security plans.

F

True/False: When electronic information is stolen, the crime is readily apparent.

F

True/False:A worm requires that another program is running before it can begin functioning.

F

A(n) ____________________ site is a fully configured computer facility with all services, communications links, and physical plant operations provided, including heating and air conditioning.

Hot

Describer insider threat.

Insider threat is when a member of an organization or an employee uses his or her access as a member of the organization to attack the specific organization

The _____________________ drastically changed security because information became accessible from external sources.

Internet

Why is the Energy Sector a uniquely critical infrastructure?

It is a uniquely critical infrastructure because it provides an "enabling function" across all critical infrastructure sectors

Why is "think like an adversary" an important security strategy?

It is important to "think like an adversary" to understand the technological capabilities, unconventional perspectives, and strategic reasoning of hackers. You need to know yourself and your enemy (attackers) to understand how they think and develop the same skills (or better) that they have in order to keep yourself, your organization, and nation safe

In the ____________________ attack, an attacker monitors (or sniffs) packets from the network, modifies them, and inserts them back into the network.

Man-in-the middle

The redirection of legitimate user Web traffic to illegitimate Web sites with the intent to collect personal information is known as __________.

Pharming

What country implemented a multi-layered attack against the US power system in 2017?

Russia

In the context of information security, ____________________ is the process of using social skills to convince people to reveal access credentials or other valuable information to the attacker.

Social engineering

True/False A firewall can be configured to disallow certain types of incoming traffic that may be attacking.

T

True/False Blocking ICMP packets may help prevent denial-of-service attacks.

T

True/False Frequently the first responder to a computer crime is the network administrator.

T

True/False In the attack on the US Power grid in 2017, malware was planted, fake resumes with tainted attachments were used.

T

True/False Malware is a generic term for software that has a malicious purpose

T

True/False Most computer criminals are not really "criminals".

T

True/False Power grids are a major target for foreign actors.

T

True/False: A worm may be able to deposit copies of itself onto all Web servers that the infected system can reach, so that users who subsequently visit those sites become infected.

T

True/False: As an organization grows, it must often use more robust technology to replace the security technologies it may have outgrown

T

True/False: Confidentiality ensures that only those with the rights and privileges to access information are able to do so.

T

True/False: During the early years of computing, the primary threats to security were physical theft of equipment, espionage against the products of the systems, and sabotage.

T

True/False: One form of e-mail attack that is also a DoS attack is called a mail bomb, in which an attacker overwhelms the receiver with excessive quantities of e-mail.

T

True/False: Risk control is the application of controls that reduce the risks to an organization's information assets to an acceptable level

T

True/False: To achieve balance—that is, to operate an information system that satisfies the user and the security professional—the security level must allow reasonable access, yet protect against threats.

T

True/False: To determine if the risk to an information asset is acceptable or not, you estimate the expected loss the organization will incur if the risk is exploited.

T

True/False:In the early years of computing, if security was addressed at all, it dealt only with the physical security of the computers themselves and not the data or connections between the computers.

T

____________________ are malware programs that hide their true nature and reveal their designed behavior only when activated.

Trojan horses

What is the difference between vulnerability and exposure?

Vulnerability- a fault within the system such as software package flaws, unlocked doors, unprotected system port -leaves things open to an attack or damage Exposure- a single instance when a system is open to damage. Vulnerabilities can in turn be the cause of exposure

An organizational resource that is being protected is sometimes logical, such as a Web site, software information, or data. Sometimes the resource is physical, such as a person, computer system, hardware, or other tangible object. Either way, the resource is known as a(n) ___________.

asset

The first phase of risk management is _________.

asset identification

____________________ enables authorized users—people or computer systems—to access information

availability

If you use public WIFI and someone gets your email password and logs into your email. That individual is a ________________________ Hacker

black hat

These individuals hack for malicious reasons or personal gain. They do not have permission from the entity.

black hat hacker

Of the various types of mitigation plans, the ____________________ plan is the most strategic and long-term, as it focuses on the steps to ensure the continuation of the organization

business continuity plan (BCP)

Give examples of critical infrastructure systems

chemical sector, communications sector, commercial facilities sector, dams sector, dams sector

A ____ site provides only rudimentary services and facilities.

cold

When unauthorized individuals or systems can view information ________ is breached.

confidentiality

_____________ is the premeditated, politically motivated attacks against information, computer systems, computer programs, and data that result in violence against noncombatant targets by subnational groups or clandestine agents.

cyber-terrorism

Human error or failure often can be prevented with training, ongoing awareness activities, and ____________________.

education

Computer security is generally considered to be the responsibility of...?

everyone in the organization

A technique used to compromise a system is known as a(n) ___________.

exploit

Computer ____________________ is the process of collecting, analyzing, and preserving computer-related evidence.

forensics

These individuals hack without permission but not for malicious reasons.

grey hat hacker

One form of online vandalism is ____________________ operations, which interfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency

hacktivist

A(n) _____________ system is the entire set of people, procedures, and technology that enable business to use information.

hardware

____________ is the physical technology that houses and executes the software, stores and transports the data, and provides interfaces for the entry and removal of information from the system

hardware

The __________ plan specifies the actions an organization can and should take while an adverse event is in progress. An adverse event could result in loss of an information asset or assets, but it does not currently threaten the viability of the entire organization.

incident response (IR)

Information has ____________________ when it is whole, complete, and uncorrupted

integrity

The ____________ virus infects the key operating system files located in a computer's start-up sector.

macro virus

Risk _________ is the application of security mechanisms to reduce the risks to an organization's data and information systems.

management

The most valuable organizational asset is ____________.

people

The weakest link in a security chain is:

people

One of the first components of risk identification is identification, inventory, and categorization of assets. List at different types of assets.

people, data and information, procedures

The protection of tangible items, objects, or areas from unauthorized access and misuse is known as ___________.

physical security

A(n) ____________ threat is one that over time changes the way it appears to antivirus software programs, making it undetectable by techniques that look for preconfigured signatures

polymorphic

A type of malicious code that takes control of the information on a system and demands payment to release it is called ______________ Some attackers will encrypt the data on the system and demand money to decrypt it.

ransomware

A single loss ____________________ is the calculation of the value associated with the most likely loss from an attack.

risk assessment

____________________ involves three major undertakings: risk identification, risk assessment, and risk control.

risk management

A _________ assigns a status level to employees to designate the maximum level of classified data they may access.

security clearance

is used in public or semi-public settings when individuals gather information they are not authorized to have by looking over another individual's shoulder or viewing the information from a distance.

shoulder surfing

A device (or a software program on a computer) that can monitor data traveling on a network is known as a _________ sniffer.

socket

____ is any technology that aids in gathering information about a person or organization without their knowledge.

spyware

When organizations adopt security measures for a legal defense, they may need to show that they have done what any prudent organization would do in similar circumstances. This is referred to as __________.

standards of due care

Any event or circumstance that has the potential to adversely affect operations and assets is known as a(n) _________.

threat

Of various approaches to information security implementation, the ___________ approach has a higher probability of success.

top-down

A potential weakness in an asset or its defensive control system(s) is known as a(n) _________.

vulnerability

An organization may hire a ________ hacker to find all the vulnerabilities in their system so that it can be patched before someone takes advantage of it

white hat

A(n) ____________________ is a malicious program that replicates itself constantly without requiring another program environment.

worm


Conjuntos de estudio relacionados

11. 2 Designing the Business Model

View Set

4 - Peritoneum and Upper Abdominal

View Set

ACC 202 Exam 2 Break-Out Questions

View Set

Mucosa cells: Function and location

View Set

Chapter 4: Cell Injury, Aging, and Death

View Set

Assessment- Intelligence, Achievement, Aptitude

View Set