IST349 CH 8

¡Supera tus tareas y exámenes ahora con Quizwiz!

What is a distributed denial-of-service (DDoS) attack

The false requests come from many different computers all at the same time. Perpetrators often use thousands of "zombie" PCs infected with malicious software without their owners' knowledge.

Malware

This is a general term that refers to any type of malicious software. This includes various types of threats such as viruses, worms, and Trojan horses

What is an SQL injection attack

This is currently one of the largest malware threats. These attacks take advantage of poorly coded Web application software to introduce malicious code into a company's network. These attacks focus on Web sites where you order items on-line

What are the most important tools and technology for safeguarding information systems

encryption and security measures

Intrusion detection system

feature full-time monitoring tools placed a the most vulnerable points or hot spots of corporate networks to detect and deter intruders continually.

Keylogger

record every keystroke made on a computer to steal serial numbers for software, to launch Internet attacks, etc.

Pharming

redirects users to a bogus website even when the user types in the real name of the website.

Computer forensics

scientific collection, examination, authorization, preservation, and analysis of data held on or retrived from computer storage media so it can be used in a court of law

Phishing

setting up a fake web site or sending an email that looks like it comes from a real business and asking for personal data

Network servers are prone to attacks called denial-of-Service Attack. Explain this kind of attack

A network server is flooded with many false requests for service so that the server can't respond to legitimate requests

What are three things one can do to protect a computer that is connected to the Internet?

A. Antivirus software B. Firewall C. Keep OS up-to-date by applying updates provided by the software vendor

What is war driving? Is it illegal

Eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic.

What is risk assessment and risk analysis

Risk assessment determines the level of risk to company resources if a specific activity is not properly controlled. See Table 8.5. Example: Power failure has 30% chance of occurring with an expected annual loss of $30,000

What is cyberwarfare

State-sponsored activity designed to cripple another state by penetrating its computer networks to cause damage and/or disruption

Why are wireless network connections so prone to attacks? What can be done to make them more secure?

Users may not remember to enable encryption. WEP encryption is easily broken Newer encryption (WPA2) is more secure

Viruses, worms, and Trojan horses are all examples of malware. How do they differ

Virus - program that attaches itself to other programs or data files without the knowledge of the user. The virus can be benign or may be highly destructive. Worms - independent computer programs that copy themselves automatically from one computer to another over a network. They do not need another program to attach to in order to spread from computer to computer. Trojan horse - program that appears to be benign but does something other than what is expected.

Security policy

consists of statements ranking info risks, identifying acceptable security goals, and identifying the mechanisms for achieving theses goals.

Risk assessment

determines the risk to a firm if a specific action is not properly controlled


Conjuntos de estudio relacionados

PSY285 ch6 Learning Check Questions + exercises (FINISH EXERCISES)

View Set

EXAM 3-Principles of Radiographic Imaging

View Set

Maryland life and health insurance

View Set

bstrandable NCLEX Miscellaneous 9

View Set

solving quadratic equations: zero product property

View Set

Sociology Final: Chapter 8, Race and Ethnicity

View Set

english exam: literature and "Inn of Lost Time"

View Set