ITF Block 5 Unit 1 Review
a mail gateway can be set up to scan and filter out problematic ______, ______ and ______.
file extensions, viruses, spam
file infections operate in memory and infect what kinds of files?
file infector virus
a ______ restricts data communication traffic to and from the network it's connected to.
firewall
viruses are written by people with intent to do what?
harm
define elevation of privilege
allowing someone to do something they are not authorized to do
______ software is your system's protection against viruses
anti-virus
the purpose of social engineering can be ______, ______ or ______
information gathering, fraud, system access
what kind of threat has authorization to access a system but uses it in a way that is not approved by the party that granted authorization?
inside attack
attacks can be characterized according to ______, ______ and ______
intent, point of initiation, and method of delivery
a computer network attack is an ______ act by which an ______ threat attempts to evade security services and violate the security policy of a system.
intentional, intelligent
______ is a specific form of spear phishing targeted at high-value targets.
whaling
______ attack occur when more requests are sent to a machine (host) than it can handle
Denial of Service (DoS) attacks
what type of attack involves multiple computers sending requests, usually performed through a botnet?
Distributed Denial of Service (DDoS)
______ leads a user to perform some action to trigger a trap, such as installing malware or leaving an infected flash drive in public space?
baiting
a ______ is an aggregation of compromised computers, turning them into ______ to be used by attackers
botnet, robots
define repudiation
claiming you didn't do something or were not responsible; can be honest or false
the destructive behavior where the attacker deletes files is known as ______
data destruction
the destructive behavior where the attacker changes entries in records is known as ______
data diddling
the two types of destructive behavior are ______ and ______
data diddling, data destruction
attackers may target one or multiple system resources. name three.
data, services, processing power
steps of the response phase of an attack may include items such as what? (name three)
define the attack, inform users of the attacks contain the intrusion
a threat in any circumstance or event with the potential to adversely affect a system through unauthorized access, ______, ______, modification of ______, or denial of ______.
destruction, disclosure, data, service
______ determine whether or not someone attempted to break into a system, if they were successful, and what they may have done.
detection measures
countermeasures against social engineering include what four techniques?
don't open emails and attachments from suspicious sources, use multifactor authentication, use antivirus/malware, and use good judgement
one of the most common methods of spreading a virus is through ______ services.
malware's most common pathways from criminals to users is through what two methods?
email and the world wide web
define denial of service
exhausting resources needed to provide service
granting either physical or virtual access to an organization's information systems, software code or intellectual property can leave these vulnerable to what?
exploration through malicious actions or carelessness
______ is software designed to infiltrate or damage a computer system without the owner's informed consent
malware
a third party in a supply chain is a ______ or ______ individual or company that provides a product or a ______ in support of the primary objectives of an organization
middleman, subcontracted, service
define tampering
modifying something on disk, network, memory, or elsewhere
administrators should check what daily for signs of security compromise?
monitor logs
worms can replicate themselves through specific ______, opening e-mail messages, and flash drives. they may not require user activation.
network protocols
some measures that can be done to reduce the risk of being stung by a DoS attack include what?
not running your visible-to-the-world servers at a level close to capacity, packet filtering to prevent obviously forged packets from entering into your network address space, security-related patches for hosts' operating system
______ techniques attempt to acquire sensitive data, such as bank account numbers, passwords, email accounts, etc. through fraudulent solicitations via email, text messages, websites.
phishing
define spoofing
pretending to be something or someone other than yourself
this training informs users of common pitfalls that can cause system vulnerabilities and what they can do to mitigate them.
user awareness
anti-virus programs inspect the contents of each file, searching for specific patterns that match a malicious profile- called a ______
virus signature
define information disclosure
providing information to someone not authorized to access it
what device/service provides security, privacy and web filtering?
proxy server
when ordering new hardware or software from a vendor, it is good cyber security practice to ask many ______ prior to making any ______
questions, agreements
routine ______ results identifies hosts that are vulnerable to attacks.
scanning
ensuring the third party is ______ data is an important prerequisite when considering cloud computing.
securing
______ ______ involves psychological manipulation of people into divulging confidential information or performing other actions beneficial to an attacker.
social engineering
malicious code is ______ or ______ that is written to intentionally cause undesired effects, security breaches or damage to a system.
software, scripting
______ phishing is a type of phishing that targets a specific individual, utilizing messaging that appeals to that person.
spear
anti-spyware prevents ______ from collecting information about the user.
spyware
anyone in an organization responding to an incident should follow the organization's ______
standard operating procedures
a ______ consists of an entity or multiple entities, such as governments, corporations or small businesses, coordinating to get a product or products to a final destination.
supply chain
a ______ is a flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy.
vulnerability
patching is the process of repairing a ______ or a ______ that is identified after the release of an application or a software.
vulnerability, flaw
list four common symptoms of computer virus infection.
the computer will not boot, the data is corrupted, a partition is lost, programs randomly open and close
the first type, called a "boot-sector virus" resides where?
the first sector of a disk or Universal Serial Bus (USB) drive
viruses are classified into two categories, based on how they propagate themselves:
the nature of their behavior
______ available in the underground community make DoS attacks an easy process.
toolkits
social engineering is a non-technical or low-technology confidence trick involving ______ or fraud
trickery
______ ______ attacks allow access to some resources that your machine should not provide to the attacker
unauthorized access
executing commands illicitly occurs when a/an ______ and ______ person executed commands on a server
unknown, un-trusted