Module 1 - Information Security Basics

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Types of malware

- spyware - keylogger - Trojan horse - trap door - packet sniffer - virus - worm -adware -rootkits

Information security is important because:

1. Most of the world's valuable information is stored on computer systems. 2. The Internet has created a high degree of connectivity.

Hacker:

1. a person trained to find weaknesses in a computer or computer network and exploit them. 2. a person who refers to someone with advanced understanding of computers and networks who misuses their talents and is motivated by a multitude of reasons, such as profit, political activism, or challenge.

Data Breach:

A data breach occurs when unauthorized users gain access to private or confidential data.

Spoofing Attack

A false website with a login prompt has you enter your credentials. You get a login error but the attacker obtains your username and password.

Control/Mitigation

A measure put in place to mitigate risk. Example of mitigation/controls include: * Wireless device control *Incident response capability * Data back-up * Anti-malware defenses

eavesdropping attack

A network attack that uses special monitoring software to gain access to private communications on the network wire or across a wireless network. Also known as a sniffing attack.

Trojan

A piece of malicious software hidden inside a seemingly legitimate program or file that performs an activity without the user's knowledge. Trojans may erase data, corrupt files, or allow remote access to a computer.

Keylogger malware

A program that records every key struck on a keyboard and sends that information to an attacker.

Man-in-the-middle

A security attack in which network communication is intercepted in an attempt to obtain key data

penetration testing

A test by an outsider to actually exploit any weaknesses in systems that are vulnerable. hired by the organization.

Vulnerability

A weakness that can be exploited by one or more threats.

An interruption attack is an example of a(n) _____________attack

Active

___________ is a goal of attackers that seeks to directly defeat the information security goal of integrity.

Alteration

Interruption Attack

An attack on availability. This occurs when an attacker makes and asset unavailable or unstable.

Cross-Site Scripting (XSS)

An attack that injects scripts into a Web application server to direct attacks at clients.

Passive attack

An attempt to learn or make use of information from the system that does not affect system resources Goal: obtain Information * Hard to detect *Can occur over a long time *Example: Interception attack.

DNS cache poisoning

An exploit in which the DNS database is changed in such as way that a URL no longer connects to the correct Web site

Cracker

An individual who modifies software to remove or disable features usually related to software protection methods. Also refers to a black hat hacker- one who hacks for malicious purpose as opposed to white hat hackers who perform security research and penetration testing.

Attack

Any attempt to destroy, expose, alter, disable, steal or gain unauthorized access or use of an information technology asset.

Threat

Any circumstance or event with the potential to adversely impact an information system through unauthorized access, destruction, disclosure, modification of data, and/or denial of service.

An ________ is the result when a vulnerability has been exploited.

Attack

Dictionary attack

Attempt to break a password by trying all possible words.

Three principles of Information security are:

Confidentiality Integrity Availability

A _______________ is any tool that helps prevent or mitigate an attack.

Control

When authorized users and systems are unable to access a particular asset, this is known as a _________of service attack.

Denial

________________ is a goal of attackers that seeks to directly defeat the information security goal of confidentiality.

Disclosure

DAD Triad

Disclosure, Alteration, and Denial

A(n) _______________ attack occurs when an unauthorized party inserts a counterfeit object into a system.

Fabrication

"Script Kiddies"

Individuals who want to attack computers yet they lack the knowledge of computers and networks needed to do so.

A(n) __________________ attack occurs when an attacker makes an asset unavailable or unusable.

Interruption

Spyware

Malware designed to collect information about users without their knowledge. Spyware is typically installed without the user's knowledge.

Rootkits

Malware designed to hide the existence of certain processes or programs and use administrator access to maintain access to the computer without detection.

Keylogger attack

Malware such as a Trojan records keystrokes and sends data back to the attacker to find out passwords and other information.

Virus

Malware that replicates once activated through an action performed by a user. Viruses may corrupt or modify files.

A(n) ________________ attack occurs when an attacker gain access to an asset and changes it.

Modification

You manage the records system for a major university. Your primary area of responsibility is academic records (i.e. grades and transcripts). You do not have enough resources to defend against every possible type of attack, meaning that you must prioritize your defenses. Which of the four broad categories of attack would you be most likely to make your lowest priority? Select one: a. Fabrication b. Interception c. Interruption d. Modification

Not interruption

Fabrication attack

Occurs when an unauthorized party inserts a counterfeit object into a system. (attack on authenticity) Pirated copies of songs

An interception attack is an example of a(n) ___________attack

Passive

graphical passwords

Passwords that use graphics as part of the authentication mechanism. Also called CAPTCHA passwords.

ethical hacking

Planned attempts to penetrate the security defenses of a system in order to identify vulnerabilities not contracted by the company but meaning no harm.

HOIC (High Orbit Internet Cannon) and LOIC (Low Orbit Internet Cannon)

Pre-made delivery mechanisms that implement attacks. Making amateurs able to attack. (use zombie botnet computers)

Motive

Reason for carrying out the attack.

Malware

Short for malicious software used to interrupt computer operations, gain unauthorized access to computer systems or gather sensitive information.

SCADA (Supervisory Control and Data Acquisition or ICS (Industrial Control Systems)

Standards for industrial environments that are controlled by strictly mechanical means.

Social Engineering

The act of tricking someone into revealing information they wouldn't normally reveal, such as usernames and passwords or information that cold be used to guess their username and/or password.

Threat agent

The person who carries out an attack, sometimes referred to as a threat source.

Information Security

The practice of ensuring we have control over who, what, when, where, and how our information is accessed and modified.

Risk

The probability that a vulnerability will be exploited by a threat.

Opportunity

The target system must be available to the attacker if he is to conduct his attack.

single sign-on (SSO)

Using one authentication credential to access multiple accounts or applications.

Resetting/Recovery Attack

Using social engineering techniques they gather enough personal information to successfully go through the password reset process. This would give them access to your account and lock you out.

A _____________ is a system defect that leaves the system open to an attack.

Vulnerability

Exploit:

a method or software program designed to take advantage of a vulnerability.

back-door

a program or set of instructions in a program that allows users to bypass security controls when accessing a program, computer, or network

two-factor authentication (2FA)

a security process that requires two means of identification from separate categories of credentials; usually one form of identification is a physical token (a credit card) while the other is memorized (a PIN)

Spoofing

a technique intruders use to make their network or internet transmission appear legitimate to a victim computer or network

What is the difference between a virus and a Trojan? Select one: a. A virus infects a system secretly; a Trojan tricks the user into downloading it b. A Trojan infects a system secretly; a virus tricks the user into downloading it by masquerading as something desirable like a game or a screensaver c. A virus appears to be something desirable, such as a game or funny joke d. None of the above

a. A virus infects a system secretly; a Trojan tricks the user into downloading it

What is a control? Select one: a. Any countermeasure that prevents a vulnerability from being exploited b. Actions taken by an individual to exploit a vulnerability and gain root access to a machine c. A weakness that has already been exploited by a hacker d. A weakness that can potentially be exploited by a hacker

a. Any countermeasure that prevents a vulnerability from being exploited

In regard to information security, what is availability? Select one: a. Ensuring a resource is accessible to authorized users b. Data is hidden from unauthorized users c. The condition of the contents of the object d. Ensuring users only use an asset or object in the manner it was intended

a. Ensuring a resource is accessible to authorized users

Which of the following is an example of a case where alteration is a more tempting form of attack than disclosure? Select one: a. Financial data used by analysts to make decisions b. Subscription-based website c. The public telephone system d. Current weather forecasts

a. Financial data used by analysts to make decisions

A subordinate becomes angry with his supervisor. He want to sabotage the supervisor's work, but does not wish to get caught or leave the company. So, he decides to secretly modify some of the supervisor's files, causing the supervisor to make work decisions based on faulty information. This is an example of what type of attack? Select one: a. Modification b. Interruption c. Interception d. Fabrication

a. Modification

Which of the following are examples of a case in which disclosure is a more tempting form of attack than alteration? Select one: a. Schematics for a new type of military vehicle b. Medical records c. Financial data that is used by analysts to make decisions d. All of the above

a. Schematics for a new type of military vehicle

Active attacks

an actual attack against a targeted system to either gain complete control over that system or enough control to cause certain threats to be realized Goal: Tangible impact *Easier to detect *One-time event *Example: Interruption, Modification or Fabrication attacks

Interception attack

an attacker gains unauthorized access to an asset. (difficult to detect) examples: eavesdropping, link monitoring, packet capturing.

Modification Attacks

an unauthorized party gains access to an asset and tampers with it. (attack on integrity)

Personally Identifiable Information (PII)

any piece of information that when used either alone or in combination with other pieces can positively identify one single person. Examples: 1. Social security number 2. Credit Card Number 3. Marriage License

Adware

any software program that automatically displays advertisements. The goal of the adware is to generate revenue for its author. Some adware may include spyware such as keyloggers and other privacy-invasive software.

Hybrid Attack

attackers target passwords made of words from the dictionary followed by a letter or a number. (brute force + dictionary attacks)

Regarding information assurance, what is a control? Select one: a. A vulnerability that has been exploited b. A defensive measure to counteract a threat c. A known exploit for a vulnerability d. A vulnerability that has not yet been exploited

b. A defensive measure to counteract a threat

A typographical error, although not malicious, is a failure to ensure integrity and would be considered an example of . Select one: a. Damage b. Alteration c. Disclosure d. Denial

b. Alteration

Confidentiality refers to: a. Ensuring that information resources are accessible when needed. b. Data is hidden from those that are not supposed to see it. c. The trustworthiness of information resources D. An attack on a vulnerable asset

b. Data is hidden from those that are not supposed to see it.

Information security is: a. the practice of ensuring only the confidentiality and integrity of information resources. b. Ensuring control over who, when, where, and how information is accessed and modified. c. The practice of exploiting a vulnerability in information resources. d. The practice of ensuring information resources are

b. Ensuring control over who, when, where, and how information is accessed and modified.

Availability refers to: a. Limiting information resources to only those who need them. b. Ensuring information resources are accessible when needed. c. The trustworthiness of information resources. d. An attack on a vunerable asset.

b. Ensuring information resources are accessible when needed.

Does an attacker require full access to an asset for a modification attack to succeed? Select one: a. Yes b. No c. Sometimes d. It depends on the asset

b. No

Integrity refers to: a. An attack on a vulnerable asset b. The trustworthiness of information resources. c. Data is hidden from those that are not supposed to see it. d. ensuring that information resources are accessible when needed.

b. The trustworthiness of information resources.

black hat hackers

breaking the systems to destroy information or for illegal gain

Which of the following is not a category of attacker? Select one: a. Crackers/hackers b. Professional/Career Criminals c. Administrators d. Amateurs

c. Administrators

You designed the computer systems in your organization so that everything requires a username and password. An attacker who has targeted your organization realizes this and adjusts his/her strategy accordingly. Which of the following methods of attack is an attacker most likely to use? Select one: a. Physically show up on-site and attempt to explore the building until finding someone who has carelessly taped his/her username and password to their monitor b. Write a computer program to try every combination of letters and numbers until a usable username and password is found c. Call the IT helpdesk and pretend to be someone who has lost their password, causing the helpdesk to reset their account with a blank or default password d. Attempt to guess usernames and passwords at random

c. Call the IT helpdesk and pretend to be someone who has lost their password, causing the helpdesk to reset their account with a blank or default password

An employee is angry with his boss and wants to sabotage the company. To accomplish this he secretly changes some of the values in his boss's copy of the quarterly report. His boss then reads this false data and makes decisions based on this fraudulent information. In this instance, what quality of information security has been damaged? Select one: a. Confidentiality loss b. Availability loss c. Integrity loss d. Access loss

c. Integrity loss

Which of the following is an example of an attack? Select one: a. Your wireless network not having any form of encryption b. Your email password being insecure and widely known c. Your screensaver not being password protected d. An unauthorized person using your wireless network for access to sensitive information

d. An unauthorized person using your wireless network for access to sensitive information

A(n) is the result of a vulnerability being exploited. Select one: a. Disclosure b. Virus c. Proxy d. Attack

d. Attack

The process of revealing confidential information is known as: Select one: a. Alteration b. Integrity c. Denial d. Disclosure

d. Disclosure

The revealing of corporate espionage is what type of component of the DAD triad? Select one: a. Alteration b. Damage c. Denial d. Disclosure

d. Disclosure

What type of attack occurs when an attacker inserts a forged record into a database? Select one: a. Modification b. Alteration c. Interruption d. Fabrication

d. Fabrication

Which of the following is not an item that an attacker must have before a successful attack can be carried out? Select one: a. Opportunity b. Motive c. Method d. Credibility

d. credibility

white hat hackers

ethical hackers that break into the systems for non malicious reasons such as to test the system security vulnerabilities or to expose undisclosed weaknesses

Internet of Things or Embedded Device

everyday electronic devices connected to the Internet.

Career criminals

have a high degree of technical sophistication and experience.

Amateurs

individuals who have no real experience or training in cyber attacks.

shoulder surfing attack

is a non-technical attack that occurs when some watches you type in your username and password.

What aspect of security is most impacted when someone forges an e-mail? Select one: a. Integrity b. Confidentiality c. Availability d. Disclosure

not confidentiality

Eavesdropping

observing network traffic flow between computers.

Denial

occurs when authorized users and systems are unable to access a particular asset.

DNS Attacks (Domain Name Service)

redirect users from legitimate website to malicious websites.

Hacker

skilled individual that use technical skills to find weaknesses in computers or computer networks and exploit them.

brute force attack

the password cracker tries every possible combination of characters

Method

the set of specific skills, knowledge and resources required for a particular attack, including the technical expertise to successfully complete the attack.

Access Control

type of control accomplished through authentication. (Password, Key, Fingerprints)

corporate espionage

unauthorized access of corporate information, usually to the benefit of a competitor

biometric authentication

uses personal physical characteristics such as fingerprints, facial features, and retinal scans to authenticate users

Alteration

when data is added, modified, or removed without proper authorization.

Disclosure

whenever information that is intended to be confidential is accessed by unauthorized people/systems.


Kaugnay na mga set ng pag-aaral

Test 1 ~ Bio 110 Intro to Cells and Atoms ~ Homework 2

View Set

States and Changes of Matter Unit Test

View Set

Reglas Para EL Uso De La C, S. Z, y X.

View Set

chap 25, exercise and thermal stress

View Set