AIS Chapter 3 Review
What are the risks from subversive threats?
IP Spoofing? Denial of Service Attack?
How does public key encryption work
Public key encryption uses two different keys: one for encoding messages and the other for decoding them. Each recipient has a private key that is kept secret and a public key that is published. The sender uses the receiver's public key to encrypt. The receiver uses their private key to decode the message
Describe the elements of an email address
USERNAME@DOMAINNAME ?
A malicious program that attaches to another legitimate program but does NOT replicate itself is called a a. virus. b. worm. c. Trojan horse. d. logic bomb.
d.
What is a CA, and what are the implications for the accounting profession?
A CA is a certification authority, which is a trusted third party that issues digital certificates. ???
What are the most common forms of contra-security behavior
- Forgetting passwords and being locked out of the system - Failing to change passwords on a frequent basis - The post-it syndrome whereby passwords are written down and displayed for others to see - Simplistic passwords that a criminal easily anticipates
What are the three main tasks the operating system performs?
1. It translates high-level languages, such as Java, C++, BASIC, and SQL, into the machine-level language that the computer can execute. 2. The operating system allocates computer resources to users, workgroups, and applications 3. The operating system manages the tasks of job scheduling and multiprogramming
At what three points in an EDI transaction and validation process can authorization and validation be accomplished?
1. Some VANs have the capability of validating passwords and user ID codes for the vendor by matching these against a valid customer file. The VAN rejects any unauthorized trading partner transactions before they reach the vendor system 2. Before being converted, the translation software can validate the trading partner's ID and password against a validation file in the firm's database 3. Before processing, the trading partner's application software references the valid customer and vendor files to validate the transaction
What are the five control objectives of an operating system?
1. The operating system must protect itself from users 2. The operating system must protect users from each other 3. The operating system must protect users from themselves 4. The operating system must be protected from itself 5. The operating system must be protected from its environment
Name the three types of addresses used on the Internet
1. email addresses 2. website URL addresses 3. internet protocol (IP) addresses
What are the four techniques that a virus could use to infect a system?
1. the virus can attach itself to a .COM or .EXE program file, misleading the users who may execute the program 2. The virus can take the guide of an .OVL program file 3. The virus will install itself in the boot sector of the disk, corrupting the system files 4. It can get inside a system application like a device driver program, making it difficult to diagnose the presence of a virus
What can be done to defeat a DDoS attack
A countermeasure to DDoS attacks are intrusion prevention systems that employ deep packet inspections to determine when an attack is in progress
What is a digital certificate? How is it different from a digital signature?
A digital certificate verifies a sender's identity, and is used in conjunction with a public key encryption system to authenticate the sender of a message A digital SIGNATURE proves that a message received was not tampered during transmission, a CERTIFICATE verifies that the sender is who they claim to be
What is a digital signature
A digital signature is electronic authentication that cannot be forged, ensuring that the message that the sender transmitted was not tampered with after the signature was applied
What is a firewall?
A firewall is a system of software and hardware that prevents unauthorized access to or from a private network Implemented to prevent unauthorized users and hackers from accessing private networks that are connected to the Internet
What is a VPN?
A virtual private network is a private network within a public network.
Categorize each of the following as either an equipment failure control or an unauthorized access control a. message authentication b. parity check c. callback device d. echo check e. line error f. data encryption g. request-response technique
A. unauthorized access control B. equipment failure control C. unauthorized access control ???
What is the purpose of an access control list?
An access control list is assigned to each IT resource which controls access to the resources. The purpose is to determine who is allowed to access a certain resource and grant access or not based on that
What is an access token?
An access token contains key information about the user, including user ID, password, user group, and privileges granted to the user. This info is used to approve all actions the user attempts during the session
What is DPI?
Deep packet inspection, which uses analytical and statistical techniques to evaluate the contents of message packets to prevent DDoS attacks
What are the risks from equipment failure?
Equipment failure can disrupt, destroy, or corrupt transmissions between senders and receives. It can result in the loss of databases and programs stored on network services.
What does the HTTP do
HTTP controls Web browsers that access the Web.
How do HTTP and HTTP-NG differ
HTTP-NG is enhanced version of HTTP that maintains the simplicity of HTTP while adding important features such as security and authentication
Explain discretionary access privileges
In a distributed system, end users may control/own resources. Resource owners may be granted discretionary access privileges, which allow them to grant access privileges to other users. EX: The controller, who is the owner of the general ledger, may grant read-only privileges to a manager in the budgeting department
What is keystroke monitoring
Involves recording both the user's keystrokes and the system's response. It is the computer equivalent of a phone wiretap
Distinguish between network-level and application level firewalls
Network-level firewalls provide efficient but low-security access control, consisting of a screening router that examines the source and destination of addresses that are attached to incoming message packets Application-level firewalls provide a higher level of customizable network security but they add overhead to connectivity. They're configured to run security applications called proxies
Networks would be inoperable without protocols, explain their importance and what five functions they perform
Protocols are the rules and standards governing the design of hardware and software that permit users of networks to communicate and share data The general acceptance of protocols within the network community provides both standards and economic incentives for the manufacturers of hardware and software. 1. they facilitate the physical connection between the network devices 2. they synchronize the transfer of data between physical devices 3. they provide a basis for error checking and measuring network performance 4. they promote compatibility among network devices 5. they promote network designs that are flexible, expandable, and cost-effective
What is event monitoring?
Summarizes key activities related to system resources. Typically records the IDs of users accessing the system, the time and duration of a user session, programs that were executed during a session, and files, databases, printers, and other resources accessed.
What is the purpose of the TCP portion of TCP/IP
The TCP portion of the TCP/IP ensures that the total number of data bytes transferred was received
What is a vaccine and what are its limitations?
Vaccines are antiviral software that examines applications and programs for viruses and removes them. The software however only works on KNOWN viruses, so if a virus has been modified there is no guarantee the vaccine will work
A ping signal is used to initiate A. a smurf attack B. internet protocol spoofing C. Digital signature forging D. URL masquerading E. a SYN-ACK packet
a.
An integrated group of programs that supports the applications and facilitates their access to specified resources is called a(n) A. operating system B. database management system C. utility system D. facility system E. Object system
a.
A DDoS attack is more intensive than A. DoS attack because it emanates from single source B. May take the form of either a SYN flood or smurf attack C. is so named because it affects many victims simultaneously, which are distributed across the internet D. turns the target victim's computers into zombies that are unable to access the Internet E. None of the above correct
b.
Sniffer software is a. used by malicious Web sites to sniff date from cookies stored on the user's hard drive. b. used by network administrators to analyze network traffic. c. used by bus topology intranets to sniff for carriers before transmitting a message to avoid data collisions. d. an illegal program downloaded from the Web to sniff passwords from the encrypted data of Internet customers. e. illegal software for decoding encrypted messages transmitted over a shared intranet channel.
b.
Transmitting numerous SYN packets to a targeted receiver , but NOT responding to an ACK, is a A. request-response control B. smurf attack C. denial of service attack D. call-back response control E. none of the above
c.
Which of the following is NOT a data network control objective? A. preventing illegal access B. correcting message loss due to equipment failure C. Maintaining the critical application list D. rendering useless any data that a perpetrator successfully captures E. all of the above are network control objectives
c.
A user's application may consist of several modules stored in separate memory locations, each with its own data. One module must not be allowed to destroy or corrupt another module. This is an objective of A. EDI controls B. network controls C. computer center and security controls D. application controls E. none of the above
e.
Disguising message packets to look as if they came from an authorized user of the host's network is a technique called A. smurfing B. IP spooling C. Denial of service attack D. screening E. None of the above
e.
Which of the following is NOT an operating system objective? A. The operating system must protect itself from users B. The operating system must protect users from themselves C. The operating system must be protected from its environment D. the operating system must protect users from each other E. none of the above
e.