Ch 1 Info Sys

According to the CSI/FBI survey, which of the following statistics decreased in 2003? A) The number of organizations reporting the internet as a point of attack B) The number of organizations that have reported unauthorized use of their systems C) The average loss as a result of theft of proprietary information D) Both B and C

D

Which of the following threats has not grown over the last decade as a result of increasing numbers of Internet users? A) Viruses B) Hackers C) Denial-of-service attacks D) All of these have seen an increase over the last decade.

D

specific target

The attacker has chosen the target not because of the hardware or software the organization is running but for another reason, perhaps a political reason.

what can eliminate a large portion of virus and worm threats?

antivirus software and system patching

opportunistic attack

attack against a site that has software that's vulnerable to a specific exploit

example of crime where computer was used to perpetrate the act

bank fraud

2 basic categories of electronic crime

crime where computer was target, crime where computer was used to perpetrate the act

hacking

deliberately accessing computer system sand networks without authorization

2 functions of cyber threats

deny use of computer systems, use systems for financial gain or stealing PII

highly technical individuals are known as

elite hackers

1st step to limit an attacker's avenue of attack

ensure all patches for the system are installed and up to date

script writers - people who are capable of writing scripts to

exploit known vulnerabilities

The act of deliberately accessing computer systems and networks without authorization is generally known as:

hacking

information warfare falls into what category?

highly structured threat

information warfare

information and info processing equipment used by an adversary

information security

information being protected from unauthorized access and yet available to authorized individuals

insiders can be more dangerous than outsiders. why?

insiders have access and knowledge necessary to cause immediate damage to the org

Which of the following individuals was convicted of various computer crimes and was known for his ability to conduct successful social engineering attacks?

kevin mitnick

information assurance

knowing a level of protection has been accomplished

Ukraine electric grid cyber-attacked on 12/23/2015; ransomware originated in 1990s what happened?

locked victim files until ransom was paid

sometimes attackers are limited on their resources, if they do not have time or resources to attack a particular organization, they might

look for a target of opportunity in that sector

as skill level of attacker goes up, so does use of

minimal methods

Which of the following is generally viewed as the first Internet worm to have caused significant damage and to have "brought the Internet down"?

morris worm

is writing viruses a criminal activity? if no, then what is?

no, releasing them is

in an opportunistic attack, are attackers targeting the organization?

no, they've learned of a vulnerability that they want to exploit

PII

personally identifiable information

The rise of which of the following has greatly increased the number of individuals who probe organizations looking for vulnerabilities to exploit?

script kiddies

who does not have the technical expertise to develop scripts or discover new vulnerabilities in software?

script kiddies

critical infrastructures are those whose loss would have

severe repercussions on the nation

unstructured threat

short period of time, do not involve a large number of individuals, have little financial backing

hactivist attack example of what kind of attack?

specific target

2 general reason a system is attacked

specifically targeted by the attacker, opportunistic target

Criminal organizations would normally be classified as what type of threat?

structured

criminal orgs usually fall into what category?

structured threat

2nd step to limit an attacker's avenue of attack

system hardening (

Which of the following is an attempt to find and attack a site that has hardware or software that is vulnerable to a specific exploit?

target of opportunity attack

what is the most common problem an org faces

viruses and worms

What is the most common problem/threat an organization faces?

viruses/worms

Which virus/worm was credited with reaching global proportions in less than ten minutes?

Slammer

Elite hackers don't account for more than what percentage of the total number of individuals conducting intrusive activity on the Internet?

A