Ch 1 Info Sys
According to the CSI/FBI survey, which of the following statistics decreased in 2003? A) The number of organizations reporting the internet as a point of attack B) The number of organizations that have reported unauthorized use of their systems C) The average loss as a result of theft of proprietary information D) Both B and C
D
Which of the following threats has not grown over the last decade as a result of increasing numbers of Internet users? A) Viruses B) Hackers C) Denial-of-service attacks D) All of these have seen an increase over the last decade.
D
specific target
The attacker has chosen the target not because of the hardware or software the organization is running but for another reason, perhaps a political reason.
what can eliminate a large portion of virus and worm threats?
antivirus software and system patching
opportunistic attack
attack against a site that has software that's vulnerable to a specific exploit
example of crime where computer was used to perpetrate the act
bank fraud
2 basic categories of electronic crime
crime where computer was target, crime where computer was used to perpetrate the act
hacking
deliberately accessing computer system sand networks without authorization
2 functions of cyber threats
deny use of computer systems, use systems for financial gain or stealing PII
highly technical individuals are known as
elite hackers
1st step to limit an attacker's avenue of attack
ensure all patches for the system are installed and up to date
script writers - people who are capable of writing scripts to
exploit known vulnerabilities
The act of deliberately accessing computer systems and networks without authorization is generally known as:
hacking
information warfare falls into what category?
highly structured threat
information warfare
information and info processing equipment used by an adversary
information security
information being protected from unauthorized access and yet available to authorized individuals
insiders can be more dangerous than outsiders. why?
insiders have access and knowledge necessary to cause immediate damage to the org
Which of the following individuals was convicted of various computer crimes and was known for his ability to conduct successful social engineering attacks?
kevin mitnick
information assurance
knowing a level of protection has been accomplished
Ukraine electric grid cyber-attacked on 12/23/2015; ransomware originated in 1990s what happened?
locked victim files until ransom was paid
sometimes attackers are limited on their resources, if they do not have time or resources to attack a particular organization, they might
look for a target of opportunity in that sector
as skill level of attacker goes up, so does use of
minimal methods
Which of the following is generally viewed as the first Internet worm to have caused significant damage and to have "brought the Internet down"?
morris worm
is writing viruses a criminal activity? if no, then what is?
no, releasing them is
in an opportunistic attack, are attackers targeting the organization?
no, they've learned of a vulnerability that they want to exploit
PII
personally identifiable information
The rise of which of the following has greatly increased the number of individuals who probe organizations looking for vulnerabilities to exploit?
script kiddies
who does not have the technical expertise to develop scripts or discover new vulnerabilities in software?
script kiddies
critical infrastructures are those whose loss would have
severe repercussions on the nation
unstructured threat
short period of time, do not involve a large number of individuals, have little financial backing
hactivist attack example of what kind of attack?
specific target
2 general reason a system is attacked
specifically targeted by the attacker, opportunistic target
Criminal organizations would normally be classified as what type of threat?
structured
criminal orgs usually fall into what category?
structured threat
2nd step to limit an attacker's avenue of attack
system hardening (
Which of the following is an attempt to find and attack a site that has hardware or software that is vulnerable to a specific exploit?
target of opportunity attack
what is the most common problem an org faces
viruses and worms
What is the most common problem/threat an organization faces?
viruses/worms
Which virus/worm was credited with reaching global proportions in less than ten minutes?
Slammer
Elite hackers don't account for more than what percentage of the total number of individuals conducting intrusive activity on the Internet?
A