Ch. 1 Security
How does protection between skilled and unskilled hackers differ?
A company may need to hire a penetration tester to find out how to protect its assets from skilled hackers and the developers of protection software and hardware keep defensive systems up to date so u are protected from unskilled hackers.
What methods does a social engineering hacker use to gain info about a users login Id and password? How would this method differ if it targeted an administrators assistant versus a data entry clerk?
A social engineering hacker uses many different methods to gain information. Sometimes the attacker calls the targeted organization to get small bits of information that add up to a large amount of useful data, like leading officers names, how they look there schedules. This all helps the attacker because he knows when to infiltrate and what to say to get information. The attacker chooses his targets well when using social engineering. You don't want to pick a target like the assistant to an administrator one who might know all the higher up figures and the new employees. They usually target lower clerks that have some clearance and that wouldn't think otherwise of giving out the information
Security
A state of being secure and free from danger or harm. Also, the actions take to make someone or something secure
Authorization
After identity is authenticated, this defines what the user had been specifically authorized to do.
What are the characteristics of management based on the method described in the text as the "popular approach" to management ? Define the characteristics.
Based on a popular approach to management, there are four characteristics of management: Planning: the process of setting objectives/goals and determining what should be done to accomplish them. Organizing: the process of arranging people and resources to work towards a common goal. Leading: the process of arousing enthusiasm and directing human resource efforts towards organizational goals. Controlling: the process of measuring performance and taking action to ensure desired outcome (results)
How is the "security" privacy definition different from every day definition ? And why is this difference significant?
Because in this way it does not mean freedom from observation, it simply means that the information will be used only in ways approved by the person who provided it
What are the types of password attacks? What can a systems administrator do to protect against them?
Brute Force, Dictionary, Rainbow Tables, Social Engineering. 10.3 password rule: An industry recommendation for password structure and strength that specifies passwords should be at least 10 characters long and contain at least one uppercase letter, one lowercase letter, one number, and one special character.
What is the difference between a denial or service attack and a distributed denial of service attack? Which is more dangerous and why?
Denial of Service Attack is where one system basically overloads the targeted system with requests causing it to shut down. On the other hand a DDOS involves many systems that have been compromised and are acting on the part of one system to overload the targeted system by requesting too much information at one time causing it to shut down. These compromised systems are called zombie systems they don't know what they are doing because they are under another systems control. A DDOS attack is the most dangerous in the sense that you have many culprits to stop. In a regular DOS attack you just have to stop the one attacking system.
integrity
Describes how data is whole, complete, and uncorrupted
Do Trojan horses carry viruses or worms?
Disguised as a helpful tool, the Trojan virus does not carry viruses or worms. It creates a backdoor on your system.
What are various types of force majeure? Which type might be of greatest concern to an organization in Las Vegas? OKC? MIA? LA?
Fire, Flood, Earthquake, Lightening, Hurricane, etc. OKC = Tornadoes, MIA = Hurricane, LA = Earthquake
Confidentiality
How data is protected from disclosure or exposure to unauthorized individuals or systems.
What is the importance of the C.I.A. triad? List each of its components.
Industry standard for computer security since the development of the mainframe. Made up of 3 characteristics that describe the utility of information: Confidentially , integrity , and availability
How does technology obsolescence constitute a threat to information security? How can an organization protect against it?
It occurs when technology becomes outdated, and results in an increased threat. Proper planning is the best way to fight it; outdated technologies must be replaced in a timely fashion
How does privacy relate to InfoSec?
It relates because an organization using InfoSec must make sure information is only used by appropriate users to be secure
How are leadership and management similar and different?
Leader influences employees so that they are willing to accomplish objectives. Manager creates budgets, authorizes expenditures, and hires employees.
What is the most common violation of intellectual property & how does an organization protect against it?
Most Common Violation: The unlawful user or distrubition of software-based IP known as "software piracy" Protection against software piracy: Software licenses are strictly enforced and software publishers use several control mechanisms to prevent copyright infringment.
Authentication
Process by which a control establishes whether a user is the entity it claims to be. (Passwords)
Information Security (InfoSec)
Protection of the confidentiality, integrity, and availability of information assets whether in storage, processing, or transmission, via the application of policy, education, training, and awareness, and technology
What is information security? What essential protections must be in place to protect information systems from danger?
Protection of the confidentiality, integrity, and availability of information assets whether in storage, processing, or transmission, via the application of policy, education, training, and awareness, and technology Physical Security, Operations Security, Communications Security, Cyber Security, and Network Security
Privacy
Right of individuals or groups to protect themselves and their Information from unauthorized access, providing confidentiality
Describe the CNSS security model. What are its three dimensions?
The CNSS Security model presents the McCumber Cube. Serves as the standard for understanding many aspects of InfoSec. This cube is 3x3x3 with 27 cells. When using model you must make sure that each of the 27 cells are properly addressed. Information Characteristics, information Location, Security control categories.
How has the perception of a hacker changed over the years? And what is the profile of a hacker today?
The classic perception of the hacker is frequently glamorized in fictional accounts as someone who stealthily manipulates their way through a maze of computer networks, systems, and data to find the information that resolves the dilemma posed in the plot and saves the day. However, in reality, a hacker frequently spends long hours examining the types and structures of the targeted systems because he or she has to use skill, guile, or fraud to attempt to bypass the controls placed around information that is the property of someone else. The perception of a hacker has evolved over the years. The traditional hacker profile was male, age 13-18, with limited parental supervision who spent all his free time at the computer. The current profile of a hacker is a male or female, age 12 - 60, with varying technical skill levels, and can be internal or external to the organization. Today there are both expert hackers and unskilled hackers. The expert hackers create the software and schemes to attack computer systems while the novice hackers are the ones who merely utilize the software created by the expert hacker.
Communications security
The protection of all communications media, technology, and content
Cyber security
The protection of computerized information processing systems and the data they contain and process.
Physical Security
The protection of physical items, objects, or areas from unauthorized access and misuse.
Operations security
The protection of the details of an organizations operations and activities.
Network security
The protection of voice and data networking components, connections and content
What are the 3 levels of planning? Define each. List the types of InfoSec Plans and planning functions.
The three levels of planning are tactical, strategic, and operational. Tactical planning focuses on resource planning by those just under "senior management" to cover a time period of no more than five years. Strategic planning is planning done at the highest level of an organization and usually covers a time period of more than five years. Operational planning is short-term, day-to-day planning of resources. InfoSec planning includes incident response planning, business continuity planning, disaster recovery planning, policy planning, personnel planning, technology rollout planning, risk management planning, and security program planning.
List and describe the three communities of interest that engage in an organizations effort to solve information security problems. Give two or three examples of who might be in each community.
Those in the field of information security Those in the field of IT Those from the rest of the organization/General business Information security community: Protects the organizations information assets from the many threats they face IT community: Supports the business objectives of the organization by supplying and supporting IT that is appropriate to the organizations needs Rest of Organization/ General business community: Articulates and communicates organizational policy and objectives and allocates resources to the other groups.
Identification
Unverified entities who seek access to a resource provide a label by which they are known to a system (typically used as a user name or ID)
Skilled hacker
Uses extensive knowledge of the inner workings of computer hardware and software to gain unauthorized access to systems and information. Also known as elite hackers, expert hackers. (Create automated exploits, scripts, and tools used by other hackers)
Unskilled hacker
Uses work of expert hackers to perform attacks. Also known as neophyte, n00b, newbie. (Use script kiddies and packet monkeys)
What are various types of malware ?
Viruses, Worms, Trojan Horses, and active Web Scripts
How are worms different from viruses
Worms: can continue replicating itself until it completely fills available resources, such as memory. The behavior of a worm can initiate with or without a user downloading or executing a file. A worm can also deposit itself to all Web servers that the infected system can reach. Viruses:code segements that perform malicious acts. Code attaches itself to an existing program and takes control of the programs access to the targeted computer. U most open a file that is infected to get a virus. a worm can initate without downloading it.
Does the intellectual property owned by an organization usually have value? If so, how can attackers threaten that value?
Yes, the IP of an organization may be its highest value asset. Attackers can threaten its value by reducing or removing its availability to the owner or steal and then selling copies of the asset thus causing a loss in the economic value of the assets.
Availability
describes how data is accessible and correctly formatted for use without interference or obstruction
What is management and what is a manager? Also what roles do managers play as they execute responsibilities?
management: process of achieving objectives by appropriately applying a given set of resources. manager: member of the organization assigned to marshal and administer resources, coordinate the completion of task, and handle the many roles necessary to complete the desired objectives.
Accountability
when a control provides assurance that every activity undertaken can be attributed to a named person or automated process. (audit logs that track users activity)