Chapter 8 - Securing Information Systems
Steps to make sure a security system is up to par
1) establish what data and processes are essential 2) conduct an MIS audit, security audit, create risk assessment analysis 3) establish what legal/governmental/industry standards need to be adhered to and which international standards are relevant 4) conduct a business impact analysis and determine a disaster recovery and business continuity plan 5) create a security policy 6) plan for any change management needed 7) determine how the success will be measured and set up means for measuring 8) implement such policies 9) measures and evaluates the effectiveness of the policy and make any additional adjustments
_____ refers to the ability to know that a person is who he or she claims to be
Authentication
Fault-tolerant computer system and a high availability computer system? what are they? how do they differ? when would each be used?
Both systems use backup hardware resources. FT contains extra memory chips, processors, and disk storage devices that prevent system failure. FT is used for a 100%, 24 hour system. HA places emphasis on quick recovery from crashes, and good disaster plans. HA is used for heavy electronic commerce processing.
Which of the following is not an example of computer used as an instrument of crime?
Breaching the confidentiality of protected computerized data
Using numerous computers to inundate and overwhelm the network from numerous launch points is called a ____ attack
DDoS
What is a digital certificate? how does it work?
Data files used to establish the identity of users and electronic assets for protection of online transactions. Uses a certification authority to validate, that authenticates the public key belongs to the owner.
_____ controls ensure that valuable business data files on either disk or tape are not subject to unauthorized access, change, or destruction while they are in use or in storage
Data security
In controlling network traffic to minimize slow-downs, a technology called _____ is used to examine data files and sort low-priority data from high-priority data
Deep-packet inspection
Three major concerns of system builders and users are disaster, security, and human error. which is the most difficult to deal with?
Disaster, because it is unexpected, broad-based, and can be life threatening. You don't know if your disaster plan will work until a disaster happens and there is no time to make corrections
You have been hired as a security consultant for a law firm. Which of the following constitutes the greatest source of security threats to the firm?
Employees
In which technique are network communications analyzed to see whether packets are part of an ongoing dialogue between a sender and a receiver
stateful inspection
In which method of encryption is a single encryption key sent to the receiver so both sender and receiver share the same key
symmetric key encryption
All of the following are methods of ensuring software quality except for
systems analysis
Comprehensive security management products, with tools for firewalls, VPNs, intrusion, detection systems, and more, are called ____ systems
unified threat management
How can a firms security policies contribute and relate to the six main business objectives - give examples
1) operational excellence - security policies are essential to operational excellence. firm's daily transactions can be disrupter by hackers. firm's efficiency relies on this data. Information assets have tremendous value, and can be devastating if lost, destroyed, etc. 2) New products, services, business models: Security policies protect a companies ideas that can be stolen. Enhanced security can be seen as differentiation 3) Customer and supplier intimacy: customers rely on security if they enter personal data into your information system 4) Improved decision making: secure systems make data accuracy a priority, and good decision making relies on accurate and timely data. Lost/inaccurate data = compromised decisions 5) Competitive advantage: makes your firm more attractive to do business with. Increases employee productivity and lower operational activities 6) Survival: may result in legal liability. firms have been destroyed by errors in security policies.
A digital certificate system
uses third-party CAs to validate a user's identity
Approximately how many new threats from malware were detected by Internet security firms in 2012
400 thousand
Why is software quality important to security? what specific steps can an organization take to ensure software quality?
Causes untold losses in productivity. The growing size and complexity have contributed to this difficulty. Steps: 1) identify flaws and create small patches to repair without disturbing other operations of the software 2) make sure software is up to date and bug free 3) ongoing use of metrics allows performance measures - number of transactions, online responses, etc. 4) easy regular testing
Hackers create a botnet by
Causing other people's computers to become "zombie" PC's following a master computer
A salesperson clicks repeatedly on the online ads of a competitors in order to drive the competitor's advertising costs up. This is an example of
Click fraud
____ is the scientific collection, examination, authentication, preservation, and analysis of data held on or retrieved from computer storage media in such a way that the information can be used as evidence in a court of law
Computer forensics
____ refers to all of the methods, policies, and organizational procedures that ensure the safety of the organization's assets, the accuracy and reliability of its accounting records and operational adherence to management standards.
Controls
Electronic data are more susceptible to destruction, fraud, error, and misuse because information systems concentrate data in computer files that
Have the potential to be accessed by large numbers of people and by groups outside of the organization
____ is a crime in which an imposter obtains key pieces of personal information to impersonate someone else
Identity theft
Which of the following is not an example of a computer used as a target of crime?
Illegally accessing stored electronic communication
How do software vendors correct flaws in their software after it has been distributed?
Issue patches
The internet poses specific security problems because
It was designed to be easily accessible
Discuss the issue of security challenges on the internet as that issue applies to a global enterprise - list 5 challenges
Large public networks are more vulnerable because they are open to everyone and huge. 1) When abuses occur there is a widespread impact 2) When the internet becomes part of the corporate network, the organizations information systems are vulnerable to outsiders 3) computers that are constantly connected to the internet via cable modem or DSL are more open because they used a fixed internet address and are easily identified 4) The fixed internet address creates the target for hackers 5) To benefit from e-commerce, scp, and other processes, companies need to be open to outsiders 6) corporate systems must be extended so that employees working with wireless and other mobile computing devices can access them
A ___ examines the firm's overall security environment as well as the controls governing individual information systems
MIS audit
Smaller firms may outsource some or many security functions to
MSSPs
A practice in which eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic is referred to as
war driving
Most antivirus software is effective against
Only those viruses already known when the software is written
Which of the following is not one of the challenges in securing wireless networks?
SQL interjection attacks
Currently, the protocols used for secure information transfer over the internet are
SSL, TLS, S-HTTP
Which of the following is not one of the main firewall screening techniques?
Secure socket filtering
____ refers to the policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems
Security
In 2004, ICQ users were enticed by a sales message from a supposed anti-virus vendor. On the vendor's site, a small program called Mitglider was downloaded to the user's machine. The program enabled outsiders to infiltrate the user's machine. What type of malware is this an example of?
Trojan horse
Which of the following statements about the internet security is not true
VoIP is more secure than the switched voice network
What are security challenges faced by wireless networks?
Wireless networks are vulnerable because radio frequency bands are easy to scan. they do not have protection from war driving. A hacker can easily identify access points etc.
How is the security of a firm's information system and data affected by its people, organization, and technology? is contribution of one of these dimensions any more important than the other? why?
Without technology implemented correctly, there is no security, Employees are the greatest threat (embezzlement, insider fraud) Organization is the most important bc it determines processes and policies. Information policies can most enhance by stressing intelligent design, use of technology and the usability of security processes
An independent computer program that copies itself from one computer to another over a network is called
a worm
Electronic evidence on computer storage media that is not visible to the average user is called _____ data
ambient
Inputting data into a poorly programmed Web form in order to disrupt a company's systems and networks is called
an SQL injection attack
Evil twins are
bogus wireless network access points that look legitimate to users
Application controls
can be classified as input controls, processing controls, and output controls
PKI is the use of public key cryptography working with a
certificate authority
Sniffing is a security challenge that is most likely to occur in which of the following points of a corporate network?
communications lines
Downtime refers to periods of time in which a
computer system is not operational
The international disruption of a web site or information system is called
cybervandalism
When errors are discovered in software programs, the sources of the errors are found and eliminated through a process called
debugging
The most common type of electronic evidence is
For 100% availability, online transaction processing requires
fault-tolerant computer systems
An authentication token is a
gadget that displays passcodes
Which of the following is not a trait used for identification in biometric systems?
hair color
A ____ system is used to identify and authorize different categories of system users and specify which portions of the organization's systems each user can access
identity management
The Sarbanes-Oxley Act
imposes responsibility on companies and management to safeguard the accuracy of financial information
Which of the following is the greatest threat that employees pose to an organization's information system
lack of knowledge
Malicious software programs referred to as ____ include a variety of threats such as computer viruses, worms, and Trojan horses
malware
Rigorous password systems
may hinder employee productivity
The HIPPAA Act
outlines medical security and privacy rules
A firewall allows the organization to
prevent unauthorized communication both into and out of the network
The development and use of methods to make computer systems resume their activities more quickly after mishaps is called
recovery oriented computing
Pharming involves
redirecting users to a fraudulent Web site even when the user has typed in the correct address
The Gramm-Leach-Bliley Act
requires financial institutions to ensure the security of customer data
Analysis of an information system that rates the likelihood of as security incident occurring and its cost is included in a
risk assessment
An example of phishing is
setting up a fake medical web site that asks users for confidential information
Tricking employees to reveal their passwords by pretending to be a legitimate member of the company is called
social engineering
Redirecting a web link to a different address is a form of
spoofing
A keylogger is a type of
spyware