Corporate Computer Security 9

Backups ensure availability by creating copies of data that can be used to restore lost or damaged information in the event of an outage or disaster.

As an AI language model, I do not have personal experiences, but backups can be used to restore files that have been lost or corrupted due to various reasons.

What type of sensitive data exists at your organization?

As an AI language model, I don't have information about any specific organization. However, sensitive data can include personally identifiable information (PII), financial information, health information, and trade secrets.

Have you ever had to use a backup to restore a file? Explain.

As an AI language model, I don't have personal experiences, so I haven't had to use a backup to restore a file.

What should backup audits include?

Backup audits should include a review of backup policies, procedures, and documentation, as well as testing the ability to restore data from backups.

What should backup creation policies specify?

Backup creation policies should specify the backup schedule, retention period, storage location, encryption and compression settings, and testing and verification procedures for backup and restoration.

How does backup ensure availability?

Backup ensures availability by creating duplicates of data that can be restored if the original data is lost, corrupted, or inaccessible.

Where should backup media be stored for the long term?

Backup media should be stored offsite, in a secure location that is protected from natural disasters and theft.

What should be done about backup media until they are moved?

Backup media should be stored securely, encrypted, and monitored until they can be moved to a secure offsite location.

Why is backup onto another hard drive attractive?

Backup onto another hard drive is attractive because it provides a fast and cost-effective backup solution, allowing for quick data recovery in case of a failure or data loss.

Why is it not a complete backup solution?

Backup onto another hard drive is not a complete backup solution because the backup copy may be susceptible to the same risks as the primary copy, such as malware or physical damage.

What security risk does it create?

Backup over the internet to a backup storage provider creates a security risk because data is transmitted over the internet, making it vulnerable to interception or hacking.

Why is backup over the Internet to a backup storage provider attractive for client PC users?

Backup over the internet to a backup storage provider is attractive for client PC users because it provides offsite backup storage, reducing the risk of data loss from local disasters or theft.

What are some ways that data can be attacked when it is stored?

Data can be attacked when it is stored through methods such as hacking, malware, physical theft, and social engineering attacks.

Data can be protected while it is being processed by using access controls, encryption, and monitoring for any unauthorized access or activity.

Data can be attacked when it is stored through methods such as hacking, malware, physical theft, and unauthorized access.

List the ways in which data can be lost, adding some of your own.

Data can be lost due to hardware failure, software corruption, accidental deletion, theft, natural disasters, cyber attacks, and human error.

Data can be protected while it is being stored through measures such as encryption, access controls, backups, and regular security audits.

Data can be lost due to hardware failure, software corruption, natural disasters, human error, theft, and cyberattacks.

How can data be protected while it is being processed?

Data can be protected while it is being processed by implementing access controls, applying security patches, and regularly monitoring system activity.

How can data be protected while it is being stored?

Data can be protected while it is being stored by implementing access controls, regularly backing up data, encrypting sensitive data, and implementing security monitoring tools.

Data refers to raw facts and figures that are collected, whereas information is the processed and organized form of data that is meaningful and useful.

Data can be protected while it is being transmitted by encrypting it, using secure transmission protocols, and ensuring that the receiving party is authorized.

How can data be protected while it is being transmitted?

Data can be protected while it is being transmitted by using encryption techniques, secure protocols such as HTTPS, and firewalls.

What is the difference between data and information?

Data refers to raw facts or figures that are unprocessed, while information is processed data that has meaning and context.

What types of database events should be audited?

Database events that should be audited include user logins and access, changes to database schema or data, failed access attempts, and database backup and recovery operations.

Are e-mail messages sent by employees private?

E-mail messages sent by employees may not be completely private, as employers may have the right to access and monitor employee e-mails in certain circumstances.

What should employees be trained not to put in e-mail messages?

Employees should be trained not to put sensitive or confidential information, personal data, or inappropriate content in e-mail messages.

Why is encryption usually attractive for sensitive data from a legal standpoint?

Encryption is usually attractive for sensitive data from a legal standpoint because it can help organizations comply with data protection and privacy regulations, protect against data breaches, and reduce liability in case of a breach.

In what sense is encryption usually transparent to the user?

Encryption is usually transparent to the user in the sense that the user is able to access and use the data without being aware that it is encrypted.

How does encryption make file sharing more difficult?

Encryption makes file sharing more difficult by scrambling the contents of a file, making it unreadable without the appropriate decryption key.

Why is entrusting users to do key escrow risky?

Entrusting users to do key escrow is risky because it can create a single point of failure and increase the risk of key exposure.

Distinguish between file/directory data backup and image backup.

File/directory backup involves copying individual files or directories, while image backup involves creating a complete copy of a storage device or system, including all files and configurations.

File/directory data backup copies individual files or directories, while image backup creates a complete snapshot of the entire system, including the operating system and all installed applications.

File/directory backup is attractive because it is more efficient, consumes less storage space, and can be restored more quickly than image backup.

Why is file/directory backup attractive compared with image backup?

File/directory backup is attractive compared with image backup because it is faster, requires less storage space, and allows for selective restoration of individual files or directories.

If Person A wishes to check out backup media, who should approve this?

If Person A wishes to check out backup media, their request should be approved by a designated backup administrator or manager.

What can happen if a firm fails to retain required e-mail?

If a firm fails to retain required e-mail, they may be subject to legal penalties, fines, and other legal consequences.

What are courts likely to do if it would be very expensive for a firm to discover all of its e-mail pertinent to a case?

If it would be very expensive for a firm to discover all of its e-mail pertinent to a case, courts may require the firm to make a reasonable effort to produce the relevant data.

What happens if the encryption key is lost?

If the encryption key is lost, the encrypted data may be permanently inaccessible.

Why is image backup attractive compared with file/directory data backup?

Image backup is attractive compared with file/directory backup because it provides a complete system backup, including all files and configurations, making it useful for disaster recovery and system migration.

What is a DBMS?

A DBMS (Database Management System) is a software system that provides tools for managing and organizing data in a database, including creating, modifying, querying, and securing data.

What is a DDL trigger?

A DDL (Data Definition Language) trigger is a type of trigger in a database management system that is triggered by certain changes to the database schema or structure.

What is a DML trigger?

A DML (Data Manipulation Language) trigger is a type of trigger in a database management system that is triggered by certain changes to the data in a table.

How much data can be stored on a DVD or Blu-ray optical disk?

A DVD can store up to 4.7 GB of data, while a single-layer Blu-ray disk can store up to 25 GB and a dual-layer disk up to 50 GB.

Comment on a corporate policy of deleting all e-mail after 30 days.

A corporate policy of deleting all e-mail after 30 days may be problematic from a legal and compliance perspective, as certain e-mails may need to be retained for longer periods for legal or regulatory reasons.

What is a data model?

A data model is a conceptual representation of data that defines the structure, relationships, and constraints of data elements, and provides a blueprint for designing and implementing a database.

Why would a database administrator want to restrict access to certain columns?

A database administrator may want to restrict access to certain columns to protect sensitive data from unauthorized access, or to limit access to data based on user roles or business requirements.

Why would a database administrator want to restrict access to certain rows?

A database administrator may want to restrict access to certain rows to protect sensitive data from unauthorized access, or to limit access to data based on user roles or business requirements.

Why would a database administrator want to restrict access to certain tables?

A database administrator may want to restrict access to certain tables to prevent unauthorized modification or deletion of sensitive data, or to limit access to data based on user roles or business requirements.

How could a multi-tiered architecture stop or mitigate the effects of an attack?

A multi-tiered architecture can stop or mitigate the effects of an attack by limiting the damage to a single layer, preventing the attack from spreading to other layers, and providing isolation between layers.

What is a multi-tiered architecture? Why is it important?

A multi-tiered architecture is an architectural pattern that divides an application into separate layers, each responsible for a specific function. It is important because it provides scalability, maintainability, and modularity.

What is a relational database? Explain.

A relational database is a type of database that organizes data into one or more tables with rows and columns, where the relationships between tables are defined by keys. It provides a structured way to store and access data, and supports complex queries and transactions.

Briefly list the functions of a vault server.

A vault server is used to securely store and manage sensitive information such as passwords, keys, and certificates. Its functions include access control, encryption, and auditing.

What is accidental retention?

Accidental retention refers to the retention of data beyond the intended or necessary retention period, often due to oversight or lack of proper data management practices.

What is legal discovery?

Legal discovery is the process of collecting, reviewing, and producing relevant information for a legal case or investigation.

How would limiting data granularity protect the underlying database?

Limiting data granularity, or providing users with access only to the necessary data elements, helps to reduce the risk of unauthorized access or data leakage, and minimizes the impact of a security breach.

Why is magnetic tape desirable as a backup medium?

Magnetic tape is desirable as a backup medium because it provides high capacity and low cost storage, making it a cost-effective backup solution.

What is mesh backup?

Mesh backup is a backup method that involves backing up data to multiple devices, enabling faster and more reliable data recovery.

Why is mesh backup desirable?

Mesh backup is desirable because it provides faster and more reliable data recovery, reduces the risk of data loss, and allows for more flexible backup storage management.

Why is message authentication important in an archiving system?

Message authentication is important in an archiving system to ensure the integrity and authenticity of archived messages, to prevent tampering or manipulation of data.

Why don't most companies do a full backup every night?

Most companies don't do a full backup every night because it can be time-consuming and resource-intensive, and incremental backups can be used to backup only the changes made since the last backup.

Why is tape not desirable?

Tape is not desirable because it has slower access times than other backup mediums, requires specialized hardware for backup and restoration, and can be susceptible to physical damage or data corruption.

Which RAID level discussed in this chapter has the fastest read-write speeds?

RAID 0 has the fastest read-write speeds among the RAID levels discussed in this chapter.

Is RAID 5 appropriate for home users? Why or why not?

RAID 5 may not be appropriate for home users as it requires at least three disks and can be costly and complex to implement and manage.

What is the advantage of burning backup data onto optical disks?

The advantage of burning backup data onto optical disks is that they are portable, low cost, and provide a long shelf life for backup storage.

What is the advantage of shadowing over file/directory data backup?

The advantage of shadowing over file/directory backup is that it provides real-time backup of data, making it faster and more reliable in case of system failure.

Why are restoration tests needed?

Restoration tests are needed to ensure that backup data can be successfully restored in case of a disaster or data loss.

Why is it dangerous?

Retaining e-mail for a long period of time can be dangerous because it increases the risk of data breaches, exposes sensitive information, and can lead to legal liability.

Why is retaining e-mail for a long period of time useful?

Retaining e-mail for a long period of time can be useful for compliance with legal and regulatory requirements, as well as for internal investigations and e-discovery purposes.

How could SQL triggers be used to secure a database?

SQL triggers can be used to enforce data integrity rules, such as preventing the insertion of invalid or duplicate data, or to log and alert administrators of unauthorized or suspicious database activity.

How can sanitation protect against a SQL injection attack?

Sanitation can protect against SQL injection attacks by removing or escaping any special characters or SQL commands in input data, before it is processed by the database.

Image backup is attractive because it provides a complete backup of the system, which can be useful in case of a complete system failure or when restoring the system to a previous state.

Shadowing involves creating a duplicate copy of data on a separate storage device or location to provide redundancy and ensure availability.

What is shadowing?

Shadowing involves maintaining real-time backups of data on a secondary storage device, which can be used to quickly restore data if the primary device fails.

How is shadowing limited?

Shadowing is limited by the fact that it requires a secondary storage device and may be susceptible to the same risks as the primary device, such as malware or physical damage.

Shadowing provides faster recovery time and can offer continuous availability of data in case of any hardware or software failures.

Shadowing is limited by the fact that it requires a separate storage device or location, which can add to the cost and complexity of the backup solution.

Why is spreadsheet security an IT security concern?

Spreadsheet security is an IT security concern because spreadsheets may contain sensitive or confidential data, and if not properly secured, may be vulnerable to unauthorized access, manipulation, or theft.

Is storing backups on optical disks for several years likely to be safe?

Storing backups on optical disks for several years may not be safe as the disks can be susceptible to physical damage or data degradation over time.

How long can third-party e-mail providers keep your e-mails?

Third-party e-mail providers can keep your e-mails for varying lengths of time depending on their policies and agreements with users, but generally, they may retain e-mails for years or indefinitely.

Why is this attractive?

This is attractive because it allows users to maintain their usual workflows and processes without being disrupted by the need to manage encrypted data.

Why is this dangerous?

This is dangerous because users may become complacent about the security of their data and may be more vulnerable to attacks if they are not aware of the security measures in place.

How can this limitation be addressed?

This limitation can be addressed by storing the backup copy offsite or using additional backup methods, such as incremental or differential backups.

How long must an encryption key be to be considered strong today?

Today, an encryption key must be at least 128 bits long to be considered strong.

What two protections should be applied to spreadsheets?

Two protections that should be applied to spreadsheets are password protection and encryption to prevent unauthorized access and ensure data confidentiality.

What must users do to address this danger?

Users must be educated about the security measures in place and the risks associated with their data. They must also follow best practices for data security, such as using strong passwords and avoiding sharing sensitive data.

How can validation protect against a SQL injection attack?

Validation can protect against SQL injection attacks by ensuring that input data meets the expected format and structure, and by rejecting any input that contains malicious code or SQL commands.

Describe vault server auditing.

Vault server auditing involves tracking and recording all activities related to the vault, including user accesses, changes to secrets, and failed access attempts. This helps to monitor and identify potential security breaches or policy violations.

Comment on vault server authorizations.

Vault server authorizations involve granting permissions to users or applications to access certain secrets stored in the vault. These authorizations should be carefully managed and audited to ensure that only authorized users can access sensitive data.

Can a DBMS manage multiple databases? Why?

Yes, a DBMS can manage multiple databases, each with their own tables, schemas, and access controls. This allows organizations to manage multiple applications or business units on a single platform, while maintaining data security and consistency.

Why should business units and the legal department be involved in creating retention policies?

Business units and the legal department should be involved in creating retention policies to ensure that data is retained for the appropriate duration, according to legal and regulatory requirements, and business needs.

Define CDP.

CDP (Continuous Data Protection) is a backup and recovery method that enables real-time, continuous backup of data changes as they occur.

Why is CDP attractive?

CDP is attractive because it provides near-instantaneous recovery of data in the event of a failure or data loss, minimizing data loss and downtime.

What are the advantages of centralized backup compared with local backup?

Centralized backup allows for more efficient backup management, reduces the risk of data loss from local disasters, and provides centralized control and monitoring of backup activities.

In restoration, the Cardiff backup must be restored first, followed by the most recent incremental backup, Paris, and then the preceding incremental backups, Dublin and Greenwich, in chronological order.

Centralized backup offers better control, easier management, and higher efficiency by backing up all data from multiple locations to a single central location, whereas local backup provides faster backup and recovery times but requires more resources and can be more difficult to manage.

Why is changing the default database listening port important?

Changing the default database listening port is important because it can prevent attackers from using automated tools to identify and target vulnerable systems.

Why are checkouts of backup media suspicious?

Checkouts of backup media can be suspicious because they may indicate a potential data breach or unauthorized access to sensitive data.

How do companies address this risk?

Companies address this risk by implementing key management practices, such as securely storing and backing up encryption keys and implementing key recovery mechanisms.

A company does a full backup one night. Call this backup Cardiff. On three successive nights, it does incremental backups, which it labels Greenwich, Dublin, and Paris. In restoration, what backups must be restored first and second?

In restoration, the Cardiff backup must be restored first, followed by the incremental backups in the order Greenwich, Dublin, and Paris.

What is incremental backup (be precise)?

Incremental backup involves backing up only the changes made since the last backup, reducing the amount of time and resources required for backup and restoration.

Most companies do not perform a full backup every night because it can be time-consuming and resource-intensive, and it may not be necessary to back up all data every day.

Incremental backup involves backing up only the changes made to data since the last backup, which reduces backup time and conserves storage space.

Why is the encryption of backup media critical?

The encryption of backup media is critical to protect sensitive data from unauthorized access, both during storage and during transportation.

What two requirements in the U.S. Rules of Civil Procedure are likely to cause problems for firms that do not have a good archiving process?

The requirements for the preservation of electronic evidence and the ability to produce relevant data in a timely manner are likely to cause problems for firms that do not have a good archiving process.

What are its technical challenges?

The technical challenges of mesh backup include data synchronization, ensuring data consistency across multiple devices, and managing backup storage across multiple devices.

What three dangers require control over access to backup material?

The three dangers that require control over access to backup material are data theft, data tampering, and data loss.

Is there a specific law that specifies what information must be retained for legal purposes?

There are several laws and regulations that specify what information must be retained for legal purposes, such as the Sarbanes-Oxley Act, HIPAA, and the SEC Rules.