Chapter 17: Information Security: Barbarians at the Gateway (and Just About Everywhere Else)
Intrusion detection systems
A system that monitors network use for potential hacking attempts. Such a system may take preventative action to block, isolate, or identify attempted infiltration, and raise further alarms to warn security personnel.
hack
A term that may, depending on the context, refer to either 1) breaking into a computer system, or 2) a particularly clever solution.
hacker
A term that, depending on the context, may be applied to either 1) someone who breaks into computer systems, or 2) to a particularly clever programmer.
certificate authority
A trusted third party that provides authentication services in public key encryption schemes.
Encryption
Scrambling data using a code or formula, known as a cipher, such that it is hidden from those who do not have the unlocking key.
spoofed
Term used in security to refer to forging or disguising the origin or identity. E-mail transmissions and packets that have been altered to seem as if they came from another source are referred to as being "spoofed."
Exploits that attempt to infiltrate a computer system by masquerading as something that they are not are called:
Trojans
multi-factor authentication
When identity is proven by presenting more than one item for proof of credentials. Multiple factors often include a password and some other identifier such as a unique code sent via e-mail or mobile phone text, a biometric reading (e.g. fingerprint or iris scan), a swipe or tap card, or other form if identification.
Programs that use _____ are highly restrictive, permitting communication only with pre-approved entities.
Whitelists
Edward Snowden is:
a US government contractor thought whistle-blower by many, who released (in violation of US law) secret documents exposing state-run surveillance networks
_____ are hordes of surreptitiously infiltrated computers linked and controlled remotely, and are also known as zombie networks.
botnets
Malware _____ are a sort of electronic fingerprint often used to recognize malicious code.
signatures
data harvesters
Cybercriminals who infiltrate systems and collect data for illegal resale.
firewalls
A system that acts as a control for network traffic, blocking unauthorized traffic while permitting acceptable use.
shoulder surfing
Gaining compromising information through observation (as in looking over someone's shoulder).
_____ refer to protesters seeking to make a political point by leveraging technology tools, often through system infiltration, defacement, or damage.
Hacktivists
Which of the following factors is thought to have been at work during the Target security breach: Notifications from security software were ignored.
- The database for credit card transactions wasn't sufficiently isolated from other parts of the system. - Malicious code was disguised by using the name of a legitimate software product. - Target's security software could have automatically deleted detected malware, but this function was turned off. ALL OF THE ABOVE
black hat hackers
A computer criminal.
Phishing
A con executed using technology, typically targeted at acquiring sensitive information or tricking someone into installing malicious software.
hacktivists
A protester seeking to make a political point by leveraging technology tools, often through system infiltration, defacement, or damage.
honeypots
A seemingly tempting, but bogus target meant to draw hacking attempts. By monitoring infiltration attempts against a honeypot, organizations may gain insight into the identity of hackers and their techniques, and they can share this with partners and law enforcement.
public key encryption
A two key system used for securing electronic transmissions. One key distributed publicly is used to encrypt (lock) data, but it cannot unlock data. Unlocking can only be performed with the private key. The private key also cannot be reverse engineered from the public key. By distributing public keys, but keeping the private key, Internet services can ensure transmissions to their site are secure.
CAPTCHAs
An acronym for Completely Automated Public Turing Test to Tell Computers and Humans Apart. CAPTCHAs are those scrambled character images that many sites require to submit some sort of entry (account setup, ticket buying) and are meant to be a <i>Turing Test</i>—a test to distinguish if a task is being performed by a computer or a human.<span id="gallaugher_3_0-27917-20150702-151916-938210" class="footnote"></span>
brute-force attacks
An attack that exhausts all possible password combinations in order to break into an account. The larger and more complicated a password or key, the longer a brute-force attack will take.
distributed denial of service (DDoS)
An attack where a firm's computer systems are flooded with thousands of seemingly legitimate requests, the sheer volume of which will slow or shut down the site's use. DDoS attacks are often performed via botnets.
zero-day exploits
Attacks that are so new that they haven't been clearly identified, and so they haven't made it into security screening systems.
Key
Code that unlocks encryption.
dumpster diving
Combing through trash to identify valuable assets.
cash-out fraudsters
Criminals that purchase assets from data harvesters to be used for illegal financial gain. Actions may include using stolen credit card numbers to purchase goods, creating fake accounts via identity fraud, and more.
whitelists
Highly restrictive programs that permit communication only with approved entities and/or in an approved manner.
Botnets
Hordes of surreptitiously infiltrated computers, linked and controlled remotely, also known as zombie networks.
The ______________ framework represents a series of standards for best practices in implementing, maintaining and improving organizational security.
ISO 27000
Which of the following is a valid observation regarding information security?
Information security isn't just a technology problem.
blacklists
Programs that deny the entry or exit of specific IP addresses, products, Internet domains, and other communication restrictions.
_______________ is an example of an exploit in which hackers target security vulnerabilities caused by software developers not validating user input.
SQL injection technique.
white hat hackers
Someone who uncovers computer weaknesses without exploiting them. The goal of the white hat hacker is to improve system security.
Biometrics
Technologies that measure and analyze human body characteristics for identification or authentication. These might include fingerprint readers, retina scanners, voice and face recognition, and more.
Why have US technology firms complained that U.S. government surveillance techniques put them at a disadvantage relative to foreign firms?
U.S. firms complain that the actions of surveillance agencies have put them at a disadvantage by damaging their reputation.
An attack in which a firm's computer systems are flooded with thousands of seemingly legitimate requests, the sheer volume of which will slow or shut down the site, is known as:
distributed denial of service
Public key encryption is considered far weaker than private key encryption, so most websites avoid using public key systems.
false
Students are discouraged from using over-the-Internet backup services since these are known sources for security vulnerability.
false
The encryption math behind OpenSSL is so solid and would require such an extensive amount of computing power to execute a brute-force attack, that OpenSSL had (as of the writing of the textbook) never been compromised.
false
VPN software should only be used on an organization's internal network. Never use VPN software on a public wireless network, as this could give hackers an entryway from your computer into your organization's secure network
false
A security tool that is deployed by firms as a phony target to lure or distract attackers and gain information about them is known as a:
honeypot
Cons executed through technology and that often try to leverage the reputation of a trusted firm or friend to trick the victim into performing an action or revealing information constitute:
phishing
Con games that trick employees into revealing information or performing other tasks that compromise a firm are known as _____ in security circles.
social engineering
The term _____________ refers to forging or disguising the origin or identity.
spoof
The phrase __________________ refers to security schemes that automatically send one-time use representations of a credit card which can be received and processed by banking and transaction firms at the time of payment. They are used in ApplePay and Android Wallet.
tokenization
A white hat hacker looks for weaknesses in security mechanisms, with a view to help plug the holes that might be exploited by cyber-criminals.
true
Although the attack on Target was one of the largest credit card breaches in US business history, the software that executed the attack was not considered to be especially sophisticated.
true
Two-factor or multi-factor authentication systems can slow consumers down, leading to consumer annoyance and dissatisfaction.
true
The key difference between viruses and worms is that:
worms do not need an executable to spread, unlike viruses