CYB 333 Q1
GLBA
"Graham-Leach-Bliley Act" (Financial Services Modernization Act of 1999) repealed a 1933 law that barred the consolidation of financial institutions and insurance companies. Included within GLBA are multiple sections relating to the privacy of financial information. Companies must provide written notice to consumers of their privacy rights and explain the company's procedures for safeguarding data.
worms
. A worm is a self-contained program that replicates and sends copies of itself to other computers without any user input or action. Unlike a virus, a worm does not need to attach itself to an existing program.
Five types of authentication
1. Something you know 2. Something you have 3. Something unique to u 4. Somewhere you are 5. Something you do (or how you do it)
Buffer overflows
: An attack conducted by supplying more data than is expected. Buffer overflow attacks takes advantage of a system that does not properly account for the amount of data input into an application
Buffer overflows
: An attack conducted by supplying more data than is expected. Buffer overflow attacks takes advantage of a system that does not properly account for the amount of data input into an application.
Backdoors:
: Programs that attackers install after gaining unauthorized access to a system, to ensure that they can continue to have unrestricted access are known as:
Acceptable use policy
: defines what users are allowed to do with organization-owned IT assets
Role-based access control
: permission to access a system or resource is dependent upon the person's role (or job title) in an organization.
Rootkits
: software programs that have the ability to hide certain things from the operating system
Compliance laws
FISMA, SOX, GLBA, HIPAA, CIPA, FERPA
FERPA
Family Education Rights and Privacy Act
FISMA
Federal Information Security Management Act of 2002
phreaking
Hacking of the systems and computers used by phone companies
HIPAA
Health Insurance Portability and Accountability Act of 1996
accountability
The process of associating actions with users for later reporting and research is known as: It ensures that a person who access or makes changes to data or systems can be identified.
risk management
describes the process of identifying, assessing, prioritizing, and addressing risks.
Mandatory access controls
permission to access a system or resource is determined by the sensitivity of the resource through the user's security level.
gray hat hackers
A cross between black and white—they will often illegally break into systems merely to flaunt their expertise to the administrator of the system they penetrated or to attempt to sell their services in repairing security breaches.
CIPA
Children's Internet Protection Act (2001) The law places restrictions on the use of funding that is available through the Library Services and Technology Act (LSTA) of the Elementary and Secondary Education Act (ESEA), and on the Universal Service discount program known as the E-rate (discounts for Internet access or internal connections). Requires Internet safety policies (AUPs) and technology which blocks or filters certain material from being accessed through the Internet. Deadline for compliance with CIPA was July 1, 2004, following the Supreme Court ruling in 2003.
SOX
Sarbanes-Oxley Act of 2002
Logic bomb
a form of malware that executes when a certain predefined event occurs
Virus
a virus attaches itself to or copies itself into another program on a computer. It infects a host program and causes that host program to replicate itself to other computers.
Vulnerability
a weakness that allows a threat to be realized or have an effect on an asset
Authorization controls include
access control lists, physical access control, and network traffic filters. A biometric device is an authentication control
black hat hackers
break into other people's computer systems and may just look around or may steal and destroy information
Single sign-on (SSO)
can provide for stronger passwords because with only one password to remember, users are generally willing to use stronger passwords
Need to know
concept that prevents people from gaining access to information they don't need to carry out their job function
Confidentiality
concerned with privacy and secrecy
CIA Triad
confidentiality, integrity, and availability.
A security policy
defines a risk-mitigating definition or solution for your organization
Disaster Recovery plan:
defines how a business can get back on its feet after a major disaster (hurricane, fire). The steps involved in creating a comprehensive DRP should be completed in this order: define potential threats, document likely impact scenarios, and document the business and technical requirements to initiate the implementation phase
Hardening a system
ensure controls are in place to control known threats.
Types of biometrics
fingerprint, palm print, retina scan, hand geometry, facial recognition, voice patterns, keystroke dynamics
Bluesnarfing
gaining unauthorized access through a Bluetooth device
Business Continuity plan (BCP)
gives priorities to the functions an organization needs to keep going. A business continuity plan is a written plan for a structured response to any events that result in an interruption to critical business activities or functions.
PCI DSS
governs how credit cards, includes provisions that Gwen should implement before accepting credit card transactions
A business impact analysis (BIA)
identifies the resources for which a business continuity plan (BCP) is necessary.
A gap analysis
is a comparison of the security controls you have in place and the controls you need in order to address all identified threats
threat
is any action that could damage an asset. Information systems face both natural and human-induced threats
Availability
is concerned with ensuring that information is readily accessible to authorized users at all times
Access controls fall into 2 categories
logical access controls and physical access controls. Logical access controls allow access into a system or network; physical access allows access into buildings and protected areas
Ransomware
malware that forces a victim organization to pay money to prevent the deletion of data.
Trojan horse
malware that masquerades as a useful program
Botnet
many Internet-connected computers under the control of a remote hacker
Principle of least privilege
means granting someone the minimum access that allows them to do their job.
security kernel
provides a central point of access control and implements the reference monitor concept. It mediates all access requests and permits access only when the appropriate rules or conditions are met.
Integrity
refers to the ability to prevent data from being changed in an undesirable or unauthorized manner.
IoT five critical challenges
security, privacy, interoperability, legal and regulatory compliance, and emerging social and economic issues.
Evil twin attack
the attacker deploys a fake open or public wireless network to use a packet sniffer on any user who connects to it.
discretionary access system
the owner of the resource decides who gets in and changes permissions as needed. The owner can delegate that responsibility to others
Brute force attack
tries every possible combination of characters
white hat hackers
work at the request of the system owners to find system vulnerabilities and plug the holes
Dictionary attack
works by hashing all the words in a dictionary and then comparing the hashed value with the system password file to discover a match.