Social Psychology
10th EditionElliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson
525 solutions
Operations Management: Sustainability and Supply Chain Management
12th EditionBarry Render, Chuck Munson, Jay Heizer
1,698 solutions
Anderson's Business Law and the Legal Environment, Comprehensive Volume
23rd EditionDavid Twomey, Marianne Jennings, Stephanie Greene
369 solutions
Human Resource Management
15th EditionJohn David Jackson, Patricia Meglich, Robert Mathis, Sean Valentine
249 solutions
Upgrade to remove ads
Only ₩37,125/year
- Social Science
- Sociology
-
Flashcards
-
Learn
-
Test
-
Match
-
Flashcards
-
Learn
-
Test
-
Match
Terms in this set (60)
Why is it important for firms to understand the threat environment?
If you do not know how you may be attacked, you cannot defend yourself.
Three common security goals
1. Confidentiality
2. Integrity
3.
Availability
C-I-A.
Confidentiality
People cannot read sensitive information, either while its on a computer or while traveling across a network.
Integrity
Attackers cannot change or destroy information (either on computer or network). Or, if information is changed or destroyed, the receiver can detect the change or restore destroyed data.
Availability
People who are authorized to use information are not prevented from doing so. Computer/network attacks won't keep them from viewing authorized information.
Incident
When a threat succeeds in causing harm to a business
Synonyms for incident
Breach, compromise
Countermeasures
Methods used to thwart attacks.
Synonyms for countermeasures
Safeguards, protections, controls
Goal of countermeasures
Goal of countermeasures is to keep business processes on track for meeting business goals (despite presence of threat or actual compromise).
Three types of countermeasures
1. Preventative countermeasures
2. Detective countermeasures
3. Corrective countermeasuress
What was reason(s) for TJX break-in?
Multiple security reasons.
1. They did not implement PCI-DSS control objectives for
a long time
2. They used an insecure WEP network and didn't change it because it was too expensive.
3. They collected too much information from customers
4. No processes were in place to test security regularly.
Why would the PCI-DSS control objectives have prevented the TJX data breach?
Because if they implemented the controls the thiefs would not have been able to infiltrate the systems and gather all that information. They would have been detected early.
Which of the CIA goals did TJX fail to achieve in the attack?
Confidentiality
Four reasons why employees are especially dangerous.
1. Have extensive knowledge of systems.
2. Have the credentials needed to access sensitive parts of systems.
3. Know corporate control
mechanisms and so often know how to avoid detection.
4. Can benefit from the trust that is accorded to "our people"
What type of employee is most dangerous?
IT (especially IT security) professionals
Sabotage
The destruction of hardware, software, or data. Plant time bomb or logic bomb on computer.
Give book's definition of hacking.
Intentionally accessing a computer resource without authorization or in excess of authorization.
What is intellectual property?
Information owned by the company and protected by law.
What two types of things are employees likely to steal?
1.
Financial theft (money)
2. Intellectual property (trade secrets, copyrights, patents, trade names, and trademarks).
Difference between intellectual property in general and trade secrets
Intellectual property: Formally protected information owned by the company and protected by law (includes copyrights, patents, trade names, and trademarks).
Trade secrets: Intellectual information that a firm acts to keep a secret (includes plans, product formulations, business processes, price lists, customer lists, and other information they don't want to share with competitors)
Extortion
Perpetrator tries to obtain money or other goods by threatening to take actions that would be against the victim's interest.
What is employee computer and Internet abuse?
Activities that violate a company's IT use policies or ethics policies.
Most commonly done by downloading porn, pirated media, or software, or wasting many hours surfing the Internet for personal purposes.
Who besides employees constitute potential "internal" threats?
Contract workers.
Malware
Evil software.
Includes viruses, worms, Trojan horses, RATs, spam.
Differences between viruses and worms.
Viruses:
- Programs that attach themselves to legitimate programs on the victim's machine
- Spread today primarily by e-mail (also IM, file transfer)
Worms:
- Full programs that do not attach themselves to other programs
- Also spread by e-mail, IM, and file transfer.
- Direct propagation
worms can spread extremely rapidly.
How do propagating worms move between computers?
They take advantage of vulnerabilities in software. When a DP worm jumps to a computer that has th specific vulnerability, it can install itself on that computer and use it to jump to other computers -- all without user interaction.
They can spread very rapidly.
Why are direct propagating worms especially dangerous?
They can spread extremely quickly because they require no user action, so they can cause tremendous damage before it's noticed by humans.
What is a virus or worm payload?
Payload is the piece of code in virus/worms that does the damage.
Malicious payloads an do extreme damage, by randomly deleting files, or installing other malware, or turning off security software.
How can non-mobile malware be delivered to computers?
- Having a hacker place it there
- Having a virus or worm place it there as part of its payload.
- Enticing the victim to download the malware from a website or FTP site by portraying the malware as a useful program or data file.
- Attaching hostile mobile code to a webpage and executing it on a victim's
computer when the victim downloads the webpage.
Trojan horse
A program that hides itself by deleting a system file and taking on its file name.
Remote Access Trojan (RAT)
Gives the attacker remote control of your computer.
Downloader
Small Trojan horses that download larger Trojan horses after the downloader is installed.
Spyware
Programs that gather information about you and make it available to the adversary.
Examples: Cookie that store TMI, keystroke loggers, password-stealing spyware, data mining spyware.
Why can cookies be dangerous?
They might record too much sensitive information about you.
Distinguish between keystroke loggers, password-stealing spyware, and data-mining spyware.
Keystroke logger: Captures all your keystrokes
Password-stealing sw: tells you that you have been logged out of the server you are visiting and asks you to retype your user/pass -- then sends this information to attacker.
Data-mining spyware: Searches through your HD for same types of information sought by keystroke loggers, then sends it to attacker.
Distinguish between Trojan horses and rootkits.
Trojan horses disguise themselves as system files by taking on their name.
Rootkits take over the root account and use its privileges to hide themselves.
Why are rootkits especially dangerous?
They prevent the operating systems' file-viewing methods from detecting their presence, and are seldom caught by antivirus programs.
Rootkit detection programs often are specific to particular rootkits.
Mobile code
Executable code on a webpage
Social engineering
Attacks that take advantage of flawed human judgment by convincing the victim to take actions that are counter to security policies.
Spam
Unsolicited commercial e-mail.
Phishing
Victims receive e-mail messages that appear to come from a bank or another firm that the victim does business. The message may even direct the victim to authentic-looking website.
Phishing v. Spear Phishing
Phishing attacks are aimed at duping as many victims as possible.
Spear phishing attack aimed at a single individual or small group.
Why are hoaxes bad?
They make the victim feel stupid when they tell other people what they "learned" or may persuade the victim to damage their own computer.
Motivations of traditional external hackers?
Primarily by the thrill of break-ins, by the validation of their skills, and by a sense of power.
Did traditional external hackers engage in theft?
Many did and continue to engage in some direct theft, extortion, and other damage to support their "hobby"
Difference between IP address scanning and port scanning
IP Scanning probes packets designed to find hosts that are active because active hosts can be attacked.
Port Scanning probes to know what programs the identified hosts are running because most attacks rely on vulnerabilities in specific programs.
What is an exploit
The specific attack method that the attacker uses to break into the computer
What is IP address spoofing?
Placing a different IP address in the source IP field so the victim cannot learn the attacker's true IP address.
When can an attacker NOT use IP address spoofing?
Probe packets cannot be spoofed because the attacker relies on the host replying to the probe packet. (Spoofing it will prevent them from receiving the reply).
How does attacker conceal identity when they are not spoofing IP address?
Chain of attack computers previously compromised by the attacker.
How can social engineering be used to get access to a sensitive file?
A hacker calls a secretary claiming to be her boss, then asks for sensitive information or restricted files.
Piggybacking
Following someone through a secure door without entering a pass code.
Shoulder surfing
Looking over someone's shoulder when he or she types a password
Pretexting
Attacker calls claiming to be a certain customer in order to get private information about that customer.
DoS Attack
Attempts to make a server or network unavailable to legitimate users.
DDoS Attack
Attacker places programs (bots) on many hosts. Later, botmaster sends message to all bots to flood a server or network listed in the attack message with attack packets.
Describe a SYN flooding attack in some detail.
The attacker can cause the server to run out of resources and therefore crash or be unable to respond to further connection-opening attempts from legitimate users.
What two types of updates can a botmaster send to bots?
- Software updates to bots
- Updates that give new functionality to
bots
Why do many botnets have multiple owners over time?
If they're not being used or the IP addresses are locked out due to antispam efforts, they can be leased or sold to others.
Students also viewedChapter 3 Test 1
80 terms
marclindauer
network and security review exam 1
169 terms
Vandara
NETSEC 2
124 terms
wjl1351
ITN 266
100 terms
j_sppran
Sets found in the same folderNETSEC 2
124 terms
wjl1351
ITN 266 Chapter 8
96 terms
ChiefSakeef
IT 223
381 terms
lil_programmer
Security Chapter 2
45 terms
bhayes30
Verified questions
sociology
In a supervisor system, a board of supervisors is responsible for governing the county, overseeing departments, and creating policies. governing the county, with little power to create policies. governing the county with a council and an executive. governing the county, creating policies, and supervising a council.
Verified answer
sociology
Many people appear to be less interested in religion during their teenage years. This might be seen in falling church attendance for this age group. Using your sociological imagination, suggest some reasons for this apparent lack of interest. Consider developmental (age) and social factors. Defending on your answers what suggestions might you make to religious organizations looking for ideas on how to keep teenagers involved and active?
Verified answer
sociology
Identify the following actions as desocialization (D), resocialization (R), or anticipatory socialization (A). a. First-year students acquire a new identity during their freshman year at a military academy. b. Prison personnel deliberately attempt to destroy the self-concepts of inmates. c. High school students identify with college students
Verified answer
sociology
Herbert Gans, a noted sociologist, has written about the functions of poverty. He says that poverty serves many useful purposes in society. For example, the poor act as dishwashers, maids, and parking attendants. What are some other ways in which poverty might benefit society? What are some conflicts that poverty causes?
Verified answer
Recommended textbook solutions
Information Technology Project Management: Providing Measurable Organizational Value
5th EditionJack T. Marchewka
346 solutions
Operations Management: Sustainability and Supply Chain Management
12th EditionBarry Render, Chuck Munson, Jay Heizer
1,698 solutions
Operations Management
13th EditionWilliam Stevenson
980 solutions
Organizational Behavior: Managing People and Organizations
13th EditionJean Phillips, Ricky W. Griffin, Stanley Gully
174 solutions
Other Quizlet setsEnvironmental Science Socrative
34 terms
brookemar9
Micro Ch. 7
24 terms
carlens_plaisir
AP US History Final
73 terms
Bebejerry123
задачи анат
100 terms
borisovapolina2906