CHAP 11

 Threat
A person or organization which seeks to obtain or alter data or other IS assets
illegally.
 Vulnerability
An opportunity for threats to gain access to individual or organizational assets.
 Safeguard
Some measure that individuals or organizations take to block the threat from
obtaining an asset.
 Target
Asset desired by a threat.
 Sources to Information System Threats
Human Error
2. Computer Crime
3. Natural Disasters
 Types of Security Loss
Unauthorized Data Disclosure
2. Incorrect Data Modification
3. Faulty Service
4. Denial of Service
5. Loss of Infrastructure
 Unauthorized Data Disclosure
When a threat obtains data that is supposed to be protected.
(ie. Pretexting (deception of identity), Phishing, Spoofing (IP address masking),
Sniffing (Intercepting communications), and Wardrivers (Wireless Connection).
Packet sniffers are used to capture network traffic and monitor it.
 Hacking
Breaking into computers, servers, or networks to steal data.
 Usurpation
Invading a computer and replacing valid program's with their own.
 Denial of Service (DoS)
When humans shut down websites with an overflow of requests consuming all
resources.
 Advanced Persistent Threat (APT)
A sophisticated, possibly long-running computer hack that is perpetrated by
large, well-funded organizations and governments.
 Intrusion Detection System (IDS)
A computer program that senses when another computer is attempting to scan or
access a computer or network.
 Brute Force Attack
When a password cracker attempts every possible combination of characters.
 Technical Safeguards
Involve hardware and software to prevent data disclosure.
 What are the five main Technical Safeguards?
 Identification and Authentication
2. Encryption
3. Firewalls
4. Malware Protection
5. Design for secure applications
 Encryption
Turning clear text into coded, unintelligible text for secure storage or
communication. Solved using a key and a cipher. Symmetric and Asymmetric
Encryption.
 Secure Socket Layer (SSL) and Transport Layer Security (TLS)
A combination of both public encryption and symmetric encryption.
 Firewall
A computing device that prevents unauthorized network access.
 Perimeter and Internal Firewalls and Packet Filtering Firewalls
Perimeter firewalls protect a whole organization while Internal Firewalls are
located within the organization network. Packet Filtering firewalls analyze each
part of a message and determines whether or not to let it in.
 Malware
A broad category which involves viruses, spyware, and adware.
 SQL injection attack
When users enter an SQL statement where a name or data should occur.
 Data Safeguards
Protect databases and other organizational data.
 Data Administration
An organization wide function that is in charge of developing data policies and
data standards.
 Database Administration
Refers to a function that pertains to a particular database.
 Human Safeguards
Involve the people and procedure components of information systems. They
occur when authorized users follow appropriate procedures for system use and
recovery.
 What are the four human safeguards?
Position Definition
2. Hiring and Screening
3. Dissemination and Enforcement
4. Termination
5. Account Management
6. Password Management
7. Help-Desk Policies
 Hardening
Taking extraordinary procedures to reduce a system's vulnerability.
 Honeypots
False targets for hackers.
 How should organizations respond to security threats?
 Have a plan in place
2. Centralized Reporting
3. Specific Responses
4. Practice
 
A ________ is a person or organization that seeks to obtain data or other assets illegally, without the owner's
permission and often without the owner's knowledge.
A) target
B) vulnerability
C) threat
D) warning
C
Which of the following is considered a threat caused by human error? 
A) An employee inadvertently installs an old database on top of the current one.
B) An employee intentionally destroys data and system components.
C) A virus and worm writer infects computer systems.
D) A hacker breaks into a system to steal for financial gain.
A
Which of the following is considered a computer crime?
A) internal software bug deleting customer records
B) poorly written programs resulting in data losses
C) loss of data as a result of flooding
D) hacking of information systems
D
________ occurs when someone deceives by pretending to be someone else.
A) Hacking 
B) Baiting 
C) Sniffing 
D) Pretexting
D
When referring to security threats, pretexting, sniffing, spoofing, and phishing are all examples of ________.
A) unauthorized data disclosure
B) incorrect data modification
C) faulty services
D) loss of infrastructure
A
A ________ pretends to be a legitimate company and sends an email requesting confidential data, such as account
numbers, Social Security numbers, account passwords, and so forth.
A) hacker 
B) phisher 
C) safeguard 
D) sniffer
B
Email spoofing is a synonym for ________.
A) hacking
B) phishing
C) usurping
D) sniffing
B
________ is a technique for intercepting computer communications, either through a physical connection to a
network or without physical connection in the case of wireless networks.
A) Spoofing 
B) Phishing 
C) Sniffing 
D) Pretexting
C
________ take computers with wireless connections through an area and search for unprotected wireless networks
and then monitor and intercept wireless traffic at will.
A) Drive-by spoofers
B) Pretexters
C) Drive-by sniffers
D) Phishers
C
Which of the following is an example of a sniffing technique?
A) IP spoofing
B) caches
C) ad blockers
D) adware
D
________ occurs when a person breaks into a network to steal data such as customer lists, product inventory data,
employee data, and other proprietary and confidential data.
A) Pretexting
B) Phishing
C) Hacking
D) Spoofing
C
Which of the following is most likely to be the result of hacking?
A) certain Web sites being blocked from viewing for security reasons
B) small amounts of spam in your inbox
C) an unexplained reduction in your account balance
D) pop-up ads appearing frequently
C
________ occurs through human error when employees do not follow proper procedures or when procedures have
not been well designed.
A) Unauthorized data disclosure
B) Incorrect data modification
C) Denial of service
D) Loss of infrastructure
B
________ occurs when computer criminals invade a computer system and replace legitimate programs with their own
unauthorized ones that shut down legitimate applications and substitute their own processing to spy, steal and
manipulate data, or other purposes.
A) Hacking
B) Spoofing
C) Phishing
D) Usurpation
D
Which of the following usually happens in a malicious denial-of-service attack?
A) A hacker monitors and intercepts wireless traffic at will.
B) A hacker floods a Web server with millions of bogus service requests.
C) A hacker uses another site's IP address to masquerade as that other site.
D) A phisher pretends to be a legitimate company and requests confidential data.
B
________ present the largest risk for an organization's infrastructure loss.
A) Employees
B) Natural disasters
C) Hackers
D) Competitors
B
A(n) ________ is a computer program that senses when another computer is attempting to scan the disk or otherwise
access a computer.
A) IDS
B) botnet
C) antivirus
D) firewall
A
Nonword passwords are vulnerable to a(n) ________ attack, in which the password cracker tries every possible
combination of characters.
A) denial-of-service
B) side channel
C) brute force
D) obfuscation
C
________ are small files that your browser stores on your computer when you visit Web sites and enable you to
access Web sites without having to sign in every time.
A) Cookies
B) Registers
C) Pop-ups
D) Public keys
A
________ enable you to access Web sites without having to sign in every time.
A) Bookmarks
B) Pop-ups
C) Cookies
D) Public keys
C
Which of the following is a critical security function of senior management in an organization?
A) safeguarding computer hardware and software 
B) developing IS security software
C) establishing the security policy and managing risk
D) managing security programs on a real-time basis
C
The Privacy Act of 1974 provides protection to individuals regarding ________.
A) records held by private companies
B) records held by the U.S. government
C) records held by banks and other financial institutions
D) records held by non-government agencies
B
Which of the following was passed to give individuals the right to access their own health data created by doctors and
other healthcare providers?
A) Privacy Act of 1974
B) Sarbanes-Oxley Act
C) HIPAA of 1996
D) Gramm-Leach-Bliley Act
C
Which of the following is an example of a technical safeguard?
A) position definitions
B) firewalls
C) key escrow
D) locked down servers
B
A(n) ________ has a microchip in it to hold data. 
A) ATM card
B) smart card
C) cookie
D) escrow
B
Users of smart cards are required to enter a ________ to be authenticated.
A) Social Security number 
B) public key
C) personal identification number 
D) private key
C
Which of the following is used for biometric authentication?
A) smart cards
B) facial features
C) passwords
D) personal identification numbers
B
Which of the following statements is true of biometric identification?
A) It involves the use of a PIN for authentication.
B) It provides weak authentication.
C) It is a relatively inexpensive mode of authentication.
D) It often faces resistance from users for its invasive nature.
D
A ________ is a number used to encrypt the data.
A) key
B) WPA
C) pretext
D) WEP
A
In asymmetric encryption, each site has a ________ for encoding messages.
A) wireless fidelity
B) private key
C) public key
D) pretext
C
________ is the process of transforming clear text into coded, unintelligible text for secure storage or communication.
A) Inscription
B) Etching
C) Encryption
D) Decryption
C
With ________ encryption, the sender and receiver transmit a message using the same key.
A) asymmetric
B) coaxial
C) symmetric
D) collinear
C
Secure Socket Layer is also known as ________.
A) application security layer
B) transport layer security
C) presentation layer security
D) network security layer
B
Which of the following is true of the Secure Socket Layer (SSL)?
A) It uses only asymmetric encryption. 
B) It is a useful hybrid of symmetric and asymmetric encryption techniques.
C) It works between Levels 2 and 3 of the TCP-OSI architecture.
D) It is a stronger version of HTTPS.
B
You are transferring funds online through the Web site of a reputed bank. Which of the following displayed in your
browser's address bar will let you know that the bank is using the SSL protocol?
A) http
B) www
C) https
D) .com
C
A ________ examines each part of a message and determines whether to let that part pass.
A) packet-filtering firewall
B) private key
C) mail server
D) Web server
A
________ is the term used to denote viruses, worms and Trojan horses.
A) Malware
B) Kerberos
C) Usurpation
D) Spam
A
A virus is a computer program that replicates itself. The program code that causes unwanted activity is called the
________.
A) payload
B) Trojan
C) bot herder
D) key escrow
A
________ are viruses that masquerade as useful programs or files.
A) Adware
B) Firmware
C) Trojan horses 
D) Payloads
C
A ________ is a type of virus that propagates using the Internet or other computer networks.
A) worm
B) sniffer
C) Trojan horse
D) phisher
A
What is a major difference between spyware and adware?
A) Unlike spyware, adware does not perform malicious acts.
B) Unlike spyware, adware steals data from users.
C) Unlike spyware, adware is installed with the user's permission.
D) Unlike spyware, adware does not observe user behavior.
A
________ is similar to spyware but it watches user activity and produces pop-ups.
A) Cookies
B) Adware
C) Payloads
D) Beacon
B
An SQL ________ occurs when users enter an SQL statement into a form in which they are supposed to enter a
name or other data.
A) password attack
B) data attack
C) brute attack
D) injection attack
D
________ refers to an organization-wide function that is in charge of developing data policies and enforcing data
standards.
A) Data administration
B) Database administration
C) Database management
D) Data safeguard
A
ERP, CRM, and MRP are examples of ________.
A) data policies
B) databases
C) data safeguards
D) network security policies
B
________ is a staff function to the chief information officer.
A) Data administration
B) Technical safeguard
C) Network security
D) Human safeguard
A
A safety procedure that allows a trusted party to have a copy of the encryption key is called key ________.
A) CRM
B) escrow 
C) ERP
D) SQL injection
B
________ protect databases and other organizational data.
A) Databots
B) Payloads
C) Data safeguards
D) Data strings
C
The computers that run the DBMS and all devices that store database data should reside in locked, controlled-access
facilities. This is done to achieve ________.
A) network security
B) spoofing
C) brute force
D) physical security
D
In a locked room, maintaining the computers of an organization that run the DBMS is a part of ________.
A) malware safeguards
B) recovery procedures
C) physical security procedures
D) data rights and responsibilities
C
________ involve the people and procedure components of information systems.
A) Firewalls
B) Technical safeguards
C) Human safeguards
D) Payloads
C
Which of the following statements about human safeguards for employees is true?
A) Security screening in an organization is a one-time process and applies only to new employees.
B) Users' computer accounts should give users the least possible privilege necessary to perform their jobs.
C) Companies can provide user accounts and passwords to employees prior to their security training.
D) There are only two main aspects to security enforcement: responsibility and accountability.
B
When an employee is terminated, IS administrators should receive advance notice so they can ________.
A) destroy the employee's records
B) plan for new recruitment
C) disseminate information
D) remove the user account and password
D
________ a site means to take extraordinary measures to reduce a system's vulnerability, using special versions of
the operating system.
A) Leveling
B) Hardening
C) Authenticating 
D) Certifying
B
The process of hardening is actually a ________ safeguard.
A) multiple
B) financial
C) technical
D) physical
C
________ are the primary means of authentication and are important not just for access to a user's computer, but
also for authentication to other networks and servers to which the user may have access.
A) Private keys
B) User names
C) Passwords
D) Personal identification numbers
C
Which of the following systems procedures is specifically the responsibility of operations personnel?
A) creating back up data on one's personal computer
B) using systems to perform job tasks
C) creating back up system databases
D) knowing whom to contact when a security breach occurs
C
________ helps in accomplishing job tasks during failure.
A) Back up site
B) Operations
C) Development 
D) Recovery
D
Firewalls produce ________ which include lists of all dropped packets, infiltration attempts, and unauthorized access
attempts from within the firewall.
A) hot sites
B) blogs
C) activity logs
D) monitor sheets
C
________ are false targets for computer criminals to attack.
A) Bot herders
B) Hot sites
C) Honeypots
D) Beacons
C