Computer Security Fundamentals

Questions and Answers

Which of the following best describes the primary objective of computer security?

• To ensure continuous technological innovation and advancement.
• To promote open access and unrestricted sharing of digital information.
• To preserve the integrity, availability, and confidentiality of information system resources. (correct)
• To maximize the speed and efficiency of information processing.

What is the main motivation behind attacks targeting intellectual property?

• To disrupt network services and cause widespread outages
• To test the effectiveness of advanced intrusion detection systems.
• To clone hardware for profit or leak sensitive information. (correct)
• To develop new methods for securing digital communications.

Which type of malware disguises itself as beneficial software to deceive users?

• Worm
• Spyware
• Trojan horse (correct)
• Adware

What is the primary goal of a Disaster Recovery Plan (DRP)?

To resume normal computing capabilities as quickly as possible after a disaster. (A)

Which of the following describes a hypothetical attack that activates malicious code after a specific time or event?

Time bomb (D)

What is a botnet?

A collection of computers infected with malware and controlled remotely. (C)

Which of the following elements are included in the CIA triad?

Confidentiality, Integrity, Availability (D)

What is the primary purpose of malware?

To harm or gain unauthorized access to a targeted computer. (A)

Which activity is considered risk mitigation?

Eliminating, reducing, or controlling risks. (D)

What is the primary objective of risk management?

To reduce risk to an acceptable level. (C)

Which type of malware is primarily designed to display unwanted advertisements on a user's computer?

Adware (C)

What is a manufacturing backdoor in the context of hardware security?

A secret entry point deliberately inserted into hardware during manufacturing. (C)

Which of the following best describes the primary behavior of a worm?

It actively seeks out more machines to infect and replicate itself. (D)

What is the key characteristic of a phishing attack?

Tricking individuals into revealing sensitive information via deceptive emails or messages. (A)

What is the main purpose of ransomware?

To deny or restrict access to files and demand payment for their release. (B)

What is the primary goal of a distributed denial-of-service (DDoS) attack?

To disrupt the availability of a server by overwhelming it with requests. (C)

How does a virus typically spread?

By infecting programs and modifying them to include a copy of the virus. (B)

What is the distinguishing characteristic of a Trojan horse?

Its disguise as a legitimate file or program. (D)

What activity is characteristic of spyware?

Secretly recording a user’s online activity without their knowledge. (B)

What is the purpose of a Business Impact Analysis (BIA)?

To evaluate the potential effects of an interruption to critical business operations. (A)

Flashcards

Goal of Computer Security?

To preserve the integrity, availability, and confidentiality of information system resources.

Motivation for Intellectual Property Attacks?

To clone hardware or leak information.

Trojan Horse

A type of malware that poses as beneficial software.

Disaster Recovery Plan (DRP)

A plan to resume normal computing capabilities in as little time as possible after a disaster.

Time Bomb

A hypothetical attack that triggers malicious behavior after a predetermined amount of time.

Botnet

A collection of computers that are infected with malware and can be controlled remotely.

CIA Triad

Confidentiality, Integrity, Availability.

Malware

A specific set of codes or an application designed to harm or gain access to a targeted computer.

Risk Mitigation

The process of eliminating, reducing, or controlling risks.

Goal of Risk Management?

To reduce risk to an acceptable level.

Adware

A type of malware that serves pop-ups and display ads.

Common Hardware Attack?

Manufacturing backdoors.

Worm

A program that actively seeks out more machines to infect.

Phishing

A type of social engineering attack that involves sending emails or messages that appear to be from trusted sources.

Ransomware

A type of malware that denies or restricts access to your own files and demands payment.

Distributed Denial-of-Service Attack?

An attempt to stop a public server by overwhelming it with requests.

Virus

A piece of software that infects programs by modifying them to include a copy of the virus.

Trojan Horse?

A malicious program that disguises itself as a legitimate file.

Spyware

A type of malware that secretly records your online activity.

Purpose of Business Impact Analysis (BIA)?

To evaluate the potential effects of an interruption to critical business operations

Study Notes

• Computer security's main objective is to maintain the confidentiality, integrity, and availability of information systems and resources.
• Intellectual property attacks are often motivated by a desire to clone hardware or steal data.
• A Trojan horse is a type of malware that appears to be helpful software.
• A Disaster Recovery Plan (DRP) is designed to restore normal computing functions as quickly as possible after a disaster.
• A time bomb is a type of attack that is pre-programmed to execute malicious actions after a set amount of time.
• A botnet is a network of computers infected with malware that can be controlled remotely.
• The CIA triad consists of Confidentiality, Integrity, and Availability.
• Malware is a set of code or an application created to harm or gain unauthorized access to a computer.
• Risk mitigation reduces, eliminates, or controls risks.
• Risk management's primary goal is to lower risk to an acceptable level.
• Adware is a kind of malware that shows pop-up and display advertisements.
• Manufacturing backdoors are a common type of hardware attack.
• A worm is a program that actively seeks out more computers to infect.
• Phishing is a type of social engineering attack that uses deceptive emails or messages that appears to be from trusted sources.
• Ransomware restricts access to files and demands payment.
• A distributed denial-of-service attack attempts to overwhelm a public server with requests, rendering it unavailable.
• A virus is a piece of software that replicates itself by inserting its code into other programs.
• A Trojan horse is a malicious program disguised as a legitimate file.
• Spyware secretly tracks online activity.
• Using a risk register is the most typical method of risk management.
• A slow, crashing, or freezing computer indicates a malware infection.
• A hardware backdoor is a hardware flaw that permits unauthorized access.
• A Business Impact Analysis (BIA) assesses the possible implications of a disruption to essential business operations.
• A Business Continuity Plan (BCP) is a strategy for maintaining essential operations during and after unexpected events.