Cybersecurity Quiz on Computer Security Principles

Questions and Answers

Which of the following activities is considered cybervandalism?

• Intentional disruption of a website (correct)
• Spoofing
• Identity theft
• System intrusion

Denial-of-service attacks (DoS) are designed to improve system performance.

False (B)

What is one method used for identity theft?

Phishing

Employee security threats often arise from ______ knowledge.

inside

Match the following terms related to computer security:

Spoofing = Impersonating to gain information Botnets = Networks of infected computers Click fraud = Generating fake clicks for revenue Zero-day vulnerabilities = Exploits known only to attackers

Which act mandates financial institutions to secure customer data?

Gramm-Leach-Bliley Act (C)

User error has the highest probability of loss in online order processing risk assessments.

True (A)

What does disaster recovery planning focus on?

Restoration of disrupted services

The _______ Act imposes responsibility on companies to safeguard financial information accuracy.

Sarbanes-Oxley

Match the following tools with their functions:

Firewalls = Prevent unauthorized access to networks Biometric authentication = Uses unique biological traits for identification Identity management software = Automates tracking of user access Tokens = Provide a physical method of authentication

What is the purpose of risk assessment in a firm?

To determine levels of risk (A)

Computer forensics involves the collection of digital evidence for use in courts.

True (A)

What is an acceptable use policy (AUP)?

Defining acceptable uses of firm’s information resources and equipment

Power failure has an expected annual loss of $______ in online order processing risk assessments.

30,750

Match the following security audits with their functions:

Information systems audit = Examines overall security environment Security audits = Review procedures and training Control weaknesses = List and rank potential issues Financial assessments = Evaluate impact of threats on finances

Which of the following encryption methods uses a public key and a private key?

Public key encryption (D)

WEP security is more secure than WPA2 specification.

False (B)

What is the role of a certification authority (CA) in public key infrastructure (PKI)?

To validate a user's identity and generate digital certificates.

The ______ security system monitors corporate networks to detect and deter intruders.

Intrusion detection

Match the following encryption techniques with their descriptions:

SSL = Secure Sockets Layer for data transmission S-HTTP = Secure Hypertext Transfer Protocol TLS = Transport Layer Security, successor to SSL Public key encryption = Encryption using two related keys

What is one of the key features of blockchain technology?

Decentralized transaction records (C)

Fault-tolerant computer systems are designed to create an environment that provides continuous service.

True (A)

What do security level agreements (SLAs) ensure in cloud computing environments?

They ensure that the cloud service provider meets specified security and performance standards.

The most recent wireless security specification is ______.

WPA3

What method is commonly used to test software for bugs?

Walkthrough (A)

What is one of the key reasons why information systems are vulnerable?

Inadequate security policies (A)

Malicious software includes only viruses and worms.

False (B)

What are two main components of security in information systems?

Security policies and controls

The ________ challenges refer to the threats posed by email, IM, and P2P networks.

Internet Vulnerabilities

Which of the following is a method used by eavesdroppers to gain network access?

War driving (B)

Match the types of malicious software with their descriptions:

Virus = Malicious code that attaches to clean files and spreads to other clean files. Worm = A standalone malware that replicates itself to spread to other computers. Trojan Horse = A deceptive program that appears legitimate but performs harmful actions. Spyware = Software that collects data from users without their knowledge.

Ransomware is a type of malicious software that encrypts data and demands payment for its release.

True (A)

What is a common risk associated with the loss and theft of portable devices?

Data breach or unauthorized access to sensitive information

Flashcards

Cybervandalism

Intentional disruption, defacement, or destruction of a website or corporate information system.

Denial-of-service attack (DoS)

A type of attack that aims to overwhelm a server with traffic, making it unavailable to legitimate users.

Distributed denial-of-service attack (DDoS)

Similar to a DoS attack, but uses multiple compromised computers (botnet) to launch the attack.

Botnet

A network of compromised computers under the control of a hacker, often used for malicious purposes like launching DDoS attacks.

Software Vulnerabilities

Software flaws that create security vulnerabilities, making systems susceptible to attacks.

What is security?

Policies, procedures, and technical measures to prevent unauthorized access, alteration, theft, or physical damage to information systems.

What are controls?

Methods, policies, and procedures to ensure asset safety, accurate accounting records, and operational adherence to management standards.

What makes systems vulnerable?

Network accessibility, hardware issues, software problems, disasters, use of networks outside company control, and lost or stolen portable devices.

What vulnerabilities exist on the internet?

The internet is open to anyone, corporate networks are linked to it, emails, instant messaging, and P2P can increase risks.

What security challenges exist with wireless networks?

Bluetooth and Wi-Fi networks are susceptible to hacking, and sniffer programs can identify access points by their SSIDs (service set identifiers).

What is malware?

Malicious software aimed at damaging or stealing data. It can spread through downloads, email attachments, and even social networks.

What are some types of malware?

Trojan horses disguise themselves as legitimate software, SQL injections exploit vulnerabilities in databases, ransomware encrypts data and demands payment, and spyware steals data like keystrokes.

What are hackers and computer crime?

Hackers attempt to gain unauthorized access to systems, while computer crime involves illegal activities using computers. Both threaten security and privacy.

Information System Security

Procedures for protecting sensitive data, ensuring business continuity, and complying with regulations. Includes risk assessment, security policies, access controls, disaster recovery, and auditing.

Security Policy

A document that summarizes an organization's security goals, acceptable uses of IT resources, and mechanisms for achieving these goals.

Authentication

A method of verifying a user's identity and granting them appropriate access to information systems.

Firewall

A software or hardware barrier that prevents unauthorized access to private networks.

Information Systems Audit

A systematic examination of a company's security environment and controls governing individual information systems.

Disaster Recovery Planning

A plan that outlines how to restore disrupted services after a disaster.

Risk Assessment

The process of identifying potential risks, their likelihood, and their impact on an organization's information systems.

General Control

A type of security control that governs the design, security, and use of computer programs and data files throughout an organization. Includes software, hardware, operations, and data security controls.

Application Control

Controls unique to each computerized application, ensuring data accuracy and integrity. Includes input, processing, and output controls.

Identity Management

A type of security control that involves identifying valid users and controlling their access to information systems.

Intrusion Detection System (IDS)

A system that monitors network activity for suspicious patterns, detecting and deterring intrusions. It acts as a security guard, watching for unusual behavior and alerting administrators.

Antimalware and Antispyware Software

Software designed to identify and remove malicious software such as viruses, worms, and spyware. It helps keep your computer safe from threats.

Unified Threat Management (UTM)

A security system that combines various security functions into a single, integrated platform, providing comprehensive protection against multiple threats. Imagine a multi-purpose security shield.

Symmetric Key Encryption

An encryption method that uses a single, shared key for both encryption and decryption by the sender and receiver. Imagine a secret code that only two people know.

Public Key Encryption

A method of encryption that uses two mathematically related keys: a public key for encryption and a private key for decryption. Imagine a public mailbox where anyone can drop a message (encrypt), but only the owner has the key to open it.

Digital Certificate

A data file that digitally establishes the identity of users and electronic assets, ensuring trust in online transactions. Imagine a digital passport for verifying identity online.

Public Key Infrastructure (PKI)

A framework that uses public key cryptography and a trusted third party, known as a Certificate Authority (CA), to manage and verify digital certificates, ensuring secure online communication. Imagine a trusted agency verifying and issuing digital passports for online transactions.

Blockchain

A decentralized and secure transaction database that uses encryption to verify users and transactions. Imagine a public ledger that is tamper-proof and transparent.

Fault-Tolerant Computer Systems

Computer systems designed with redundant hardware, software, and power supply components to provide continuous, uninterrupted service, even in the event of failures. Imagine a system with backup power and duplicate parts for reliability.

Digital Resiliency

The ability of an organization to maintain and enhance its resilience to disruptions and threats. It involves planning, preparation, and continuous improvement of business processes to minimize the impact of disruptions. Imagine a system that can adapt and bounce back from challenges.

Study Notes

Lecture 6: BHMS4472 ICT in Business - Securing Information Systems

• ICT refers to Information, Communication, and Technology.
• Learning Objectives include:
  • Understanding why information systems are vulnerable to destruction, error, and abuse.
  • Knowing the business value of security and control.
  • Identifying the components of an organizational framework for security and control.
  • Recognizing important tools and technologies for safeguarding information resources.
• Systems are Vulnerable (1 of 2):
  • Security involves policies, procedures, and technical measures to prevent unauthorized access, alteration, theft, or physical damage to information systems.
  • Controls are methods, policies, and organizational procedures for ensuring asset safety, accounting record accuracy and reliability, and operational adherence to management standards.
• Systems are Vulnerable (2 of 2):
  • Accessibility of networks is a vulnerability.
  • Hardware problems (breakdowns, configuration errors, damage) are risks.
  • Software problems (programming errors, installation errors, unauthorized changes) are risks.
  • Disasters are potential risks.
  • Use of networks/computers outside of firm's control is a vulnerability.
  • Loss and theft of portable devices is a risk.
• Contemporary Security Challenges:
  • Unauthorized access, errors, tapping, sniffing, message alteration, theft and fraud, and radiation are client-side vulnerabilities
  • Hacking, malware, theft of data, theft and fraud, copying data, vandalism, denial-of-service attacks, alteration of data, hardware failure and software failure are corporate server-side vulnerabilities.
  • Corporate systems are vulnerable to security challenges including attacks on data, hardware, and software.
• Internet Vulnerabilities:
  • Networks open to anyone. Size means abuses can have a wide impact.
  • Corporate networks linked to the Internet are more vulnerable.
  • Email, IM, and P2P increase vulnerability. Email attachments with malicious software can be used to send trade secrets, confidential data, and compromise a secure network.
  • IM systems can also serve as a backdoor into secure networks.
  • P2P systems can transmit malicious software, and expose corporate data.
• Wireless Security Challenges:
  • Bluetooth and Wi-Fi networks are susceptible to hacking.
  • Radio frequency bands are easy to scan.
  • SSIDs (service set identifiers) can be broadcast multiply times, and identified using sniffer programs.
  • War driving refers to eavesdroppers driving by buildings trying to detect SSIDs and gain access to network and resources.
  • Rogue access points can provide unauthorized access.
• Wi-Fi Security Challenges:
  • Legitimate users and intruders interact with the access point using authentication requests, challenges, responses and success.
• Malicious Software (1 of 2):
  • Malware (malicious software) is a risk.
  • Viruses, worms, Trojan horses, and spyware are types of malware.
  • Worms and viruses spread through downloads, drive-by downloads, Email or IM attachments.
  • Mobile device malware and social network malware are also threats.
• Malicious Software (2 of 2):
  • Trojan horses, SQL injection attacks, and ransomware are examples of malicious software
  • Key loggers are one type of spyware that may reset browser home pages, redirect search requests, and slow computer performance.
• Hackers and Computer Crime (1 of 4):
  • Hackers vs. crackers
  • Activities involving system intrusion, system damage, cyber-vandalism which includes intentional disruption, defacement, or destruction of websites or corporate information systems.
• Hackers and Computer Crime (2 of 4):
  • Denial-of-service attacks (DoS)
  • Distributed denial-of-service attacks (DDoS)
  • Botnets
  • Spam
• Hackers and Computer Crime (3 of 4):
  • Computer crime is defined as violations of criminal law that require the knowledge of computer technology.
  • Computers can be targets or instruments of crime.
• Hackers and Computer Crime (4 of 4):
  • Identity theft, phishing, evil twins, and pharming (malicious redirects) are methods of identity theft.
  • Click fraud, cyberterrorism, and cyber warfare are other forms of computer crime.
• Internal Threats:
  • Security threats often originate inside an organization.
  • Inside knowledge, sloppy security procedures (user lack of knowledge), social engineering, end users and information systems specialists are sources of risk.
• Software Vulnerability:
  • Commercial software contains flaws that create security vulnerabilities
  • Bugs are program code defects.
  • Zero defects cannot be achieved.
  • Flaws can open networks to intruders.
  • Zero-day vulnerabilities exist.
  • Patches and patch management fix software flaws.
  • Microprocessor design vulnerabilities, such as Spectre and Meltdown, exist.
• Business Value of Security and Control:
  • Failed computer systems have significant or total loss of business function.
  • Organizations are increasingly vulnerable financially.
  • Confidential, personal, and financial data is a key threat.
  • Trade secrets, new products are at risk.
  • Security breaches immediately affect a firm's market value.
  • Inadequate security and controls lead to liability issues.
• Legal and Regulatory Requirements:
  • HIPAA (Medical security and privacy rules/procedures), Gramm-Leach-Bliley Act (security and confidentiality of financial institution customer data), and Sarbanes-Oxley Act (accuracy and integrity of financial information). Electronic records management follows these legal requirements.
• Electronic Evidence and Computer Forensics:
  • Electronic evidence, often digital, is used in white-collar crimes.
  • Proper controls of data save time and money during legal discovery requests.
  • Scientific collection, examination, authentication, preservation, and analysis are core to computer forensics.
  • Recovery of ambient data is part of the process.
• Information Systems Controls:
  • Controls can be automated or manual.
  • General controls govern security and use of computer programs and data files.
  • Software, hardware, computer operations, data security, system development, and administrative controls are part of general controls.
  • Application controls are unique to specific applications including input, processing and output controls.
• Risk Assessment:
  • Risk assessment determines the level of risk if a process is not controlled.
  • Types of threat, probability of occurrence, potential losses and value of threat are elements in assessing probable risk. Expected annual loss is another factor to consider.
• Online Order Processing Risk Assessment (Example):
  • Specific exposure risks (Power failure, Embezzlement, User error) are evaluated for their levels of probability and potential losses to calculate expected annual loss for each.
• Security Policy:
  • Ranks information risks, identifies security goals and mechanisms for achieving those goals.
  • Acceptable use policy (AUP) defines acceptable uses of firm's resources and equipment. Identity management includes identifying users and controlling access.
• Access Rules (example):
  • Specific roles and access levels are defined to control data visibility and usage.
• Disaster Recovery Planning and Business Continuity Planning:
  • Disaster recovery plans restore disrupted services.
  • Business continuity plans focus on restoring business operations after a disaster.
  • Both types of plans need to identify the firm's most critical systems and the sequence of system restoration in an outage.
  • Business impact analysis is necessary.
• The Role of Auditing:
  • Information systems audit examines an organization's security environment and controls governing individual information systems.
  • Security audits review technologies, procedures, documentation, training, and personnel.
  • Audits may simulate disasters to test responses, weaknesses, and probabilities of occurrence.
  • Financial and organizational impact of each threat is assessed.
• Sample Auditor's List of Control Weaknesses (example):
  • Examples of identified internal control weaknesses and remediation are shown.
• Tools and Technologies for Safeguarding Information Systems (1 of 3):
  • Identity management software automates user and privilege tracking, authentication, and access controls.
  • Password systems, tokens, smart cards, biometric authentication, and two-factor authentication are examples.
• Tools and Technologies for Safeguarding Information Systems (2 of 3):
  • Firewalls combine hardware and software to prevent unauthorized network access.
  • Packet filtering, stateful inspection, network address translation (NAT), and application proxy filtering are firewall components.
• Tools and Technologies for Safeguarding Information Systems (3 of 3):
  • Intrusion detection systems monitor corporate networks to detect and deter intruders.
  • Antimalware and antispyware software checks for and often eliminates malware. Update requirements are necessary.
  • Unified threat management (UTM) systems provide comprehensive threat mitigation.
• Securing Wireless Networks:
  • WEP security uses static encryption keys that are easily cracked.
  • WPA2 replaces WEP with stronger standards, with continuously changing, longer encryption keys.
  • WPA3 is the most recent specification with even stronger encryption.
• Encryption and Public Key Infrastructure (1 of 3):
  • Encryption transforms text into cipher text. SSL and TLS (and S-HTTP) are methods of encryption.
• Encryption and Public Key Infrastructure (2 of 3):
  • Two methods of encryption are symmetric key encryption and public key encryption.
• Encryption and Public Key Infrastructure (3 of 3):
  • Digital certificates establish user and electronic asset identities.
  • Certification authorities (CAs) validate user's identities.
  • Public key infrastructure (PKI) uses public key cryptography with certificate authorities.
• Securing Transactions with Blockchain:
  • Blockchain is a secure transaction database that uses encryption to verify users and transactions.
  • Blockchain records cannot be changed.
  • Blockchain has some security vulnerabilities.
• Ensuring System Availability:
  • Online transaction processing needs 100% system availability.
  • Fault-tolerant systems use redundant hardware, software, and power supplies.
  • Security outsourcing can involve managed security service providers (MSSPs).
• Achieving Digital Resiliency:
  • Addresses how to maintain and increase the resilience of organizations and their businesses processes.
  • Attention is directed to managerial and organizational issues.
  • A single weak link can cause outage if resilience is not properly designed, tested, and measured.
• Security Issues for Cloud Computing and Mobile Digital Platforms (1 of 2):
  • Cloud security responsibility resides with the company owning the data.
  • Ensuring providers provide protection (storage location, corporate requirements, legal privacy, data segregation, audits and certifications, SLAs).
• Security Issues for Cloud Computing and Mobile Digital Platforms (2 of 2):
  • Security policies for mobile devices must include any special requirements for these platforms and applications.
  • Mobile device management tools are necessary. Authorization, inventory records, control updates, lock-down/erase lost devices, encryption, and software segregation are components of mobile security policies.
• Ensuring Software Quality:
  • Software metrics and measurements objectively assess system quality. (Number of transactions, online response time, payroll checks, known bugs per line of code are examples.)
  • Early and regular testing, quality walkthroughs, and debugging processes are key.