Week 4

Questions and Answers

What is the main risk associated with buffer overflow?

Unauthorized access to sensitive information

Potential for launching further attacks (correct)

Data corruption in the database

Server becoming unstable

How does malware typically enter a database's network?

Via any endpoint device connecting to the network (correct)

By breaching the firewall

Through encrypted data packets

Through a secure channel

What is the primary objective of a DoS attack on a database server?

Overloading the server with requests (correct)

Corrupting data in the database

Stealing sensitive information

Causing network downtime

Why are organizations vulnerable if they do not secure backup data adequately?

Lack of stringent controls on backup data

How can the excess data in a buffer overflow be misused by attackers?

As a foundation for launching attacks

Which factor exacerbates the threats related to attacks on backups?

Growth in data volumes

What does database security aim to establish and preserve?

Database confidentiality

Which of the following is NOT required to be protected by database security?

The end-users of the database

What is the main challenge associated with database security?

Balancing security and usability

According to Anderson's Rule, what is the relationship between database accessibility and security threats?

More accessibility leads to more security threats

What kind of failure does a data breach represent?

Failure to maintain data confidentiality

How does the level of harm from a data breach depend on intellectual property?

Impact on intellectual property like trade secrets

What is the main purpose of Adware?

To display ads and breach user's privacy

Which type of malware is considered an advanced form of worms?

Bots

What is a characteristic of Remote Access Trojans?

They provide a backdoor gateway for unauthorized access

How can a Bot infect multiple hosts?

By creating a connection to a central server and forming a Botnet

What differentiates Spyware from other malware types?

It breaches user's privacy by monitoring activities

'Malicious bot can infect one host and after infecting will create connection to the central server which will provide commands to all infected hosts attached to that network called' what?

'Botnet'

What is a major concern associated with using outdated or pirated software on personal devices?

Increased risk of hackers accessing confidential business data

Why do organizations find it challenging to maintain security with the use of personal devices?

Lack of control over the security of personal devices

How can organizations mitigate security risks associated with personal devices according to the text?

Implementing strict BYOD policies and providing secure devices to employees

What is a crucial element of a BYOD policy according to the text?

Types of approved devices

Why should a strong BYOD security policy be integrated with overall IT security policies?

To ensure consistency and alignment in security measures

What is a key consideration for IT leaders when determining support for personal devices?

Balancing organizational security with employees' personal privacy

What is the primary reason BYOD security is important for organizational leaders?

To prevent serious security challenges from personal devices accessing the network

Why might some companies view BYOD as part of 'shadow IT'?

As it refers to software or hardware not supported by IT

What is a disadvantage of employees using personal devices on the job?

Higher IT cost due to lack of support for personal devices

What is one of the advantages of supporting BYOD within an organization, as mentioned in the text?

Increased employee productivity by 16 percent

In the context of BYOD, what does 'shadow IT' refer to?

Software or hardware not supported by IT

What possible consequence is mentioned in the text that could result from lack of firewall or anti-virus software on personal devices used for work?

Increased data breaches