Information Security Chapter 2

Questions and Answers

What is a computer virus?

A piece of software designed to be spread from one computer to another, infecting them and causing harm by disabling security settings, corrupting data, stealing personal information, and potentially deleting files.

Explain what a Trojan Horse is.

A malicious program that tricks users into running it willingly by hiding behind legitimate software. It can record passwords, hijack webcams, and steal sensitive data without the user's knowledge.

Define rogue security software.

Malicious software that tricks users into thinking their security is compromised and offers to fix the problem by installing further malware or prompting to pay for fake security tools.

What is the main purpose of adware?

To track browsing habits and display targeted advertisements.

Computer worms replicate quickly and spread from one computer to another through _______.

sending themselves to all of the computer's contacts and then to the contacts of other computers

What is password cracking?

Password cracking is the process of attempting to gain unauthorized access to restricted systems using common passwords or algorithms that guess passwords.

What are the methods used in password guessing attacks?

Dictionary attacks

Password strength is only determined by the length of the password.

False

What is malware and how does it typically get into a user's device?

Malware is malicious software that can monitor user activities, send data to attackers, penetrate networks, and participate in botnets. It typically enters a device through actions like clicking links or exploiting vulnerabilities in browsers or operating systems.

Match the following aspects of information security with their definitions:

Confidentiality = protection from disclosure or exposure to unauthorized individuals or systems Integrity = the unauthorized writing or modification of information, ensuring data is whole, complete, and uncorrupted Availability = enables authorized users to access information and prevents unauthorized withholding of information

What is imperative about information security according to the text?

Information security should be designed into a system from its inception rather than added later.

Study Notes

Objectives of Information Security

• Confidentiality: protection from disclosure or exposure to unauthorized individuals or systems
• Integrity: unauthorized writing or modification of information
• Availability: prevention of unauthorized withholding of information

Types of IT Threats

• Computer Virus: spreads from one computer to another, often sent as email attachments or downloaded from specific websites
• Trojan Horse: malicious software that tricks users into running it willingly, spreading through email or false advertisements
• Rogue Security Software: misleads users to believe their computer is infected, offering fake solutions to remove viruses
• Adware and Spyware: tracks browsing habits and shows targeted advertisements, with spyware being installed without consent
• Computer Worm: replicates quickly and spreads from one computer to another, often exploiting software vulnerabilities
• DoS and DDoS Attacks: flooding a website with packets, making it impossible for legitimate users to access
• Phishing (Social Engineering Attacks): obtaining sensitive data through fake emails, instant messages, or websites
• Rootkit: provides remote control and administration-level access to a computer or network
• SQL Injection Attack: targets data-driven applications, obtaining private data, changing or destroying it
• Man-in-the-Middle Attack: eavesdropping on communication between two targets, intercepting and altering messages
• DNS Poisoning: diverting traffic away from legitimate servers, directing it to fake ones
• Password Grabbers: gaining access to password information through sniffing, social engineering, guessing, or database access
• Network Worms: replicating and infecting other machines through computer networks
• Password Cracker: using software to guess passwords, often using brute-force or dictionary attacks
• Malware and Spyware Attack: using various methods to install malware, monitoring user activities, and stealing data

C.I.A. Triangle

• Confidentiality: keeping information secret or private
• Integrity: ensuring information is whole, complete, and uncorrupted
• Availability: enabling authorized users to access information

Importance of Information Security

• Imperative to design information security into a system from its inception
• An ounce of prevention is worth a pound of cure

Network Security

• Network Attacker: intercepts and controls network communication

Web Security

• Web Attacker: sets up malicious sites, visited by victims, with no control of network

Operating System Security

• OS Attacker: controls malicious files and applications

Security Policy

• General or Security Program Policies: Enterprise Information Security Policy (EISP)
• Issue-Specific Security Policies: address specific areas of technology, such as electronic mail, internet use, and computer configurations

Prevention and Treatment

• Prevention: actions taken to prevent system infection, such as finding and eliminating weak security holes
• Treatment: fixing a system after it has been infected, such as using anti-virus software### Detection
• Determining whether an attack is underway or has occurred, and reporting it
• Real-time monitoring provides data on the nature, severity, and results of an attack
• Intrusion detection systems (IDS) monitor various aspects of the system, looking for signs of an attack

Response

• Stopping or containing an attack in a timely manner
• Assessing and repairing any damage caused by an attack
• Resuming correct operation after an attack
• Evidence collection and preservation helps identify vulnerabilities and strengthen future security measures

Attacks

• Compromising systems in ways that affect services of information security
• Types of attacks:
  • Attack on confidentiality: unauthorized disclosure of information
  • Attack on integrity: destruction or corruption of information
  • Attack on availability: disruption or denial of services

Prevention, Detection, and Response

• Proper planning reduces risk of attack and increases capabilities of detection and response
• Importance of prevention, detection, and response in maintaining information security

Authentication

• Proving one's identity, location, and time
• Methods of authentication include passwords and biometric scans (e.g. retinal scans)

Accuracy

• Information has accuracy when it is free from mistakes or errors
• If information is intentionally or unintentionally modified, it is no longer accurate

Description

This quiz covers the fundamentals of information security, including types of IT threats, confidentiality, integrity, and availability, as well as the characteristics of a good computer security system.