Information Security Essentials

Questions and Answers

What is spam, and what is its primary intent?

Spam is undesired e-mail, typically commercial advertising, transmitted in bulk.

How does pharming operate and what is its goal?

Pharming redirects legitimate user web traffic to illegitimate websites to collect personal information.

Explain what spoofing is and its effect on computer security.

Spoofing is a technique for unauthorized access using a forged IP address that appears trusted.

What are the consequences of technological obsolescence?

Technological obsolescence can lead to unreliable and untrustworthy systems.

Define theft in the context of digital security.

Theft in digital security refers to the illegal taking of another's property, which can be physical, electronic, or intellectual.

What is the primary mission of an information security program?

To ensure that information assets remain safe and useful.

Differentiate between data and information.

Data consists of raw numbers, facts, and words, while information is organized and structured data presented for additional insight.

What does data security primarily focus on?

Data security focuses on protecting data or information in various states: at rest, in processing, and in transmission.

Identify one of the important functions of information security for an organization.

Protecting the organization’s ability to function.

What are intellectual property (IP) rights intended to protect?

IP rights are intended to protect the creation, ownership, and control of original ideas.

Explain what compromises to intellectual property entail.

Compromises to intellectual property involve unauthorized access, use, or exploitation of an organization’s original ideas.

What is the relationship between data security and information security?

Data security is a subset of information security that specifically protects data in various states.

Why is safeguarding technology assets important to information security?

Safeguarding technology assets ensures the safe operation of applications running on IT systems and protects the organization's data.

What is cyberwarfare?

Cyberwarfare refers to formally sanctioned offensive operations conducted by a government against information or systems of another state.

Define software attacks and give an example.

Software attacks involve deploying specially crafted software to attack a system; an example is malware.

What is malware and its purpose?

Malware is computer software intentionally designed to perform malicious or unwanted actions.

What characterizes a Trojan horse in the context of malware?

A Trojan horse is a type of malware that disguises its true nature and reveals its harmful behavior only when activated.

Explain the term denial-of-service (DoS) attack.

A denial-of-service (DoS) attack aims to overwhelm a computer's ability to handle incoming requests, preventing legitimate access.

What is the difference between a DoS and a DDoS attack?

A DDoS attack involves multiple coordinated sources launching a DoS attack simultaneously against a target.

What is a boot virus?

A boot virus targets the boot sector or Master Boot Record (MBR) of storage media.

Describe a mail bomb attack.

A mail bomb attack overwhelms a recipient with excessive quantities of e-mail.

What is the primary goal of a cracker in the context of computer security?

To remove or bypass software copyright protection to prevent unauthorized use.

Describe what a brute force password attack entails.

It involves trying every possible combination of characters and numbers to guess a password.

How do rainbow tables assist in cracking passwords?

They provide a lookup table of hash values and their corresponding plaintext values.

What is social engineering in the context of password attacks?

It is the manipulation of individuals to gain access to confidential information.

What role do acts of nature play as threats to computer systems?

They can cause unexpected damage with little warning and are uncontrollable.

Define human error in the context of cybersecurity threats.

It refers to unintentional actions by authorized users that compromise security.

What distinguishes sabotage or vandalism as a threat?

It involves deliberate actions intended to damage or disrupt systems.

What does the term cyberterrorist refer to?

A hacker who conducts terrorist activities using computer networks or the Internet.

What is software piracy and why is it considered a violation of intellectual property?

Software piracy refers to the unauthorized duplication, installation, or distribution of copyrighted computer software, violating intellectual property rights.

How do deviations in quality of service impact information availability?

Deviations in quality of service can disrupt availability by causing internet service issues or power irregularities, which affect access to information and systems.

Define espionage or trespass in the context of information security.

Espionage or trespass involves unauthorized individuals attempting to gain illegal access to organizational information, breaching confidentiality.

What distinguishes an expert hacker from a novice hacker?

An expert hacker possesses extensive knowledge of computer systems and creates tools for unauthorized access, while a novice hacker lacks skill and uses existing tools created by experts.

What are the characteristics of a script kiddie?

A script kiddie is an unskilled hacker who relies on pre-written software to perform attacks, lacking the knowledge to develop their own tools.

Explain the term 'packet monkey' in relation to hacking.

A packet monkey is a type of script kiddie who uses automated exploits specifically to engage in denial-of-service attacks.

What role does copyright protection and user registration play in enforcing copyright laws?

Copyright protection and user registration help enforce copyright laws by ensuring creators maintain control over the use of their protected materials.

Identify two types of internet service issues that can lead to availability disruptions.

Internet service issues can include connectivity problems and service provider outages, which directly disrupt access to information.

Study Notes

Information Security Needs

• Information security is crucial to safeguarding and maintaining the usefulness of information assets
• Data refers to raw facts, figures, and words collected by an organization.
• Information is organized, structured data, providing context, worth, and usefulness.
• Information assets are the focus; they hold value to the organization and include the systems that store, process, and transmit information.

Types of Security

• Data security protects data in storage, processing, and transmission.
• Database security assesses and protects information stored in databases and storage media

Functions of Information Security

• Protect the organization's ability to function.
• Safeguard data and information used by the organization.
• Enable secure operation of applications running on the organization's IT systems.
• Safeguard the organization's entire technology assets.

Types of Threats and Attacks

• Malware (Revised data from 2008 onward): 67%, 50%, 65%, 78%, 85%, 85% (From 2000-2010/2011)
  • Phishing messages: 39% and 31% (2010/11 and 2008)
  • Laptop/Mobile Theft/Loss: 34%, 42%, 47%, 49%, 55%, 60% (From 2000-2010/2011)
  • Insider Abuse of Internet Access/Email: 25%, 44%, 42%, 59%, 78%, 79% (From 2000-2010/2011)
  • Denial of Service: 17%, 21%, 25%, 39%, 40%, 27% (From 2000-2010/2011)
• Other types of attacks include unauthorized access, privilege escalation, password sniffing, system penetration by outsiders, and client Web browser exploits
• Common objective for threat actors in 2023 encompass Cyber Espionage, establishing control for future attacks, Cyber warfare, Unauthorized resource control and usage, Malware Dissemination, Financial gain, Service disruption, Data leaks, Reconnaissance, and Promotion of Ideological/Political Agenda

Categories of Threats

• Compromises to intellectual property: includes ideas, ownership, and control, with elements including trade secrets, copyrights, trademarks, and patents. Copyright, intellectual property is protected with laws and attributions/credits.
• Deviations in quality of service—this affects the availability of information and systems, with examples including Internet service issues, communication issues, and power irregularities.
• Espionage or Trespass—a broad category of electronic and human activities that can breach confidentiality, involving unauthorized access to organizational information by an individual
• Expert Hacker, the most knowledgeable user that has an intimate knowledge about computer hardware and software
• --Novice Hacker—the least experienced hacker who uses the assistance from expert hackers to perform attacks; for example, script kiddies, and packet monkeys
• Cracker—a hacker who circumvents software copyright protection
• Phreaker—a hacker who manipulates the public telephone system to acquire free calls or disrupt services
• Password attacks, which can include Brute force attacks (attempting all possible combinations of characters/numbers), Dictionary attacks (using lists of common passwords), Rainbow table attacks (storing hash values used to look up values for an encrypted password file).
• Social Engineering Attacks – The tactic of manipulating a victim to gain control of a system.
• Forces of Nature, acts that cause threat
• Human error—activities made unintentionally or with no malicious intent.
• Information Extortion—the act of stealing information and demanding compensation for its return/to keep the information from getting publicized.
• Sabotage or vandalism involves destroying assets or damaging an organization's reputation. Techniques such as cyberterrorism, cyberwarfare are included.
• Software Attacks, which are the use of software to attack a computer system, including Adware, Boot viruses, Spyware, and Trojan Horses
• Denial-of-service attacks, which flood systems with requests to prevent legitimate users from making use of them. Distributed Denial-of-Service assaults occur when coordinated requests are sent from numerous locations.
• Email attacks, which include mail bombs and spam
• Communication interception attacks—includes packet sniffers, pharming, and spoofing.
• Technical hardware failures, resulting from defects in hardware
• Technical software failures, resulting from flaws in code.
• Technological obsolescence—the use of outdated technology
• Theft—the unlawful taking of physical, electronic, or intellectual property.

Description

This quiz covers essential concepts of information security, including the importance of safeguarding information assets and the various types of security involved. You'll explore key functions of information security, types of threats and attacks, and the protection of data in different states. Test your knowledge and gain a better understanding of how to maintain the integrity and security of information.