Information Security Terminologies

Questions and Answers

A threat is a weakness or absence of safeguards.

False

Risk is the probability of a threat crossing or touching a vulnerability.

True

Exploits are aimed at performing unauthorized operations.

False

Passive threats modify information or change the system state.

False

Network intrusion risks include information theft and data loss.

True

Social Engineering and Phishing are types of network threats.

True

Identity theft involves breaking into a computer to destroy or alter data records.

False

Security aims to totally eliminate risk.

False

A Distributed Denial of Service (DDoS) is a type of Brute Force Attack.

False

Spyware can gather personal information from a computer without the user's permission.

True

Tracking Cookies are always considered a form of malware.

False

Adware is a type of spyware used to collect information about a user based on websites visited.

True

Pop-ups are a type of spyware used to collect information about a user.

False

Spam is a type of malware that can harm a computer.

False

Spammers use secure email servers to forward email.

False

DDoS attacks are designed to saturate and overwhelm network links with useless data.

True

Malware can only destroy data and leak confidential information.

False

Removable media is a propagation technique for malware.

True

Malware scanners are used to monitor activity.

False

A Security Policy is only for network security.

False

Anti-spyware software can only detect spyware applications.

False

Patches and updates are the same thing.

False

Anti-virus software can only detect and remove viruses.

False

Firewalls only filter incoming packets based on IP addresses.

False

Firewall products are only available as software.

False

Anti-spam software can only be loaded on email servers.

False

Security risks can be completely eliminated with effective risk management.

False

Best practices for using a firewall include physically securing servers and network equipment.

True

Updating antivirus software files is not necessary for security.

False

Firewalls can only block incoming packets.

False

The SANS Institute lists common security mistakes to educate users on security best practices.

True

Popup stopper software is only used to block pop-ups.

False

End users should always open e-mail attachments without verifying their source and content.

False

Installing security patches for Microsoft Office and Microsoft Internet Explorer is not important for end users.

False

Senior executives should assign untrained people to maintain security without providing training or time to learn.

False

Relying primarily on a firewall is a sufficient security measure for senior executives.

False

IT people should connect systems to the Internet before hardening them.

False

Updating systems when security holes are found is not necessary for IT people.

False

Implementing firewalls with rules that stop malicious or dangerous traffic is not important for IT people.

False

Educating users on what to look for and what to do when they see a potential security problem is not necessary.

False

Study Notes

Information Security Assets

• Assets include personals, hardware, software, physical devices, and documents
• Identifying assets is crucial for creating an information security system

Security Terminologies

• Threat: a person, thing, event, or idea that poses danger to an asset's confidentiality, integrity, availability, or legitimate use
• Vulnerability: a weakness or absence of safeguards
• Risk: a measure of the cost of a realized vulnerability
• Exploits: programs, scripts, or code that perform unauthorized operations
• Impacts: results of an exploited vulnerability (e.g., deleted files, loss of information, loss of company image)

Focus of Security

• Security deals with managing risk to critical assets
• Security is an exercise in loss reduction
• Risk is the probability of a threat crossing or touching a vulnerability
• Risk = Threat x Vulnerability

Threats

• Accidental threats: natural disasters
• Intentional threats: active and passive threats
  • Passive threats: do not modify information or system state
  • Active threats: alter information or system state

Network Threats

• Risks of network intrusion: information theft, data loss and manipulation, identity theft
• Sources of network intrusion: social engineering, phishing
• Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
• Brute force attacks: guessing passwords using a fast computer
• Spyware and tracking cookies: collecting personal information without permission
• Spam: sending unsolicited emails, overloading ISPs, email servers, and individual systems

Malware Capabilities

• Destruction of data
• Leaking confidential information
• Providing backdoor access
• Countless other opportunities

Propagation Techniques

• Removable media
• E-mail attachments
• Web browsing
• Social networking
• Network vulnerabilities
• Instant messaging applications
• Peer-to-peer networks

Malware Defense Techniques

• Activity monitoring programs
• Malware scanners
• File and resource integrity checking
• Stripping e-mail attachments
• Defense-in-depth
• Patching all systems

Common Security Measures

• Security Policy: a formal statement of rules for accessing technology and information assets
• Updates and Patches: fixing specific problems and adding functionality to software
• Anti-virus Software: preventing infection, detecting, and removing viruses, worms, and Trojan horses
• Anti-Spam: identifying spam and performing an action
• Anti-Spyware: detecting and deleting spyware applications

Firewalls

• What is a Firewall?: a security tool that controls traffic between networks and prevents unauthorized access
• Types of Firewall:
  • Packet Filtering
  • Application/Web Site Filtering
  • Stateful Packet Inspection (SPI)
• Best Practices:
  • Define security policies
  • Physically secure servers and network equipment
  • Set login and file access permissions
  • Update OS and applications
  • Change permissive default settings
  • Run anti-virus and anti-spyware
  • Update antivirus software files
  • Activate browser tools

Mistakes People Make

• The SANS Institute's lists of mistakes that lead to security breaches
• The Four Worst Security Mistakes End Users Make
• The Six Worst Security Mistakes Senior Executives Make
• The Eight Worst Security Mistakes Information Technology People Make

Description

This quiz covers key terms and concepts in information security, including assets, threats, vulnerabilities, and risk.