Professional Ethics in Information Technology

Questions and Answers

Why is the security of information technology considered of utmost importance?

• To increase the complexity of the computing environment
• To reduce the number of entry points for potential security breaches
• To prevent unauthorized access to confidential business data (correct)
• To ensure the efficient operation of cloud computing

What is a major reason for the prevalence of computer incidents?

• Reduced user expectations for computer performance
• Limited access to data storage and computing power
• Increasing complexity of computing environments (correct)
• Lack of cloud computing resources

What is cloud computing?

• The provision of data centers only to individual users
• The distribution of computing power to specific users based on their needs
• The management of computer system resources directly by the user
• The on-demand availability of computer system resources without direct active management by the user (correct)

Why are computer help desks under intense pressure to respond quickly to users' questions?

To increase user productivity related to time constraints (A)

How does increasing complexity contribute to the vulnerability of computing environments?

It expands the number of entry points for potential security breaches (D)

Why is safeguarding confidential business data and private customer and employee data important?

To protect against malicious acts of theft or disruption (A)

What is a zero-day exploit?

A cyber attack that occurs on the same day a weakness is discovered in software and is exploited before a fix becomes available (D)

What is the purpose of a virus?

To enable payload delivery (B)

What can viruses be disguised as?

Files and documents (A)

What is the characteristic of a zero-day exploit?

It occurs before a fix becomes available from its creator (A)

What does a rootkit refer to in the context of computer security?

A set of tools and technologies used to gain unauthorized access to a computer system (B)

What is the purpose of phishing?

To deceive individuals into providing sensitive information or clicking on malicious links (B)

What is the characteristic of commercial software?

Designed and developed for licensing or sale to end users or serving a commercial purpose (C)

What does a virus deliver as part of transmitted data?

"Payload", which is the actual intended message carried by transmitted data (C)

What are types of attacks that can target users?

All of the above (D)

Study Notes

Importance of IT Security

• Information technology security is crucial to protect sensitive data, maintain privacy, and ensure the integrity of systems.
• Breaches can lead to financial loss, reputational damage, and legal consequences for organizations.

Prevalence of Computer Incidents

• A major factor for the high occurrence of computer incidents is increased connectivity and reliance on digital systems, making them attractive targets for attackers.

Cloud Computing

• Cloud computing involves delivering computing services (e.g., storage, processing) over the internet, offering flexibility, scalability, and reduced infrastructure costs.

Pressure on Help Desks

• Computer help desks face intense pressure to provide rapid responses due to user dependency on technology for business operations and productivity.

Complexity and Vulnerability

• Rising complexity in computing environments leads to greater vulnerabilities, as intricate systems can introduce more points of failure and potential attack vectors.

Importance of Safeguarding Data

• Protecting confidential business and customer data is vital to maintain trust, uphold compliance with regulations, and prevent data breaches.

Zero-Day Exploit

• A zero-day exploit refers to a cyber vulnerability that attackers can exploit before developers release a fix, leaving systems unprotected.

Purpose of a Virus

• Viruses are malicious software designed to replicate and spread to damage systems, corrupt data, or steal information.

Virus Disguises

• Viruses can be disguised as legitimate software, file attachments, or downloads to deceive users into activating them.

Characteristics of Zero-Day Exploit

• The defining feature of a zero-day exploit is its ability to take advantage of a vulnerability that has not yet been identified or patched by the software developer.

Rootkit Definition

• A rootkit is a type of malicious software that gives attackers remote access and control over a computer, often allowing them to hide their presence.

Purpose of Phishing

• Phishing aims to deceive individuals into providing personal information, such as passwords and financial details, through fake communications that appear legitimate.

Characteristics of Commercial Software

• Commercial software is typically developed for profit, with features including regular updates, customer support, and licensing fees.

Virus Delivery

• A virus often delivers additional malicious payloads or commands as part of the data it transmits, leading to further exploitation or harm.

Types of User Target Attacks

• Users can face various types of attacks, including phishing, malware infections, ransomware, and denial-of-service attacks that disrupt service availability.

Description

This quiz covers the importance of security in information technology, safeguarding confidential business and personal data, and protecting against malicious acts. It is based on lecture 8 and the textbook 'Ethics in Information Technology' by George W. Reynolds.