System Security Threats and Controls

Questions and Answers

What is the primary goal of system security controls and safeguards?

To minimize downtime, interference, and malicious intrusion

What is a common technique used to extract passwords?

Sniffing

What is a type of attack that involves fraudulent websites?

Pharming

What is a method to prevent password attacks?

Setting a good password that cannot be easily guessed Signup and view all the answers

What is a type of physical threat to a system?

Unauthorized physical access to devices Signup and view all the answers

What is a measure to ensure physical security?

Surveillance Signup and view all the answers

What is a good practice for creating passwords?

Using case sensitive passwords with numbers and special characters Signup and view all the answers

What is an issue related to passwords?

Using common passwords Signup and view all the answers

What is an alternative to passwords?

Face recognition Signup and view all the answers

What can be used to evaluate the strength of a password?

A website that estimates the cracking time Signup and view all the answers

Why is it recommended to use a sentence to create a password?

It makes the password easier to remember Signup and view all the answers

What is a design problem related to passwords?

Using personal data Signup and view all the answers

What is an example of biometric data?

Fingerprint Signup and view all the answers

What is an alternative to traditional passwords?

Providing multiple questions Signup and view all the answers

What is the primary purpose of additional login steps after giving a username and password?

To provide an extra layer of security Signup and view all the answers

What type of malware is designed to steal, encrypt, or delete sensitive information?

Ransomware Signup and view all the answers

What is the primary function of a keylogger?

To track user activity Signup and view all the answers

What is the main difference between a virus and a worm?

A virus needs human interaction to spread, while a worm can spread automatically Signup and view all the answers

What is the primary purpose of a CAPTCHA?

To identify human users and prevent automated programs Signup and view all the answers

What is a Trojan?

A type of malware that disguises itself as desirable code or software Signup and view all the answers

What is the primary function of a rootkit?

To give hackers remote control of a victim's device Signup and view all the answers

What is a botnet?

A software application that performs automated tasks on command Signup and view all the answers

Study Notes

System Security

System security involves controls and safeguards to minimize downtime, interference, and malicious intrusion.

Physical Security

Physical threats to a system include:
Physical access to devices
Attaching components to devices
Tampering with devices
Jamming wires
Countermeasures include:
Access control
Surveillance
Backup

OS and Application Security

Attacks on OS and applications include:
Password attacks
Malware attacks
Pharming
Spam
Phishing attacks

Password Attacks

Password attacks are a common technique to authenticate systems.
Passwords can be extracted through:
Sniffing
Brute force
Dictionary attack
Prevention measures include:
Setting strong, hard-to-guess passwords
Account lock features
Multi-factor authentication
Encryption

Design problems include using personal data.
Operation issues include using common or easy-to-guess passwords.
Application issues include password checking issues.

Good Practices for Creating Passwords

Dos:
Use lengthy passwords
Use case-sensitive passwords
Include numbers and special characters
Use random characters
Make passwords memorable
Don'ts:
Use personal data
Use short passwords
Use repetitive characters
Use the same password for multiple applications

Alternatives to Passwords

Biometric data includes:
Signatures
Face recognition
Voice recognition
Fingerprints
Iris patterns
Additional questions, such as:
What is your pet's name?
What is your hometown?
Where did you complete secondary school?

Multi-Factor Authentication

Additional login steps after entering a username and password.

Malware Attacks

Malware is unwanted software installed without consent.
Risks include:
Stealing, encrypting, or deleting sensitive information
Hijacking or altering core system functions
Monitoring user activity without permission
Extorting money
Introducing spam or forced advertising

Types of Malware

Ransomware: disables access to data until ransom is paid.
Spyware: collects user activity data without knowledge.
Adware: serves unwanted advertisements.
Trojan: disguises itself as desirable code or software, distributing viruses, worms, spyware, etc.
Worms: spreads through a network by replicating itself.
Virus: piece of code that inserts itself into an application and executes when the app is run.
Rootkits: gives hackers remote control of a victim's device.
Keyloggers: spyware that monitors user activity.
Bots/Botnet: software application that performs automated tasks on command.

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Description

This quiz covers physical and system security threats and controls, including downtime, interference, malicious intrusion, physical access, and tampering with devices.