Upgrade to remove ads
Introduction to Information Security
Terms in this set (28)
What are the six components of an information system?
Software, hardware, data, people, procedures, and network.
Name five common instances of malicious code.
Viruses, worms, Trojan horses, logical bombs, and back doors
What are the two most common types of computer viruses?
The macro virus: is embedded in automatically executing macro code used by word processors, spread sheets and database applications
The boot virus: infects the key operating system code located in a computer's boot sector.
Provide 4 examples of Intellectual property.
Trade secrets, copyrights, trademarks, and patents.
What are the two skill levels among hackers?
An expert or elite hacker is usually a master of several programming languages, networking protocols, and operating systems. He also exhibits a mastery of the technical environment of the chosen target system.
• A script kiddie is an unskilled individual who uses scripts or programs developed by others to attack computer systems and networks and deface websites.
What are the six categories of known attack vectors?
IP scan and attacks - The infected system scans a random or local range of IP addresses and targets any of several vulnerabilities known to hackers or left over from previous exploit such as Code Red, Back Orifice, or PoizonBox.
Web browsing - If the infected computer has write access to any web pages, it makes all web contents (.html, .asp, cgi, ...) infectious so that users who browse to those pages become infected.
Unprotected shares - Using vulnerabilities in files systems and the way many organizations configure them, the infected machine copies the viral component to all locations it can reach.
Mass mail - By sending e-mail infections to addresses found in the address book, the infected machine infects many users, whose mail-reading programs also automatically run the program and infect other systems.
Simple Network Management Protocol (SNMP) - By using the widely known and common passwords that were employed in early versions of this protocol (which is used for remote management of network and computer devices), the attacking program can gain control of the device. Most vendors have closed these vulnerabilities with software updates.
Provide three examples of spyware.
• Web Bug Is a tiny graphic on a web site that is referenced within the Hypertext Markup
Language content of a web page or email to collect information about the user viewing the HTML content.
• Tracking cookie Is placed on a user's computer to track the user's activity on different web sites and create a detailed profile of the user's behavior.
• Adware Is any software program intended for marketing purposes. For example programs used to deliver and display advertising banners or popups to the user's screen or tracking the user's online usage or purchasing activity
What are the two basic security functions performed by firewalls?
• Packet filtering: determining whether to allow or deny the passage of packets of digital information, based on established security rules.
• Application proxy: providing network services to users while shielding individual host computers. This is done by breaking the IP flow (that means the traffic into and out of the network).
What are the four processes that an access control encompasses?
3. authorization, and
What is the primary goal of vulnerability assessment and remediation?
The primary goal of vulnerability assessment and remediation is to identify specific, documented vulnerability and remediate them in a timely fashion.
A___________________is a code that attaches itself to an existing program and takes control of that program's access to the target computer.
A___________________is a malicious program that replicates itself constantly, without requiring another program environment.
A___________________is a software program that hides its true nature and reveals its designed behavior only when activated.
A___________________is a virus or a worm which actually evolves, changing its size and other external file characteristics to elude detection by antivirus software programs.
A___________________is the act of gaining access to the information that an organization is trying to protect by an unauthorized individual.
Espionage or trespass
A___________________is an individual who uses and creates computer software to gain access to information illegally
A___________________occurs when an attacker or trusted insider steals information from a computer system and demands compensation for its return or for an agreement not to disclose it.
A___________________ is an identified weakness in a controlled system where controls are not present or are no longer effective.
A___________________is an automated software program that executes certain commands when it receives a specific input.
bot (an abbreviation of robot)
A___________________is placed on a computer to secretly gather information about the user and report it.
A___________________is a tiny graphic on a web site that is referenced within the Hypertext Markup Language content of a web page or email to collect information about the user viewing the HTML content.
A___________________is placed on a user's computer to track the user's activity on different web sites and create a detailed profile of the user's behavior.
A___________________is any software program intended for marketing purposes.
A___________________is a method, often secret, of bypassing normal authentication or encryption in a computer system, a product, or an embedded device (e.g. a home router), or its embodiment.
back door or backdoor
A___________________is anything (hardware, software, or a combination of both) that can filter the transmission of packets of digital information as they attempt to pass through an interface between networks.
A___________________is the simulation or execution of specific and controlled attacks by security personnel to compromise or disrupt their own systems by exploiting documented vulnerabilities.
A___________________is the coherent application of methodical investigatory techniques to present evidence of crime in a court like setting.
A___________________is a method, often secret, of bypassing normal authentication or encryption in a computer system, a product, or an embedded device (e.g. a home router), or its embodiment, e.g. as part of a cryptosystem, an algorithm, a chipset, or a "homunculus computer" (such as that as found in Intel's AMT technology).
A back door or backdoor
You might also like...
Chapter 9: Technology in action
Chapter 9: Technology in action
Discovering Computers Chapter 5
Other sets by this creator
Wireless Networking Technologies
Networking Chapter 8
Other Quizlet sets
World History ch. 3 pt 3
Cumulative Exam Review, Truman's Fair Deal, The Ko…
python chapter 7
SGT 14 Iron Deficiency Anemia