98 terms

Computer Security

Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?
The ____ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.
Proper ________________ involves identifying risks but making the decision to not engage in the activity.​
List and describe three of the characteristics of information that must be protected by information security?
Confidentiality: Only authorized people can view the information

Integrity: Makes sure the information is correct and that nothing has altered the data, like an unauthorized person or malicious software.

Availability: Makes sure the authorized users can access the data.
According to the U.S. Bureau of Labor Statistics, what percentage of growth is the available job outlook supposed to reach by the end of the decade?
Why are there delays in updating products such as anti-virus to resist attacks?
Because companies are overwhelmed with trying to keep their products updated with new attacks.
Under which law are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?
The demand for certified IT professionals who know how to secure networks and computers is at an all-time low.
A security administrator has both technical ​knowledge and managerial skills.
Select below the term that is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so:
Script Kiddies
Which of the three protections ensures that only authorized parties can view information?
Today's software attack tools do not require any sophisticated knowledge on the part of the attacker.
In information security, what constitutes a loss?
Theft of information
A delay in transmitting information that results in a financial penalty
The loss of good will or a reputation
In information security, an example of a threat agent can be ____.
A force of nature such as a tornado that could destroy computer equipment
A virus that attacks a computer network
A person attempting to break into a secure computer network
A situation that involves exposure to danger
A premeditated, politically motivated attack against information, computer systems, computer programs, and data, which often results in violence.
A person or element that has the power to carry out a threat
Threat Agent
The means by which an attack could occur​
Threat Vector
An item that has value.
Automated attack package that can be used without an advanced knowledge of computers
Exploit Kit
A type of action that has the potential to cause harm.
A flaw or weakness that allows a threat agent to bypass security
Attacker who attacks for ideological reasons that are generally not as well defined as a cyberterrorist's motivation
The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security.
What is a hacker?
A hacker is a person who has advanced computer skills and uses them to attack computers.
What is a state sponsored attacker?​
A state sponsored attacker is a person used by a government to launch computer attacks on their enemies.
Information security is achieved through a combination of what three entities? Provide at least one example of each entity.
Products: Anti-Virus Software
People: Employees of the Company
Procedures: Class on how to use the Software and what to do if something goes wrong.
The ___________________ reports directly to the chief information officer (CIO), and is responsible for assessing, managing, and implementing security.
Chief Information Security Officer (CISO)
List and describe two of the four generally recognized security positions.
CISO: This person reports directly to the CIO and is responsible for assessing, managing, and implementing security.
Security Technician: Entry-level position and provides technical support to configure security hardware, implement security software, and diagnose and troubleshoot problems.
In what kind of attack can attackers make use of hundreds of thousands of computers under their control in an attack against a single server or network?
Describe script kiddies.
A person who doesn't have an advanced knowledge of computers or networks, so uses pre-made programs to attack a computer.
The security protection item that ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter is known as?
Security is the goal to be free from danger as well as the process that achieves that freedom.
____________________ provides tracking of events.
Script kiddies acquire which item below from other attackers to easily craft an attack:
Exploit Kit
What term is used to describe a loose network of attackers, identity thieves, and financial fraudsters?
Describe a macro virus.
A macro virus is one of the most common data file viruses, that is written in macro script. Macro is a bunch of instructions that can be grouped together as one command.
Software keyloggers are programs that silently capture all keystrokes, including passwords and sensitive information.
Which of the following is not one of the four methods for classifying the various types of malware?​
What term below is used to describe a means of gathering information for an attack by relying on the weaknesses of individuals?
Social Engineering
Spreading similarly to a virus, a worm inserts malicious code into a program or data file.
_______________ is a general term used to describe software that secretly spies on users by collecting information without their consent.​
Computer code that is typically added to a legitimate program but lies dormant until it is triggered by a specific logical event is known as a?
Logic Bomb
What is a backdoor and what is it used for?
A backdoor gives an attacker access to a computer, program, or service that has any normal security protections, and allows them to return at a different time and bypass all security settings. It is sometimes used by developers who want to bypass security settings until their program is finalized, but can also be used by an attacker to bypass security settings if the backdoor is not removed.
Due to the prevalence of text filters for filtering spam, how have spammers modified their attacks?
They replace the text with a picture because text filters cannot filter out text on a picture. Then they will generally put nonsense text underneath the picture so the email seems legitimate.
What is a worm?
A worm is a malicious program that enters a network and replicates itself over the computers connected to that network. It is used to take advantage of vulnerability in an application or an OS on the host computer. Once it exploits that vulnerability it will then search for another computer on the network that has the same vulnerability
​A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
Computer code that lies dormant until it is triggered by a specific logical event​
Logic Bomb
A logical computer network of zombies under the control of an attacker.​
A false warning designed to trick users into changing security settings on their computer​
​A phishing attack that uses telephone calls instead of e-mails.
Software code that gives access to a program or a service that circumvents normal security protections.​
​A computer virus that is written in a script known as a macro
Macro Virus
Software or a hardware device that captures and stores each keystroke that a user types on the computer's keyboard.​
​A phishing attack that targets only specific users
Spear Phishing
Malicious computer code that, like its biological counterpart, reproduces itself on the same computer.​
Computer Virus
​What type of system security malware allows for access to a computer, program, or service without authorization?
In the ____________________ technique, the virus is divided into several parts and the parts are placed at random positions throughout the host program, overwriting the original contents of the host.
Split Infection
Successful attacks on computers today consist of a single element, malicious​ software programs that are created to infiltrate computers with the intent to do harm.
Which of the following is malicious computer code that reproduces itself on the same computer?
What are botnets?
A botnet is a network of zombie computers, that are under control of one person (bot herder)
How many different Microsoft Windows file types can be infected with a virus?
A macro is a series of instructions that can be grouped together as a single command.​
What type of malware consists of a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms?
The physical procedure whereby an unauthorized person gains access to a location by following an authorized user is known as?
One of the armored virus infection techniques utilizes encryption to make virus code more difficult to detect, in addition to separating virus code into different pieces and inject these pieces throughout the infected program code. What is the name for this technique?
Swiss Cheese
What type of undocumented yet benign hidden feature launches after a special set of commands, key combinations, or mouse clicks, and was no longer included in Microsoft software after the start of their Trustworthy Computing initiative?
Easter Egg
Because of how a rootkit replaces operating system files, it can be difficult to remove a rootkit from a system.
Select below the type of malware that appears to have a legitimate use, but actually contains or does something malicious:
What is the term used to describe unsolicited messages received on instant messaging software?
A series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks are known as:
A Macro
A(n) ____________________ is either a small hardware device or a program that monitors each keystroke a user types on the computer's keyboard.
What is malware?
Malware is software that enters a computer system without the users knowledge and does a malicious action.
What type of attack is targeted against a smaller group of specific individuals, such as the major executives working for a manufacturing company?​
Watering Hole
XSS attacks occur when an attacker takes advantage of web applications that accept user input without validating it and then present it back to the user.​
List three of the most common Web application attacks.
Cross-Site Scripting
SQL Injection
XML Injection
How does a cross-site scripting (XSS) attack work?
XSS injects scripts into a web server to direct an attack to the clients that access the server.
When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:
How does ARP poisoning take advantage of the use of ARP?​
An attacker can access the ARP cache on an ethernet network and can then find the IP address of a computer on the network and change the MAC address. This sends one computers information to a different location, which can then lead to stealing of data, preventing internet access, or a Dos attack.
What are zero-day attacks?​
Zero-day attacks are when an attacker finds a vulnerability in a program and exploits it before the developers know about the vulnerability, giving them no time (zero days) to defend it.
Ethernet LAN networks utilize the physical _________________ address to send packets.​
Media Access Control (MAC)
Explain the HTTP header referrer attack.
Some websites check the Referer field to make sure that the request came from a page that was created by that site. An attacker can bypass this by modifying the Referer field to hide that the page came from another site.
A TCP/IP communication begins with a control message, known as a ________________, to initialize the connection.​
synchronize message (SYN)
Describe the two types of privilege escalation.
Vertical privilege escalation: when a lower privilege user uses privilege escalation to grant access to functions reserved for higher privileged users.

Horizontal privilege escalation: when a user with restricted privileges accesses functions of a similar user.
Because the XSS is a widely known attack, the number of Web sites that are vulnerable is very small.
How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?
DNS Poisoning
Choose the SQL injection statement example below that could be used to find specific users:
whatever' OR full_name LIKE '%Mia%'
ARP poisoning is successful because there are few authentication procedures to verify ARP requests and replies.
A web browser makes a request for a web page using the ________________.
HTTP Header
What is the goal of a directory traversal attack?​
The goal of a directory traversal is to find a vulnerability in a system so you can move from the root directory to restricted directories.
A(n) ____________________ cookie is stored in Random Access Memory (RAM), instead of on the hard drive, and only lasts for the duration of visiting the Web site.
Session Cookie
What language below is for the transport and storage of data, with the focus on what the data is?
What language below is designed to display data, with a primary focus on how the data looks?
The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below?
C:\Inetpub\ wwwroot
The exchange of information among DNS servers regarding configured zones is known as:
Zone Transfer
Which SQL injection statement example below could be used to discover the name of the table?
whatever' AND 1=(SELECT COUNT(*) FROM tabname); --
What is a cookie, and how is it used?​
A cookie stores user-specific information which it can then use later if that user goes back to that specific site. It stores information based on user's preferences when visiting websites.
Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?
whatever' AND email IS NULL; --