Show Recommended textbook solutions
The Language of Composition: Reading, Writing, Rhetoric2nd EditionLawrence Scanlon, Renee H. Shea, Robin Dissin Aufses 661 solutions
Ways of the World: A Global History3rd EditionRobert W. Strayer 232 solutions Tonal Harmony, Workbook8th EditionByron Almen, Dorothy Payne, Stefan Kostka 1,387 solutions U.S. History1st EditionJohn Lund, Paul S. Vickery, P. Scott Corbett, Todd Pfannestiel, Volker Janssen 567 solutions Upgrade to remove ads Only ₩37,125/year
Terms in this set (73)threat agent the facilitator of an attack threat a category of objects, people, or other entities that represents a potential danger to an asset. They are always present vulnerability a weakness or fault in a system or protection mechanism that opens it to attack or damage exposure a condition or state of being exposed. this exists when a vulnerability is known to an attacker What are the three components of the C.I.A. triangle? confidentiality, integrity, availability confidentiality assurance that information is shared only among authorized people or organizations integrity assurance that the information is complete and uncorrupted availability assurance that information systems and the necessary data are available for use when needed Why is the top-down approach to information security superior to the bottom-up approach? has a higher probability of success; has strong upper management support, a dedicated champion, usually dedicated funding, a clear planning and implementation process, and the means of influencing organizational culture Which members of an organization are involved in the security systems development life cycle? Who leads the process? upper management-initiation and control responsible managers, contractors, and employees execute lead by senior executive (Champion) Who is ultimately responsible for the security of information in the organization? CISO Who decides how and when data in an organization will be used or controlled? Who is responsible for seeing that these decisions are carried out? data owners (responsible for security and use of information), data custodians (work directly with data owners and are responsible for the storage,maintenance, and protection of information), data users (end users who work with the information to perform their daily jobs and support the mission of the organization) Why is data the most important asset an organization possesses? Without data, an organization will lose its record of transactions and its ability to deliver value to customers. information extortion When an attacker can control access to an asset, it can be held hostage to the attacker's demands. Why are employees one of the greatest threats to information security? they are the people closest to the organization's data and they have access to it. Employee mistakes can easily lead to the revelation of classified data, entry of erroneous data, accidental data deletion or modification, storage of data in unprotected areas, and failure to protect information. What is the difference between a skilled hacker and an unskilled hacker, other than skill levels? expert hacker develops software scripts and codes to exploit relatively unknown vulnerabilities; master of several languages and OS unskilled hackers uses scripts and code developed by skilled hackers; rarely write own hacks, unskilled in programming languages What are the various types of malware? viruses, worms, trojan horses, logic bombs, and back doors How do worms differ from viruses? virus- code that induces other programs to perform actions Do Trojan horses carry viruses or worms? once a trusting user executes a Trojan horse program, it unleashes viruses or worms to the local workstation and the network as a whole. Why does polymorphism cause greater concern than traditional malware? How does it affect detection? makes malicious code more difficult to detect; code changes overtime How is technological obsolescence a threat to information security? by management's potential lack of planning and failure to anticipate the technology needed for evolving business requirements. It occurs when infrastructure becomes outdated, and leads to unreliable and untrustworthy systems What are the types of password attacks? What can a systems administrator do to protect against them? password crack, brute force, dictionary system
administrator can: password crack Attempting to reverse-calculate a password is called "cracking." This attack is used when a copy of the Security Account Manager (SAM) data file can be obtained. A possible password is taken from the SAM file and run through the hashing algorithm in an attempt to guess the actual password. brute force The application of computing and network resources to try every possible combination of options for a password. dictionary A form of brute force for guessing passwords. The dictionary attack selects specific accounts and uses a list of common passwords to make guesses. What is the difference between a denial-of-service attack and a distributed denial-of-service attack? Which is more dangerous? Why? DoS-occurs when an attacker sends a large number of connection or information requests to a target What is a buffer overflow, and how is it used against a Web server? when more data is sent to a buffer than it can handle; used when there is a mismatch in the processing rates between the two communicating entities What is the difference between law and ethics? laws- rules that mandate or prohibit certain behavior in society (have a governing authority, ethics do not) Which law amended the Computer Fraud and Abuse Act of 1986, and what did it change? National Information Infrastructure Protection Act of 1986 ; modified several sections of the CFA and increased the penalties for selected crimes What is privacy in an information security context? a "state of being free from unsanctioned intrusion" What is the primary purpose of the USA PATRIOT Act? in 2001, modified a wide range of existing laws to provide law enforcement agencies with broader latitude to combat terrorism-related activities How has thePATRIOT Act been revised since its original passage? in 2011,the PATRIOT Sunset Extension Act of 2011 was signed into law to extend certain provisions of the USA PATRIOT Act. These provisions covered wiretaps, searching of business records, and surveillance of people with suspected ties to terrorism. What is due care? Why should an organization make sure to exercise due care in its usual course of operations? has been taken when an organization makes sure that every employee knows what is acceptable or unacceptable behavior, and knows the consequences of illegal or unethical actions.; The more active an organization is in exercising due care, the less likely it will be held liable for its employees' illegal or unethical actions. How is due diligence different from due care? Why are both important? Due diligence requires that an organization make a valid effort to protect others and continually maintain this level of effort; important to decrease its chances of being found liable if an incident occurs What is a policy? How is it different from a law? A policy is a formalized body of expectations that describe acceptable and unacceptable employee behavior in the workplace. The difference between a policy and a law is that ignorance of a policy is an acceptable defense How can a security framework assist in the design and implementation of a security infrastructure? What is information security governance? Who in the organization should plan for it? pg 5 ch 4 1 Briefly describe management, operational, and technical controls • Management controls cover security processes that are designed by strategic planners and implemented by an organization's security administration. What are the differences between a policy, a standard, and a practice? What are the three types of security policies? • A policy is a plan or course of action intended to influence and determine decisions, actions, and other matters. Policies function like laws within an organization because they dictate
acceptable and unacceptable behavior within the context of the organization's culture. Who is ultimately responsible for managing a technology? senior management Contingency planning all planning conducted by the organization to prepare for, react to, and recover from events that threaten its security of information and information assets
When is IR plan used? covers the identification, classification, response to, and recovery from an incident. The plan should be used when an incident in progress is first detected by an organization. When is DR plan used? addresses preparations for and recovery from a disaster, whether natural or man-made. The plan is used before a disaster in preparation for its occurrence, and then afterward to rebuild and recover the organization's functionality. When is the BC plan used? will be needed if a disaster has rendered the current location of the business unusable for continued operation. BCP outlines the reestablishment of critical business operations during a disaster that affects operations at the primary site. How do you determine when to use the IR, DR, and BC plans? An incident response plan is used as soon as an incident in progress has been identified. An attack is identified as an incident if: A disaster recovery plan is used if an incident escalates or is disastrous. The plan typically focuses on restoring systems at the original site after a disaster occurs. A business continuity plan is used concurrently with the disaster recovery plan when the damage is major, creates long-term consequences, or requires more than simple restoration of information and information resources. Containment the process of determining which systems have been attacked and removing their ability to attack uncompromised systems. hot site fully configured computer facility with all services, communications links, and physical plant operations, including heating and air conditioning. warm site provides many of the same services and options as a hot site. However, it typically does not include the actual applications the company needs, or the applications may not yet be installed and configured. cold site provides only rudimentary services and facilities. No computer hardware or peripherals are provided. All communications services must be installed after the site is occupied. time-share is a hot, warm, or cold site that is leased in conjunction with a business partner or sister organization. The time-share allows the organization to maintain a disaster recovery and business continuity option at a reduced overall cost. The time-share has the same advantages as the type of site selected (hot, warm, or cold). The primary disadvantage is the possibility that more than one organization involved in the time-share may need the facility simultaneously service bureau an agency that provides a service for a fee. In the case of disaster recovery and continuity planning, the service is the agreement to provide physical facilities during and after a disaster. These types of agencies also frequently provide off-site data storage for a fee. Contracts can be carefully created with service bureaus to specify exactly what the organization needs without having to reserve dedicated facilities. mutual agreement is a contract between two or more organizations that specifies how each will assist the other in the event of a disaster. It stipulates that each organization is obligated to provide necessary facilities, resources, and services until the receiving organization can recover from the disaster. risk management the process of identifying vulnerabilities in an organization's information systems and taking carefully reasoned steps to ensure the confidentiality, integrity, and availability of all the components in those systems. Who is responsible for risk management in an organization? Which community of interest usually takes the lead in information security risk management? community of interest; the information security community What are vulnerabilities? How do you identify them? specific avenues that threat agents can exploit to attack an information asset. they are a flaw or weakness in an information asset What five strategies for controlling risk • The defense control strategy attempts to prevent the exploitation of vulnerabilities. Describe the defense strategy for controlling risk. List and describe the three common methods. attempts to prevent the exploitation of vulnerabilities Describe the transfer strategy for controlling risk. the control approach that attempts to shift risk to other assets, other processes, or other organizations. These controls may be accomplished by rethinking how services are offered, revising deployment models, outsourcing to other organizations, purchasing insurance, or implementing service contracts with providers. Describe the mitigation strategy for controlling risk. the control approach that attempts to reduce the impact of exploited vulnerabilities through planning and preparation. Mitigation
begins with the early detection of an attack in progress and the organization's ability to respond quickly, efficiently, and effectively. How is an incident response plan different from a disaster recovery plan? The disaster recovery plan focuses on preparations completed before a disaster or escalated incident and actions taken afterward to reestablish operations at the primary site. The incident response plan focuses on intelligence gathering, information analysis, coordinated decision making, and urgent, concrete actions taken while an incident is occurring. risk appetite defines the quantity and nature of risk that organizations are willing to accept as they evaluate the trade-offs between perfect security and unlimited accessibility. cost-benefit analysis the formal decision-making process an organization uses to evaluate whether the benefit gained from a given project is worth the expense. single loss expectancy the value associated with the most likely loss from an attack. It is a calculation based on an asset's value and the expected percentage of loss from one occurrence of a particular attack. residual risk When vulnerabilities have been controlled as much as possible, any remaining risk that has not been removed, shifted, or planned for What is the typical relationship among the untrusted network, the firewall, and the trusted network? The untrusted network is usually the Internet or another segment of a public access network, while the trusted network is typically a privately owned network. The firewall serves as a mechanism to filter traffic from the untrusted network into the trusted network to foster assurance that the traffic is legitimate. How is an application layer firewall different from a packet-filtering firewall? The application layer firewall takes into consideration the nature of the applications that are being run, including the type and timing of the network connection requests as well as the type and nature of the traffic that is generated. The packet-filtering firewall simply looks at the packets as they are transferred. How is static filtering different from dynamic filtering of packets? Static filtering requires that the firewall's packet filtering rules are developed and installed with the firewall. This type of filtering is common in network routers and gateways. Dynamic filtering allows the firewall to react to an emergent event and update or create rules to deal with it. This reaction could be positive, as in allowing an internal user to engage in a specific activity upon request, or it could be negative, as in dropping all packets from a particular address when the system detects an increased presence of a particular type of malformed packet. What is stateful inspection? keep track of each network connection between internal and external systems using a state table. What special function does a cache server perform? Why is this useful for larger organizations? These types of servers can store the most recently accessed Web pages in their internal cache memory, and thus can provide content for heavily accessed pages without the level of traffic required when pages are not cached. Larger organizations often find that just a few Web sites account for a large quantity of their traffic and that they can lower total network traffic measurably by using a cache server. What is a sacrificial host? What is a bastion host? They are synonyms. Because the bastion host stands as a sole defender on the network perimeter, it is also commonly referred to as the sacrificial host. To its advantage, this configuration requires the external attack to compromise two separate systems before it can access internal data. What is a DMZ is the network segment that may be engineered between the external access to a network and the internal areas. What questions must be addressed when selecting a firewall for a specific organization? • What type of firewall technology offers the right balance between protection and cost for the organization's needs? What is a content filter? a software filter—technically not a firewall—that allows administrators to restrict access to content from within a network. What is a VPN? a private and secure network connection between systems that uses the data communication capability of an unsecured and public network. Students also viewedSecurity - Chapter 02 - Review*20 terms ogsaw1 Info Security Exam 123 terms spaceoranges Chapter 5 Planning for Security11 terms cherokee5301 Principles of Information Security, 4th Edition. C…20 terms cherokee5301 Sets found in the same folderCIS 322 Final Review116 terms bmuncy Chapter 1 Quiz Question Bank - CIST1601 - Informat…34 terms bwheele6791 CP3302_Chap328 terms Marksy_010 ISA3060-01-Chapter625 terms cfarsee Other sets by this creatorIntegrated Business Exam 1 (Ch2-3 & 5)46 terms kbeard12 Info Sec Quiz #243 terms kbeard12 Quiz #3 for BUS 49421 terms kbeard12 Quiz #2 for BUS 49419 terms kbeard12 Verified questions
algebra Use the real estate amortizationtable to find the monthly payment for the following loans. (See the Example discussed before .) $$ \begin{array}{ccccc} \begin{array}{}\text{Amount }\\\text{of Loan}\end{array}& \begin{array}{}\text{Interest}\\\text{Rate}\end{array}& \begin{array}{}\text{Term of}\\\text{Loan}\end{array}& \begin{array}{}\text{Monthly}\\\text{Payment}\end{array}\\ \$112,800& 8\frac{1}{2}\% & 15\text{years}& \underline{\qquad\qquad} \end{array} $$ Verified answer
management Describe how Goldman Sachs' resilience training might influence different parts of the stress process as it is described in this chapter. Verified answer
question Suppose that a company's sales were $\$ 5,000,000$ three years ago. Since that time sales have grown at annual rates of $10$ percent, $-10$ percent, and $25$ percent. Find the ending value of sales after this three-year period. Verified answer
psychology Researchers believe that one important function of sleep is to facilitate learning and memory. How does knowing this help you in your college studies? What changes could you make to your study and sleep habits to maximize your mastery of the material covered in class? Verified answer Recommended textbook solutionsOperations Management: Sustainability and Supply Chain Management12th EditionBarry Render, Chuck Munson, Jay Heizer 1,698 solutions
Service Management: Operations, Strategy, and Information Technology7th EditionJames Fitzsimmons, Mona Fitzsimmons 103 solutions
Human Resource Management15th EditionJohn David Jackson, Patricia Meglich, Robert Mathis, Sean Valentine 249 solutions
Information Technology Project Management: Providing Measurable Organizational Value5th EditionJack T. Marchewka 346 solutions Other Quizlet setsCWPC 14C Highlighted SOBs65 terms shawn_sullivan60 DLP4-Exercise 1.168 terms Nabeel_Hashim ACCT 201 EXAM 253 terms rvandermuss421 chapter 5 class 1017 terms madelinemchugh2 What is the difference between a policy and a standard quizlet?Policy first because it is the law that dictates what an employee should do. A standard provides specifics to help employees comply with the policy. Guidelines give recommendations to assist users in complying with a new policy.
What is the difference between a policy and a procedure quizlet?What is the difference between policies and procedures? Policies are guidelines to make consistent decisions and procedures are descriptions of the way work is to be done.
What type of policy would be needed to guide use of the web e mail office equipment for personnel use?An issue specific security policy would be needed to guide use of the web, e-mail, and office equipment for personal use.
Who is responsible for managing a technology?IT directors are responsible for ensuring all parts of a company's IT infrastructure function effectively. This includes managing networks, servers, storage, security and applications. In some companies, the IT director and the CIO are the same person and the two terms are used interchangeably.
|