05 Security Policies

Question 1

Name different security threats.

Answer 1

• Criminal vandalism/sabotage
• Hacking or theft
• White collar crime
• Natural disasters (e.g. flooding and fire)
• Accidents and errors
• State-sponsored hacking
• Politically-motivated attacks or data breaches
• Terrorism

Question 2

What is hacking? Give an example.

Answer 2

Hacking is when an individual or criminal gang find a way to break into a company’s ICT systems. Once in, they may steal customers’ information, especially bank account details. Or, hackers may use ransomware to encrypt company files. They then demand the company pays them a ransom to unencrypt the files.

Question 3

What is it called when an individual or criminal gang find a way to break into a company’s ICT systems?

Answer 3

Hacking.

Question 4

Give an example of white collar cyber security crime.

Answer 4

White collar cyber security crimes occur when an employee uses their access to ICT systems to steal information from their company, or misuses the network for criminal activity. For example, an employee in a bank might steal customers’ account details. Or, they might sell confidential information to a rival company.

Question 5

When an employee uses their access to ICT systems to steal information from their company or misuses the network for criminal activity it is known as what?

Answer 5

White collar cyber security crime.

Question 6

An employee in a bank stealing customers’ account details or selling confidential information to a rival company is an example of what?

Answer 6

White collar cyber security crime.

Question 7

Why are natural disasters a security threat?

Answer 7

Natural disasters, for instance flooding, could damage a company’s data centre. The company could lose important information due to this and would need to replace the equipment damaged.

Question 8

Give an example of a security threat due to misuse or accidents.

Answer 8

Common mistakes that employees make include accidentally deleting important data, and sending confidential information by email to the wrong people.

Question 9

Describe state-sponsored hacking.

Answer 9

State-sponsored hacking occurs when a country uses its cyber-security expertise to attack another country’s ICT, or a specific company that it doesn’t approve of.

Question 10

When a country uses its cyber-security expertise to attack another country’s ICT, or a specific company that it doesn’t approve of; it’s known as what?

Answer 10

State-sponsored hacking.

Question 11

Describe an example of state-sponsored hacking involving the entertainment industry.

Answer 11

When Sony Pictures launched a comedy film about the leader of North Korea in 2014, a hacker group allegedly backed by the government attacked Sony’s ICT systems. It posted on the internet copies of their films and confidential emails about film stars. Sony initially withdrew the film, but later changed its mind.

Question 12

Give an example of state-sponsored hacking involved an industrial target.

Answer 12

Allegedly, the Stuxnet virus was created by the US and Israeli governments to attack Iran’s nuclear facility in 2010. The virus caused equipment at the plant to run out of control. Stuxnet has since been described as the most dangerous virus ever released.

Question 13

Give an example of a politically-motivated data breach.

Answer 13

Edward Snowden was an IT security contractor employed by the National Security Agency in the United States. In 2013, he leaked thousands of documents to journalists in protest at the US governments secret mass surveillance of American citizens.

Question 14

Give examples of physical access security.

Answer 14

• Doors
• Locks
• Keypad codes
• Swipe cards
• Voice recognition
• Facial recognition
• CCTV

Question 15

How can physical access security protect companies?

Answer 15

Physical access security can protect data centres and sever rooms so that only authorised people can enter.

Question 16

What operational procedures can protect companies from security threats?

Answer 16

• Schedule for regular data backups
• Regular updates of anti-virus software and firewalls to protect against latest threats
• Have a plan for responding to natural or other disasters
• Store data in different geographical locations
• Have a recovery plan for restoring data if it gets corrupted or lost.
• Test back-up power supplies, batteries and diesel generators.
• Enforce an employee Code of Conduct to protect company data and equipment
• Regularly train IT staff
• Monitor network traffic for unusual activity
• Configure routers to detect and filter Ddos attacks.

Question 17

How can an employee Code of Conduct protect companies against security threats?

Answer 17

A Code of Conduct ensures staff know how to avoid taking risks that could expose the company to viruses or other threats. Employees should never click on email attachments from people they don’t know, for example.

Question 18

What ensures staff know how to avoid taking risks that could expose the company to viruses or other threats?

Answer 18

An employee Code of Conduct.

Question 19

What does UPS stand for?

Answer 19

Uninterruptable
Power
Supply

Question 20

What is a UPS?

Answer 20

A UPS is a large battery and diesel generator that keeps equipment running for a few hours or days if the normal power supply is lost.

Question 21

What large battery and diesel generator keeps equipment running for a few hours or days is the normal power supply is lost?

Answer 21

A UPS

Question 22

What does BYOD stand for?

Answer 22

Bring Your Own Device.

Question 23

What is a BYOD policy?

Answer 23

A BYOD policy restricts the types of devices (i.e. phones, laptops, etc.) that employees can use on a company network.

Question 24

What are 3 potential consequences for a company if hackers breach its security systems and steal customer data?

Answer 24

• If customer data is stolen or posted online then the company’s reputation will be damaged.
• Customers may leave the company and the company may have difficulty winning new customers.
• The company couple be sued by customers and it would need to pay legal fees to defend itself.
• Regulators could impose a fine.
• Competitors may gain access to confidential information.
• Production, distribution and delivery may be delayed.
• The company is likely to lose business and cashflow
• The company’s share price could fall if investors lose confidence in it.

Question 25

What are 3 factors that a company should consider in order to minimise security risks?

Answer 25

1. Understand threat landscape - what types of threats could impact the company?
2. Calculate the likelihood of a breach - what is the likelihood of different types of threats occurring?
3. Understand consequences - what are the short and long-term consequences if a security breach occurs?
4. Security procedures - what procedures does the company have in place? For example, back-ups, anti-virus updates, disaster recovery plans, etc.

Question 26

What is risk management (or ‘risk analysis’)?

Answer 26

Risk management is the process of 1. assessing the likelihood of any potential threat occurring, 2. estimating the damage that could be caused by the threat, 3. estimating the cost of protection against any threat, and 4. assessing how well prepared the company is to respond to the threat.

Question 27

The process of 1. assessing the likelihood of any potential threat occurring, 2. estimating the damage that could be caused by the threat, 3. estimating the cost of protection against any threat, and 4. assessing how well prepared the company is to respond to the threat is known as what?

Answer 27

Risk management (or ‘risk analysis’).

Question 28

Define a proxy server?

Answer 28

A proxy server is an intermediary server between a client computer and resource, such as access to the internet.

Question 29

An intermediary server between a client computer and resource, such as access to the internet, is known as what?

Answer 29

A proxy server.

Question 30

How is a proxy server used to protect computers on a computer network?

Answer 30

A proxy server protects computers on the network by relaying requests for access to network services, for example, the proxy server intercepts requests to a web server from a client computer in order to provide indirect access to the internet. This means the client’s IP address is not visible to the web server and so protects the user’s privacy.

Question 31

What protects computers on the network by relaying requests for access to network services?

Answer 31

A proxy server.

Question 32

How do user accounts help keep data secure?

Answer 32

The IT admin will give users their own personal usernames and passwords and will allocate them a specific level of access appropriate to their job role, for instance, a student will only have access to their own files, whereas a teacher will have access to their own files and those of their students. A superuser in IT has access to everyone’s accounts.

Question 33

How do user logs help to keep data secure?

Answer 33

User logs provide an audit trail of activity on the nerwork. The logs are a record of who logged on and off and also, when they did so. It also shows what computer they were using, what programmes they used, any files they accessed and any changes made to data.

Authorised IT staff can analyse the logs to identify any abuses of the system, for instance, is an employee tried to guess a password for a database they shouldn’t be able to access.