1A

Question 1

A ____ is any circumstance or event with the potential to adversely affect a system through unauthorized access, destruction, disclosure, modification of data, or denial of service.

Answer 1

threat

Question 2

A threat is a ___ danger that ___ exploit a vulnerability.

Answer 2

possible
may

Question 3

The model Microsoft uses for threat analysis and identification is called ____.

Answer 3

STRIDE

Question 4

What does STRIDE stand for?

Answer 4

• Spoofing
• Tampering
• Repudiation
• Information disclosure
• Denial of Service
• Elevation of privilege

Question 5

What is spoofing?

Answer 5

Pretending to be something or someone other than yourself.

Question 6

What is tampering?

Answer 6

Modifying something on a disk, network, memory, or elsewhere.

Question 7

What is repudiation?

Answer 7

Claiming you didn’t do something or were not responsible.

Question 8

What is information disclosure?

Answer 8

Providing information to someone not authorized to have it.

Question 9

What is denial of service?

Answer 9

Exhausting resources needed to provide services to the user.

Question 10

What is elevation of privilege?

Answer 10

Allowing someone to do something they are not authorized to do.

Question 11

What are the three types of threat agents?

Answer 11

Inside Attack, Outside Attack and Botnet

Question 12

What is an Inside Attack?

Answer 12

An inside attack is initiated by an insider, which is an entity inside of a security perimeter. Insider threats have authorization to access a system, but they use their authorization in a way that is not approved by the party that granted authorization.

Question 13

What is an Outside Attack?

Answer 13

This is initiated by an outsider, which is an entity outside of a security perimeter. Outsider threats gain unauthorized or illegitimate access to a system.

Question 14

What is utilized on outside attacks?

Answer 14

Botnets

Question 15

What is a botnet?

Answer 15

A botnet is an aggregation of compromised computers, turning them into robots used by attackers.

Question 16

A bot (short for ___) is an automated program that
executes commands.

Answer 16

robot

Question 17

Botnets operate through a central command-and-control server and can be activated by attackers via ___ ___.

Answer 17

chat rooms

Question 18

A ___ is a flaw or weakness in a system’s design, implementation, or operation and management which could be exploited to violate the system’s security policies.

Answer 18

vulnerability

Question 19

A vulnerability ___ be exploited by a threat, but not every threat always results in an actual attack to a system

Answer 19

may

Question 20

The degree of ___, ____, and ___ will determine an attack’s success.

Answer 20

vulnerability, strength of attack and effectiveness of countermeasures

Question 21

An attack to a network is an intentional act by which an intelligent threat actor attempts to evade security services and violate the security policy of a system.

Answer 21

Network Attack

Question 22

A network attack can be characterized according to ___, ___, and ___.

Answer 22

intent, point of initiation and method of delivery

Question 23

A network attack may also affect…?

Answer 23

one or multiple systems

Question 24

In a network attack, targeted resources may include…?

Answer 24

1. Data stored in an information system (IS)
2. Services provided to the user
3. System processing power
4. Hardware
5. Firmware
6. Software
7. The physical design of the facility

Question 25

What are the three types of network attacks?

Answer 25

Denial of Service Distributed Denial of Service Unauthorized Access

Question 26

__ __ __ attacks are probably the nastiest, and most difficult to address. They are very easy to launch and often difficult (sometimes impossible) to track because of their timing.

Answer 26

Denial of Service

Question 27

The following describes which type of network attack? The intent is to send more requests to a machine than it can handle, disrupting or even totally blocking user services.

Answer 27

Denial of Service

Question 28

The following describes which type of network attack? While a standard DoS attack comes from one computer, a ___ ___ ___ attack involves multiple computers sending requests, and is usually performed by a botnet.

Answer 28

Distributed Denial of Service

Question 29

The following describes which type of network attack? The goal of these attacks is to access a resource that a machine should not provide the attacker. They may falsely identify as the originating host.

Answer 29

Unauthorized Access

Question 30

In the cyber world, we do not want unknown or untrusted individuals to gain access to our equipment. To help control this, systems are divided into two main classifications of users and their system access capability:

Answer 30

user access and administrator access

Question 31

Among destructive types of break-ins and attacks, there are two major categories:

Answer 31

data diddling and data destruction.

Question 32

___ ___ occurs when an attacker makes small changes or entries in records to change the original meaning. It is a form of computer fraud involving the intentional falsification of numbers in data entry.

Answer 32

Data Diddling

Question 33

___ ___ is likely the worst type of attack since the fact of a break-in might not be immediately obvious.

Answer 33

Data Diddling

Question 34

The term ___ ___ can be defined as the process of destroying the data stored on tapes, hard disks, and other forms of electronic media so that it is completely unreadable.

Answer 34

Data Destruction

Question 35

Some countermeasures that may reduce the risk of DDoS attacks include:

Answer 35

* Not running your visible-to-the-world servers at a level close to capacity. * Packet filtering to prevent obviously forged packets from entering your network address space. * Security-related patches for host operating systems.

Question 36

Some examples of data destruction include:

Answer 36

* Erasing the recycle bin. This method allows you to quickly delete basic junk files from the computer without having to worry about formatting your entire computer’s hard drive. * Overwriting data to change the entire format. * Degaussing. This method uses a magnetic field to erase data and cause irreversible damage to the data. * Destroying hard drives with special software * Electronic shredding. This refers to physically destroying the entire system equipment.

Question 37

When data is destroyed for authorized purposes, it must be completely ____, regardless of the method, to ensure it is unreadable and cannot be accessed, recovered, or used for unauthorized purposes. This process can vary for each equipment type, classification, or scenario.

Answer 37

sanitized