Basic Concepts Flashcards

Question

What are incoming mail servers denoted?

Answer 1

* POP3 (Post Office Protocol version 3) | * IMAP (Interactive Mail Access Protocol)

Answer 2

Webservers are computers that deliver (serve up) web pages. Every webserver has an IP address and possibly a domain name. Any computer can be turned into a webserver by installing server software and connecting the machine to the Internet. When accessing a webpage, your machine runs a web browser, and the browser connects to a server and requests a page. The server machine running a webserver then sends back the requested page. Three popular webservers include: ●Apache ●IIS ●NGINX

Answer 3

It is an application layer protocol. An HTML page is transmitted over the web in a standard way and format known as Hypertext Transfer Protocol (HTTP). This protocol uses TCP/IP to manage the web transmission.

Answer 4

It is an application layer protocol. This protocol provides security for sensitive data by transmitting the HTML page in an encrypted form. A webpage using this protocol will have https: at the beginning of its URL.

Answer 5

It is an application layer protocol. This protocol provides a method for copying files over a network from one computer to another. It can also be used for downloading from the web, but more often than not, downloading is done via HTTP. Sites that have a lot of downloading (software sites, for example) will often have an FTP server to handle the traffic. If FTP is involved, the URL will begin with ftp:.

Answer 6

1. A TCP/IP virtual communication channel is created from the browser to the web server specified in the URL. 2. A HTTP GET or HTTP Post request is sent through this channel to the destination web application, which retrieves data submitted by the browser user and composes an HTML file. 3. The HTML file is sent back to the web browser as an HTTP response through the same TCP/IP channel. 4. The TCP/IP channel is shut down.

Answer 7

Markup languages (ML) were originally designed for text processing and presentation such as formatting, size, and location. If you have the recipe for your favorite cake, you can use that recipe and the proper ingredients to make that cake any time you like. Markup languages are like recipes used for defining, presenting, and processing text.

Answer 8

It is a Markup language. Different business data types have different logical structures (e.g., patient medical record vs. bank transaction record). For efficient processing, each business data type must be represented in well-defined formats. Such data representations are unique, and different businesses may represent the same type of business data in different formats. Extensible Markup Language (XML) is used mainly for business data specification and integration where there are different types of business data and data structures. Unlike HTML, which has predefined terms, XML does not limit what tag or attribute names can be used. Example: XML Structure Gone with the Wind Movie Classic

Answer 9

It is a Markup language. Extensible Hypertext Markup Language (XHTML) is in the XML family. It was developed to make HTML more extensible and increase interoperability with other data formats to better support flexible data presentation on different devices. The goal of shifting to XML format was for HTML to become compatible with common XML tools. Example: XHTML Structure Virtual Library

Moved to example.org.

Answer 10

``` It is a Markup language.(?) A Cascading Style Sheet (CSS) is used to maintain a consistent look across various browsers. A style sheet consists of a list of style rules. An HTML file may import external cascading style sheets using a link element inside a head element. Example Rule H1 { Color:blue; Font-size:12px; } ``` Every web browser has a default way to render HTML elements. For example, HTML standards do not specify the font size of h1 (first-level header) elements, so web browser designers have the freedom to choose a font size to present h1 elements as long as it is not smaller than that for h2 (second-level header) elements. Therefore, a web page viewed on Internet Explorer can look vastly different from the same page viewed on Safari.

Answer 11

It is a Markup language. HTML (hypertext markup language) is the standard markup language used to create web pages. HTML is written using tags or predefined keywords, which are enclosed in angle brackets (e.g., , ,

). Example: Basic HTML Structure

Enter your name:

Google

Answer 12

An important component of computer security is testing systems and people to determine if there are any weaknesses that, if not detected and addressed, could put networks and data at risk. Penetration (pen) testing is one such type of assessment whereby the tester attempts to gain access to a computer system to determine if there are any vulnerabilities in the system and to test the system's security. Generally, a pen tester acts as an attacker, meaning they access the system without using authorized credentials. Pen testing is performed in cooperation with and at the direction of the system owner (or entity with authority over the system), who establishes the goals for the testing activities. The overall purpose of pen testing is to validate the system's security, identify weaknesses that could put the system at risk, and recommend mitigations to address the vulnerabilities. Pen testing can • provide an assessment of the defenses in use, • assess the response capabilities of the personnel in the organization charged with protecting and defending the network • evaluate the organization's crisis response and any associated plans • provide justification for the allocation of additional resources (people and/or technologies) for network security • result in recommendations to address any vulnerabilities identified.

Answer 13

It is confidentiality, Integrity, and Availability

Answer 14

The purpose of IT security is to ensure that an organization's resources, whether data, hardware, or software, are not misused. One of the five main goals of IT security is confidentiality. Confidentiality is the assurance that whatever access controls are in place are enforced. It is preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. Confidentiality is maintained when only authorized individuals or systems are allowed to access certain types of information.

Answer 15

The purpose of IT security is to ensure that an organization's resources, whether data, hardware, or software, are not misused. One of the five main goals of IT security is availability. Integrity is ensuring timely and reliable access to and use of information. Information is useful only when it is available at the right time. The availability of information depends on the functioning of the systems that store, protect, and allow or deny access to information. A good example of a threat to system availability is seen in the case of Nancy being denied access to the financials database in the FlyWithUs scenario. Reference National Institute of Standards and Technology. (2004). Standards for security categorization of federal information and information systems. Retrieved from http://csrc.nist.gov/publications/fips/fips199/FIPS-PUB-199-final.pdf

Answer 16

Authentication is the process by which credentials are presented and validated to enable access. There are a number of different methods of authentication. Passwords are the most common type of authentication and are usually coupled with user identification (user IDs). Tokens and certificates are often used in place of passwords to provide a higher level of security. Tokens can contain unique identifiers (e.g., digital signatures or keys). Tokens can also store biometric data--for example, fingerprints. There are several different types of combinations of authentication. Higher levels of security are generally associated with more levels of authentication (multifactor). For example, two-factor authentication might include a token and a password. Kerberos is a protocol for authentication which is made up of two components: a ticket (distributed by a service) for user authentication and a key that is developed from the user's password. Another authentication scheme is the Challenge-Handshake Authentication Protocol (CHAP), which uses a representation (hash) of the user's password to authenticate. Authentication involves confirming a user's identity. Authentication, a form of access control, requires users to confirm their identity before they gain access to a system. For example, a job candidate provides personal information to the employer supported by proof of identity such as a driver's license, birth certificate, or passport. Many organizations run background checks on candidates to validate their credentials. If the proof of ID and the background check prove satisfactory, the company can hire the candidate and feel safe in creating internal authentication mechanisms such as a logon ID and password.

Answer 17

Biometrics is a general term used alternatively to describe a characteristic or a process. As a characteristic, a biometric is a measurable biological (anatomical and physiological) and behavioral characteristic that can be used for automated recognition. As a process, a biometric is an automated method of recognizing an individual based on measurable biological (anatomical and physiological) and behavioral characteristics. NSTC Subcommittee on Biometrics: Frequently Asked Questions comprises public domain material from the National Science and Technology Council. UMUC has modified this work.

Answer 18

Computers and network peripherals are normally connected to the network as terminal devices. Terminal devices are devices where the communication ends.

Answer 19

Privacy is the ability of an entity to exclude themselves from being identified. The Fourth Amendment to the United States Constitution first addressed the right to privacy and established that searches and seizures must meet the reasonableness requirement. Since then, other laws have been enacted that further address privacy considerations, to include: • Privacy Act of 1974, a US law that governs the disposition of personally identifiable information (PII) in federal government systems; • Foreign Intelligence Surveillance Act (FISA), which was first signed into law in 1978, with a focus on creating congressional and judicial oversight of US government surveillance activities; • Electronic Communications Privacy Act of 1986 (ECPA), which authorized electronic data transmissions by computer to be subject to collection by authorized agents of the US government; • Health Insurance Portability and Accountability Act of 1996 (HIPAA), which contains a privacy rule that regulates the use and disclosure of protected health information (PHI), which is any information that concerns the health status, provision of health care, or payment for health care linked to a specific individual. There are reporting requirements and penalties for unauthorized disclosures.

Answer 20

The Foreign Intelligence Surveillance Act (FISA) of 1978 was enacted to counter international terrorism against the United States. The act legalizes the use of electronic surveillance for gathering foreign intelligence or counterintelligence. In addition, it allows the surveillance of foreign governments, foreign agents, foreign diplomats, and other foreign groups residing within or communicating from within the US. Over time, the act has been expanded to include physical searches and the use of wiretapping. The Protect America Act (2007) The Protect America Act was enacted as an amendment to the Foreign Intelligence Surveillance Act (FISA). It allows law enforcement agencies to conduct surveillance of foreign suspects reasonably believed to be outside the United States without having to obtain a warrant. Probable cause is still required before law enforcement can take any action. References Library of Congress. H.R. 6304. (2008). Thomas database. Retrieved from http://thomas.loc.gov/cgi-bin/bdquery/z?d110:HR06304:@@@D&summ2=m& United States House of Representatives. (n.d.). Foreign Intelligence Surveillance Act. Retrieved from http://uscode.house.gov/download/pls/50C36.txt

Answer 21

the Electronic Communications Privacy Act Enacted in 1986, this act protects all electronic communication from unauthorized government access. Law enforcement agencies are required to obtain search warrants to access any electronic communication. In addition, the act prohibits wiretapping of employees' electronic data transmissions and telephone conversations and also prohibits unauthorized access to employees' communication stored by employers. References Solove, D. (2006). A brief history of information privacy law. Retrieved from http://papers.ssrn.com/sol3/papers.cfm?abstract_id=914271 United States Department of Justice. (n.d.). Public law 99-508. Retrieved from http://www.justice.gov/jmd/ls/legislative_histories/pl99-508/act-pl99-508.pdf

Answer 22

The Internet is the network of all networks. In other words, all different networks belonging to different organizations around the world connect to each other through the Internet. This, in turn, creates a fully interconnected cyberspace.

Answer 23

The current version of the IP Internet is version 4 (IPv4). IPv4 addresses are made up of four numbers, known as octets, which are separated by periods. Each octet has a value between 0 and 255 and is equivalent to 8 bits; this means that an IPv4 uses 32 bits. Example of an IPv4 address: 64.233.177.101

Answer 24

IPv6 Addresses IPv6 addresses use eight groups, each equivalent to 16 bits for a total of 128 bits. Much higher than the 32 bits from IPv4, this version provides a huge range of public IP addresses. IPv6 addresses are normally represented as eight groups of four hexadecimal digits with the groups separated by colons. Example of an IPv6 address: 3FFE:1900:4545:3:200:F8FF:FE21:67CF

Answer 25

An Internet Protocol (IP) address, also known as a logical address, is used to identify network devices or nodes on a network in network or IP layer. Think about some unique identifiers you use for various reasons (e.g., Social Security number, cell phone number, e-mail address, etc.). Each can be used for identification purposes in different ways and places, and they each follow different formats. In the same way, an IP address is used for identification and, depending on its version, follows a specific format. IP addresses are also categorized by various characteristics, which include: • public and private • static and dynamic • IPv4 and IPv6

Answer 26

A public IP address is a unique address of a network device on the Internet. For a device to be able to communicate on the Internet, it must have a public IP address. It is similar to a public phone number, which is required to communicate using the phone network.

Answer 27

A private IP address is a unique address in internal networks when there is no need to have public IP addresses. If we compare the public IP address to a company's public phone number, the private IP address is similar to extensions within that organization. It is similarly used to extend a public number into many private addresses.

Answer 28

If you need to run your own e-mail server or web server, it would be best to have a static IP – that is, an IP address that is fixed and never changes. This is in contrast to a dynamic IP address, which may change at any time. Businesses often purchase a single static IP or a block of static IPs.

Answer 29

Dynamic IP Addresses A dynamic IP address is not static and can change at any time. This type of IP address is issued to you from a pool of IP addresses allocated by your Internet service provider (ISP). Your computer will automatically get this number when it logs on to the network, and the number will likely be different the next time it logs in. This number can be assigned to anyone using a dial-up, wireless, or high-speed Internet connection.

Answer 30

1967 The Internet, a concept first published in 1967, was built by the Defense Advanced Research Projects Agency (DARPA) as a project called ARPANET. 1969 In 1969, the first successful message was sent through the ARPANET between the University of California, Los Angeles, and the Stanford Research Institute. The ARPANET gradually expanded to include more university and larger regions from the West Coast to the East Coast. 1983 In 1983, TCP/IP protocols replaced the original ARPANET principal protocol to establish the "early Internet." 1990 In February of 1990, ARPANET was formally decommissioned. 1991 Based on the High Performance Computing Act of 1991, the National Information Infrastructure (NII) was formed to enhance the web of public and private communication networks, interoperable systems, and resources with extreme numbers of users. The development of this infrastructure was essential in providing the bed for other inventions and improvements to the Internet and web protocols and technologies.

Answer 31

The World Wide Web was built based on the HTTP application layer protocol of TCP/IP, or the Open Systems Interconnection (OSI) model. The web is the front-end access to the Internet. It allows different forms of information to be transported over the Internet through web browsers. Many other protocols can also work on the web, such as File Transport Protocol (FTP), Simple Mail Transport Protocol (SMTP), Post Office Protocol Version 3 (POP3), and Internet Message Access Protocol (IMAP). The World Wide Web is much more than a collection of URLs and domain names, for a number of groups have been involved in its organization and growth. Web applications typically follow the same basic architecture that includes the web browser, the webserver, an application (app) server, and a database. Because the web accesses the Internet, application layer protocols and firewalls are used to facilitate the transmission and reception of data. A user performs a web session when interacting with the web through the web browser. During each session, there are several ways temporary data is stored. The security of data being transmitted, received, and stored causes web security issues. Two common web security issues are SQL injections and cross-site scripting.

Answer 32

IP addresses are used to identify locations on the Internet. However, because working with IP addresses can be complicated, a Uniform Resource Locator (URL) is used to simplify the process. URLs represent an address on the Internet using words instead of numbers. At the basic level, each URL includes the protocol, domain, and port. In addition, URLs can also include application and additional information. The anatomy of a URL includes the following: http://domain-name.port/application/resource? Query-string

Answer 33

It is a protocol for accessing the resource domain. A name that determines a realm of some sites within the Internet; it is a collection of sites that are related in some sense, such as business sector.

Answer 34

The address used in the TCP layer to conduct the data to/from a particular application layer to the network and Internet.

Answer 35

A folder on the server containing all resources related to a web application.

Answer 36

The name (alias or nickname) of an HTML or script/program file residing on a server hard disk.

Answer 37

(optional): passes user data to the web server.

Answer 38

Domain Name System (DNS) A domain is a collection of sites that are related for one of the following reasons: ● They form a proper network (e.g., all machines on a campus or all hosts on BITNET). ● They all belong to a certain organization (e.g., the US government). ● They are simply geographically close. Domain Name System (DNS) is a giant distributed database and a service that looks up and translates registered domain names and URLs into IP addresses. This allows the IP address to be translated to words, since it’s easier to remember words instead of a numerical series. For example, it is much easier to remember a web address such as random_site_name.com than it is to remember 10.1.1.1.

Answer 39

Pseudonymity is the act of using a fake name or alias. There are two types of pseudonymity: traceable and untraceable. If, in a given situation, the online persona of a user who operates under a pseudonym can be linked to his offline persona, then his pseudonymity is said to be traceable. On the other hand, if no linkage can be established between the online persona of the user and his real identity, then his pseudonymity is said to be untraceable. Here is an example of pseudonymity: Nicholas Cole is a political reporter. As part of his work, he often comes across cases of unethical practices by the media. Cole wants to write about these practices, but cannot afford to do so publicly. Cole starts a media blog under a pseudonym. No one can guess Cole's true identity from his blog. However, if an individual took extra measures to uncover the author of the blog, he or she could trace Cole's identity back to the ISP. Cole's pseudonymity here is therefore traceable, even if it doesn't at first appear so.

Answer 40

IP Spoofing and Packet Sniffing are common techniques for attacking and exploiting networks. In IP Spoofing, a malicious actor transmits IP packets from a spoofed source address that might appear to originate from a legitimate source. This technique is often the source of denial-of-service attacks, which are used to flood networks, resulting in the inability of legitimate traffic to reach its destination. Packet Sniffing is used to capture information in a network packet. This technique is commonly used to steal credentials (e.g., user IDs, passwords, credit card numbers). Attackers can lie dormant in a network, making them difficult to detect as they collect data.

Answer 41

The TCP/IP suite protocols have inherent vulnerabilities. Hackers exploit these vulnerabilities to attack networks. Some common types of attacks on TCP/IP include sniffing, session hijacking, IP address spoofing, and denial-of-service (DoS).

Answer 42

In this type of attack, the attacker uses a packet sniffer such as Wireshark or Kismet to intercept and analyze the data packets sent between the sender and receiver. This action happens without the knowledge of either the sender or the receiver. Many network applications transmit data packets as clear text; therefore, attackers may be able to collect sensitive information such as user account names and passwords. Sniffing is a data-link layer attack because the attacker operates at the data-link layer of the network.

Answer 43

Session hijacking is an active version of sniffing. In this type of attack, the attacker intercepts network traffic and obtains the initial sequence number (ISN) of the communication. The ISN is the sequence number of the first packet of data being communicated and tells the attacker how many packets are being transmitted. The attacker also obtains the IP address of the sender from the packet. The attacker then impersonates the sender and communicates with the receiver. The attacker may tamper with the data he received from the sender before passing it on to the receiver. For example, an attacker may collect a confidential document, falsify it, and retransmit it to the receiver, who accepts it at face value. Session hijacking is a transport layer attack.

Answer 44

In this type of attack, the attacker sniffs network traffic to identify the pattern of legitimate IP addresses for that particular network. The attacker then forges the IP address in the packet headers. If the network uses the IP address to authenticate the user, the attacker is able to gain access to the network through the packet with the forged IP address. The attacker can then send malicious packets to the network. For example, an attacker may introduce a Trojan or key logging application to the network after gaining access to it. IP address spoofing is a network layer attack.

Answer 45

Using DoS, the attacker can make a critical service or resource unavailable to legitimate users on the network. For example, an email server can be rendered useless through the sending of hundreds of email messages with large attachments. The email server will eventually crash under the load and become unavailable to legitimate users. Similarly, an attacker can flood a server with TCP requests and cause it to stop functioning normally. Attackers may also distribute the attack—by deploying several hundreds or thousands of clients. In this situation, the attack is referred to as a distributed DoS (DDoS) attack. DoS is a transport layer attack.

Answer 46

It is Simple Mail Transfer Protocol Simple Mail Transfer Protocol (SMTP) (Klensin, 2008) is a connection-oriented, text-based protocol in which an e-mail sender communicates with an e-mail receiver by issuing command strings and supplying necessary data over a Transmission Control Protocol (TCP) connection (although other transport protocols are possible). SMTP can relay mail across multiple networks (e.g. Internet and intranet). SMTP manages the e-mail transaction, using other network assets (e.g., the Domain Name Server (DNS), to identify the appropriate next-hop; and file servers on either end of the transaction) during the SMTP session. In an SMTP session, the SMTP client (sender) opens the link and exchanges parameters with the SMTP server (receiver). The transaction consists of three client commands (the IETF RFC 5321 calls these protocol units, implying that they are packets with fields), each one accepting server replies (packets with fields for receipt status): 1. MAIL command, to establish the return address, or envelope sender 2. RCPT command, to establish a recipient of this message. This command can be issued multiple times, one for each recipient. These addresses are also part of the envelope. 3. DATA to signal the beginning of the message text; this is the content of the message as opposed to its envelope. DATA consists of a message header and a message body, separated by an empty line. DATA is actually a group of commands, and the server replies twice: first to the DATA command proper, to acknowledge that it is ready to receive the text; and second, after the end-of-data sequence, to either accept or reject the entire message. The transaction is repeated at each intermediate hop point, at which the SMTP server converts to an SMTP client. The RFC details the commands to implement the protocol units above. From a security standpoint, it is easy to envision multiple entry points in the protocol for spoofing, masquerading, playing a man-in-the-middle role, intercepting, and corrupting SMTP messages. References Klensin, J. (2008, October). Simple Mail Transfer Protocol. Network Working Group, RFC 5321. Accessed August 3, 2016, at https://tools.ietf.org/html/rfc5321

Answer 47

A web filter is a component and/or software that enforces an Internet site access policy. Web filters are used in schools and homes, for instance, to protect children from inappropriate material residing at specific URLs. Web filtering devices or software can log activity and are configurable to allow discriminatory policies (e.g., policies that may be different for administrators). Web filters are normally set to either block, allow, or warn the user. For employers, web filters use broadly categorized URL lists compiled by the vendor (some are for free). Lists are regularly updated for clients. Configurable categories include pornography, gambling, games, shopping, and violence. Blocking or warning policies are common, and usually accompany written "acceptable use" policy. Among the configuration options are time of day, which allows employers to relax restrictions during leisure time—for instance, for use of Internet chat and social networking. Additionally, firms can implement black lists or white lists, meaning that certain sites are blocked or allowed, respectively. As web filtering is based on URL only, browsers may display partially blocked pages. And, as URLs occasionally change character, lists can be easily modified by system administrators. Another option is file content filtering, where downloaded files are subjected to phraseology filtering. Phraseology filtering can be applied to web mail as well.

Answer 48

Web filters limit access to Internet content by imposing restrictions on access based on selectors, profiles, or access permissions. Web filters are used to minimize opportunities for malicious software to gain access to a network, minimize the potential for a malicious actor to gain unauthorized access, and/or block access to offensive or unauthorized information. Web filtering can be time-consuming in that it can require the identification of acceptable (white list) access points or unacceptable (black list) access points. Because web access is dynamic, web filtering requires significant effort to keep access lists current. Web filtering can also impede legitimate access, which can be frustrating for users.

Answer 49

Encryption is a security mechanism used to convert plain, readable text into a form that is disguised. Encryption enables text to be hidden from everyone except those who are the intended recipients, who have the keys to decrypt the encrypted text. Encryption is accomplished using an algorithm (cipher) and is focused on data confidentiality. Encoding can also use algorithms (codes), but the purpose of encoding is to convert data into a form that is more easily transmitted or stored, and is focused on data availability. There are several common types of encryption that are used based on the requirements of an organization. Symmetric key encryption requires communicants to have the same keys in order to encrypt and decrypt communications. Public key encryption has a public encryption key, but in order to read (decrypt) messages, the receiving communicant must also have the decryption key.

Answer 50

Encryption is a method for protecting the confidentiality and integrity of data. The following are some features of encryption: • Encryption changes a legible format to an illegible format using symmetric and asymmetric methods in order to prevent interceptors from reading the information. • Encryption is a process that depends on the sharing of a mutually established key, or that is carried out through a private/public key set. • The currently accepted National Institute of Standards and Technology (NIST) standard for strong encryption algorithms is Advanced Encryption Standard 256-bit (AES256-bit). In encryption, algorithms are used to transform data input called plaintext into an unreadable format called ciphertext. Only the user who possesses the decryption key can transform the ciphertext back into the original plaintext. Encryption is an effective way of preserving the confidentiality and integrity of an organization's data. Two types of encryption exist: symmetric and asymmetric. Symmetric encryption schemes are based on the concepts of substitution and permutation, and asymmetric encryption is based on the solution of a difficult mathematical problem.

Answer 51

Many users of the web have reasons to be anonymous for good or nefarious reasons. Today web anonymizers exist for browsing, and related to this concept are remailers, which support anonymous e-mail. Using pseudonyms, e-mail can be routed to mail servers without the original user's identity. Trusted remailer systems remove mail headers, making the e-mail message untraceable and a reply from the receiver impossible. Source: Balasubramanian, K. (Ed). (2016). Cryptographic solutions for secure online banking and commerce. Hershey, PA: IGI Global. Retrieved from There are several types of remailers that use various methods for untraceability: • Type-0 remailers are the oldest and simplest systems for e-mail anonymity. The message goes from the sender to the remailer, who trips the identity of the sender. A pseudonym is assigned to the sender. • Type-I remailers are based on the same principle, but a chain of multiple independent remailers use encryption and mixing of incoming messages before sending them out. • The results of the previous step are communicated to the operating system. • Type-II remailers, to improve protection against reply attacks, divide all outgoing messages into several fixed-size packages, which are sent separately through the network. • Type-III remailers include a better system for handing replies to anonymous messages and provide improved protection against reply attacks. Source: Anonymous remailer. (n.d.). In IT Law Wiki. Used under the terms of the Creative Commons Attribution-ShareAlike license. Retrieved from http://itlaw.wikia.com/wiki/Anonymous_remailer

Answer 52

The purpose of IT security is to ensure that an organization's resources, whether data, hardware, or software, are not misused. One of the five main goals of IT security is integrity. Integrity is the state of being accurate, relevant, and complete. It is guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity (NIST, 2004). The goal of integrity is to ensure that unauthorized individuals or systems are unable to modify data. Here are some situations where integrity is compromised. when a virus infects a computer or information system when an unauthorized person manages to update confidential data (as in the case of FlyWithUs Airlines, in which travel agents updated financial data) when sensitive data is accidentally or deliberately modified or deleted Several threats exist to the integrity of a system. For instance, in an automated system that has not been properly tested, bulk updates could incorrectly update some databases, resulting in the compromise of data. Reference National Institute of Standards and Technology (NIST). (2004). Standards for security categorization of federal information and information systems. (Federal Information Processing Standards Publication No. 199). Gaithersburg, MD: NIST.

Answer 53

Nonrepudiation is often discussed in the context of the CIA triad by cybersecurity professionals. NIST Special Publication SP 800-53, Revision 4, defines nonrepudiation as "protection against an individual falsely denying having performed a particular action. Provides the capability to determine whether a given individual took a particular action such as creating information, sending a message, approving information, and receiving a message." Without the concept of nonrepudiation, persons have the ability to avoid responsibility and accountability for digital and messaging activities. Controls ensuring the integrity of messages sent and received aim to remove or disrupt that ability. To support nonrepudiation, public key cryptography is used and enables integrity of messages in both directions. A sender encrypts with his private key to affirm to all receivers the origin of the message. By encrypting with an intended receiver’s public key, he ensures the identity of the receiver. A classic analogy to nonrepudiation is when you provide your signature to a document. In most cases, you cannot argue that you did not see the document. Similarly, digital signatures provide nonrepudiation.

Answer 54

Software is the compilation of instructions telling the computer exactly what to do to perform a specific task. Computer programming is the process of developing lists of instructions. To make the computer do any complex or meaningful task, thousands or even millions of instructions may be required.

Answer 55

Microsoft Word is an application software. Everything you do within this program is controlled by the program. For example, moving a Microsoft Word window around the Windows desktop is handled by the operating system (in this case, Windows). Microsoft Word doesn't need to know where it is on the screen. Windows takes care of that. Another example of the interaction between a word processor (application software) and the operating system (system software) is described in the following steps: • When a key (e.g., for the letter a) is pressed on the keyboard, a message is sent to the operating system. • The operating system sends the information to the word processor. The processor places the a in the document and performs additional tasks such as formatting, spell-checking, and moving the cursor to the next space or line. • The results of the previous step are communicated to the operating system. • The operating system displays the updates at the appropriate places on the screen.

Answer 56

Application software performs a function for the user, and users interact with application software to perform tasks. On smartphones and other mobile devices, this type of software is call an app.

Answer 57

System software serves as the interface between applications software and computer hardware. It makes the computer's hardware resources available to applications in an orderly fashion. There are two general categories of system software: operations system and utlilities.

Answer 58

The evolution of information technology and computer networks has enabled the efficient flow of data across diverse networks. While data flow is a force multiplier in business operations, it also has the potential to present challenges to the protection of the data as well as the networks. Data flows can be complicated, involving not only multiple networks but diverse software and hardware components, and can include data presented in structured and unstructured forms. Additionally, data flows are impacted by people and policies. Each of these components has the potential to introduce security risks and vulnerabilities into the network. Dedicated network management functions and appropriately trained personnel can contribute to not only the best efficiencies in data flow, but the best opportunities to protect both data and networks.

Answer 59

D | Framing and matting have no relationship to information systems. This is the correct response.

Answer 60

D Correct! None of the above measures will result in a 100 percent secure system because such a level of security is impossible to achieve.

Basic Concepts Flashcards

(84 cards)