Chapter 10 - Test 3 Flashcards Preview

IS 3413 > Chapter 10 - Test 3 > Flashcards

Flashcards in Chapter 10 - Test 3 Deck (60):
1

What is the first step in any security plan?

-risk assessment
-understanding the key assets that need protection, and assessing the risks to each.

2

What is network security focused on?

-preventing, detecting, and correcting security problems due to disruptions, destruction, disaster, and unauthorized access.

3

What is the primary goal of network security?

-protect organizations' data and application software.

4

What are the fiver primary goals of network security?

-confidentiality
-integrity
-availability
-non-repudiation
-authentication

5

Describe confidentiality.

-the protection of organizational data from unauthorized disclosure of customer and proprietary data.

6

Describe Integrity.

-assurance that data have not been altered or destroyed.

7

Describe availability.

-providing continuous opertion of the organization's hardware and software so that staff, customers, and suppliers can be assured of no interruptions in service.

8

Describe non-repudiation.

-a person can't deny having performed an action.

9

Describe authentication.

-authenticate identity, give access to resources they only have access to, audit use of those resources.

10

What categories can security threats be classified as?

-ensuring business continuity
-preventing unauthorized access.

11

Describe business continuity.

-ensuring availability with some aspects of data integrity.

12

Describe business continuity.

-ensuring availability with some aspects of data integrity.

13

What are the three main threats to business continuity?

-disruptions: loss of or reduction in network service.
-destruction of data
-intrusion: confidentiality and integrity.

14

Describe controls.

-software, hardware, rules, or procedures that reduce or eliminate the threats to network security.

15

What do controls do?

-prevent, detect, and/or correct whatever might happen to the organization because of threats facing its computer-based systems.

16

What do controls do?

-prevent, detect, and/or correct whatever might happen to the organization because of threats facing its computer-based systems.

17

Describe preventive controls.

-mitigate or stop a person from acting or an event from occuring.
-examples are passwords, guard, or security lock

18

Describe detective controls.

-reveal or discover unwanted events.
-software that looks for illegal network entry

19

Describe corrective controls.

-remedy an unwanted event or an intrusion.

20

Describe a risk assessment.

-assign levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce them.

21

Describe a control spreadsheet.

-ensures that data communication networks and microcomputer workstations have the necessary controls and that these controls offer adequate protection. that are currently in the network.

22

What is the first step in a risk assessment

-identify assets.
-something of value and can be either hardware, software, data, or applications.

23

Describe mission-critical applications.

-an information system that is critical to the survival of the organization.
-cannot be permitted to fail, and if it does fail, the network staff drops everything else to fix it.

24

Describe threats.

-potential adverse occurence that can do harm, interrupt the systems using the network, or cause a monetary loss to the organization.

25

Describe threats.

-potential adverse occurence that can do harm, interrupt the systems using the network, or cause a monetary loss to the organization.

26

Describe controls.

-mitigate or stop a threat, or protect an asset.

27

What is the last step in using a control spreadsheet?

-evaluate the adequacy of the existing controls and the resulting degree of risk associated with each threat.

28

What is a Delphi team?

-team of experts between three to nine key people that review the plan.

29

What are macro viruses?

-viruses contained in document, emails, or spreadshee files, can spread when an infected file is simply opened.

30

What is a worm?

-special type of virus that spreads itself without human intervention.

31

Describe DoS.

-Denial of Service attach
-attacker attempts to disrupt the network by flooding it with messages so that the network cannot process messages from normal users.

32

Describe DDoS

-distributed denial of service attack
-attacker breaks into and takes control of many computers on the internet and plants DDos agent.
-attacker uses DDoS handler to control the agents.

33

What are ways to prevent DoS and DDoS

-traffic filtering: verify that source address of all incoming messages is in a valid address range for that connection.
-traffic limiting: limit number of incoming packets that could be DoS/DDoS attack packets that it allows to enter the network.
-traffic anomaly detector: installed in front of the main router or firewall to perform traffic analysis.

34

How do traffic anomaly detectors work?

-monitors normal traffic patterns and learns what normal traffic looks like.
-when it recognizes a sudden burst of abnormally high traffic destined for a specific server or device, it quarantines those incoming packets but allows normal traffic to flow through the network.

35

How do traffic anomaly detectors work?

-monitors normal traffic patterns and learns what normal traffic looks like.
-when it recognizes a sudden burst of abnormally high traffic destined for a specific server or device, it quarantines those incoming packets but allows normal traffic to flow through the network.

36

What are six types of attacks?

-ICMP attacks
-UDP attacks
-TCP SYN Floods
-Unix process table attacks
-Finger of death attacks
-DNS Recursion attacks.

37

Describe physical security.

-key component of theft protection.
-visitors be authorized by an organization employee.

38

What is redundancy?

-best way to prevent a failure from impacting business continuity.
-for any network component that would have a major impact on business continuity, network designer provides a second, redundant component.

39

What are fault-tolerant servers?

-contain many redundant components so that if one of its components fails, it will continue to operate.

40

Describe RAID.

-Redundant array of independent disks
-made of many disk drives, when a file is written to a RAID device it is written across several separate, redundant disks.

41

Describe RAID 0.

-uses multiple drives and is faster than traditional storage.

42

Describe RAID 1.

-writes duplicate copies of all data on at least two different disks.
-also called disk mirroring.

43

Describe RAID 2.

-provides error checking to ensure no errors have occurred during the reading or writing process.

44

Describe RAID 3.

provides better and faster error checking process than RAID 2.

45

Describe RAID 4.

-provides slightly faster read access than RAID 3 because of the way it allocates the data to different disk drives.

46

Describe RAID 5.

-provides slightly faster read and write access because of the way it allocates the error checking data to different disk drives.

47

Describe RAID 6,

can survive the faiure of two drives with no data loss.

48

Describe RAID 6,

can survive the faiure of two drives with no data loss.

49

What is a disaster recovery plan?

-should address various levels of response to a number of possible disasters and should provide for partial or complete recovery of all data, application software, network components and physical facilities.

50

Describe coninuous data protection.

-copies of all data and transactions on slected servers are written to CDP servers as the transaction occurs.

51

What are the four types of intruders?

-script kiddies
-hackers/crackers:experts in security, motivation is the thrill of the hunt
-professional hackers: break into corporate or government computers for specific purposes.
-organization employees who have legitimate access to the network, but who gain access to information they are not authorized to use.

52

What are the four types of intruders?

-script kiddies
-hackers/crackers:experts in security, motivation is the thrill of the hunt
-professional hackers: break into corporate or government computers for specific purposes.
-organization employees who have legitimate access to the network, but who gain access to information they are not authorized to use.

53

What is a a security policy.

-critical to controlling risk due to intrusion.

54

What is a firewall.

-commonly used to secure an organization's internet connection.
-router or special-purpose device that examines packets flowing into and out of a network and restricts access to the organization's network.

55

What are three types of firewalls?

-packet-level
-application-level
-NAT

56

Describe packet-level firewalls.

-examine source and destination address of every network packet that passes through it
-only allows packets that have acceptable source and destination addresses.
-only examined at transport and network layer.
-does not monitor the contents or why they are being transmitted and does not log packets for later analysis.

57

What is an ACL?

-access control list
-set of rules for the packet level firewall so it knows what packets to permit into the network and what packets to deny entry.

58

What is IP spoofing?

-can change the source IP address on the packets they send.

59

Describe an application-level firewall.

-examines contents of the application layer packet and searches for known attacks.
-rules for each application.
-can use stateful inspection: monitor and record the status of each connection and can use this information in making decisions.
-often prohibit external users from uploading executable files.

60

Describe NAT firewalls.

-converting between one set of public IP address to a second set of private IP addresses.
-uses address table to translate private IP addresss into proxy IP addresses. Sets source port number to a unique number that it uses as an index into its address table to find the IP address of the actual sending commputer.