Chapter 5: Protecting information resources

Question 1

Risks with I.T

Answer 1

• privacy issues
• computer crimes

Question 2

How to mitigate risks

Answer 2

1. Anti-virus
2. E-mail security measures
3. Regularly update operating system

Question 3

Spyware

Answer 3

Software which secretly gathers information about users while they are on the web

Question 4

Adware

Answer 4

Form of spyware which collects information from the user in order to display advertisements in the Web browser without the user’s permission

Question 5

Phishing

Answer 5

Sends fraudulent e-mails that seem to come from legitimate sources

Question 6

Keystroke loggers

Answer 6

keeps track of and records your keystrokes as you type. It takes the information and sends it to a hacker using a command-and-control (C&C) server.

Question 7

Sniffing

Answer 7

he act of intercepting and monitoring traffic on a network.

Question 8

Spoofing (faking ones identity)

Answer 8

Attempt to gain access to network by appearing to be an authorized user in order to gain access to sensitive information.

Question 9

three aspects of security

Answer 9

1. Integrity
2. Confidentiality
3. Availability

Question 10

Confidentiality

Answer 10

prevent disclosing information to unauthorized users.

Question 11

Integrity

Answer 11

Accuracy of information resources within organisation

Question 12

Availability

Answer 12

1. Authorised users has access when needed
2. Computers and network in working order
3. Quick recovery in event of system failure or disaster

Question 13

How threats can be classified

Answer 13

As either intentional or unintentional

Question 14

Intentional threats

Answer 14

1. Hacker attacks
2. Spreading of virus
3. Attacks by upset employees

Question 15

Unintentional threats

Answer 15

1. Natural disasters
2. Accidental deletion of data
3. Structural failures