Chapter 9

Question 1

Trademark:

Answer 1

a word, words, or a symbol legally registered as representing a company or a product,

Question 2

Copyright:

Answer 2

represented by the © symbol, protects original works of authorship

Question 3

Patent:

Answer 3

signifies ownership of an invention for a limited time.

Question 4

Digital products:

Answer 4

they don’t make their money from physical assets

Question 5

What is in the CIA triad?

Answer 5

Confidentiality

Integrity

Availability

Question 6

Confidentiality:

Answer 6

ensuring that private information stays that way

Question 7

Snooping (also called Sniffing):

Answer 7

occurs when the attacker captures network traffic and then looks for key pieces of information

Question 8

Protocol Analyzer:

Answer 8

lets administrators capture network traffic and analyze its contents.

Question 9

What are five attacks on confidentiality?

Answer 9

Snooping

Eavesdropping

Wiretapping

Social engineering

Dumpster diving

Question 10

Eavesdropping:

Answer 10

a low-tech attack method in which the attacker simply listens to a conversation to gain key information

Question 11

Wiretapping:

Answer 11

occurs when the attacker places a bug to tap into the physical wire on which the communication traveled.

Question 12

Social Engineering:

Answer 12

occurs when an attacker attempts to acquire information about you or your network and system by social means

Question 13

Phishing:

Answer 13

is a form of social engineering in which someone uses email to ask you for a piece of information that they are missing by making it look as if it is a legitimate request

Question 14

Spear phishing:

Answer 14

the attacker uses information that the target would be less likely to question because it appears to be coming from a trusted source.

Question 15

Whaling:

Answer 15

phishing for “big” users

Question 16

Shoulder surfing:

Answer 16

involves nothing more than watching someone when they enter their sensitive data

Question 17

Screen filter:

Answer 17

directs the light from the display at a restricted angle so that anyone who isn’t viewing it straight on won’t be able to read it clearly

Question 18

Dumpster diving:

Answer 18

people can go through the dumpster and steal information

Question 19

Integrity:

Answer 19

means that the data is accurate and consistent and from the indicated source

Question 20

What are the 4 threats to data integrity?

Answer 20

Man-in-the-middle attacks

Replay Attacks

Impersonation

Unauthorized Information Alteration

Question 21

Man-in-the-middle Attack:

Answer 21

Someone secretly places something between a server and the client, and neither party is aware of it.

Question 22

Replay Attack:

Answer 22

the attacker captures information from a sender with the intent of using it later

Question 23

Impersonation:

Answer 23

pretending to be someone or something that you are not

Question 24

Unauthorized information alteration:

Answer 24

is an attack that can also come from internal sources

Question 25

Availability:

Answer 25

means that the data is accessible when the user needs it

Question 26

What are the two concerns of availability?

Answer 26

Denying Service Hardware Issues

Question 27

Denial of Service (DoS):

Answer 27

flooding a server with a multitude of illegitimate connection request

Question 28

Service outage:

Answer 28

any time a service is denied

Question 29

Zombies or Bots:

Answer 29

infected systems being commanded across the Internet

Question 30

Power outage:

Answer 30

a cause of service denial

Question 31

Uninterruptible power supply (UPS):

Answer 31

A battery backup that a server plugs into

Question 32

Physically securing your area prevents two types of problems:

Answer 32

Hardware Damage Hardware Theft

Question 33

Kensington security slot (K-slot):

Answer 33

a type of lock that fits into a laptop slot and is attached to a wall or furniture to keep it secure.

Question 34

Malware:

Answer 34

software designed to do harm to your computer

Question 35

Exploits:

Answer 35

take advantage of flaws in the OS or an application

Question 36

Worms:

Answer 36

used to transmit malware

Question 37

Trojan Horses:

Answer 37

are applications that mask their true intent

Question 38

Adware:

Answer 38

used to display unwanted advertisements

Question 39

Spyware:

Answer 39

used to report on your computer and possibly steal data

Question 40

Ransomware:

Answer 40

used to extract payments from the infected user

Question 41

Rootkits:

Answer 41

conceal themselves on the host OS, allowing for full-control access of the computer at a later date

Question 42

Backdoors:

Answer 42

open ports or other routes into your system

Question 43

Keyloggers:

Answer 43

record every keystroke and then use that data for identity theft

Question 44

Vulnerability:

Answer 44

exists when flaws in the programming create the potential for misuse, an attacker is aware of the flaw, and a tool or technique that the attacker can use to exploit that vulnerability for malicious purposes is readily available.

Question 45

Exploit:

Answer 45

when criminals use a vulnerability to attack a system

Question 46

Service pack:

Answer 46

a collection of critical updates

Question 47

Virus:

Answer 47

a computer code that inserts itself into an executable file

Question 48

Payload:

Answer 48

malware carried by a worm

Question 49

Spam:

Answer 49

a flood of unsolicited messages that you receive electronically

Question 50

Spambot:

Answer 50

spammers program this to send as much emails as possible

Question 51

What is the framework for access control?

Answer 51

Authentication Authorization Accounting Auditing Nonrepuditaion

Question 52

Authentication:

Answer 52

happens when the system being logged into validates that the user has proper credentials.