Exam 1

Question 1

OSI Layer “Please”

Answer 1

1. Physical

Question 2

OSI Layer “Do”

Answer 2

2. Data Link

Question 3

OSI Layer “Not”

Answer 3

3. Network

Question 4

OSI Layer “Throw”

Answer 4

4. Transport

Question 5

OSI Layer “Sausage”

Answer 5

5. Session

Question 6

OSI Layer “Pizza”

Answer 6

6. Presentation

Question 7

OSI Layer “Away”

Answer 7

7. Application

Question 8

The name fo the Internet standards architecture is _________

Answer 8

TCP/IP

Question 9

________ is a good option if an attack is aimed at a single server because it keeps transmission lines at least partially open for other communication.

Answer 9

Rate limiting

Question 10

Threat Environment

Answer 10

The threat environment consists of the types of attackers and attacks that companies face

Question 11

Security Goals

Answer 11

Confidentiality, Integrity, Availability

Question 12

Confidentiality

Answer 12

Confidentiality means that people cannot read sensitive information, either while it is on the a computer or while it is traveling across a network

Question 13

Integrity

Answer 13

Integrity means that attackers cannot change or destroy information, either while it is on a computer or while it is traveling across a network. Or, at least, if information is changed or destroyed, then the receiver can detect the change or restore destroyed data.

Question 14

Availability

Answer 14

Abailability means that people who are authorized to use information are not prevented from doing so

Question 15

Compromises

Answer 15

Successful attacks (aka incidents, breaches)

Question 16

Countermeasures

Answer 16

Tools used to thwart attacks (aka safeguards, protections, and controls)

Question 17

Types of countermeasures

Answer 17

Preventative
Detective
Corrective

Question 18

PCI-DSS

Answer 18

Payment Card Industry-Data Security Standard
Rules for companies that accept credit card purchases
Has 12 requirements

Question 19

Employees and ex-employees are dangerous because:

Answer 19

They have knowledge of internal systems
They often have teh permission to access systems
They often know how to avoid detection
Employees generally are trusted
(IT and especially IT security professionals are the greatest employee threats)

Question 20

Employee sabotage

Answer 20

Destruction of hardware, software, or data

Plant time bomb or logic bomb on computer

Question 21

Employee hacking

Answer 21

hacking is intentionally accessing a computer without AUTHORIZATION or in excess of authorization

Question 22

Employee financial threat

Answer 22

Misappropriation of assets

theft of money

Question 23

Employee theft of intellectual property (IP)

Answer 23

Copyrights, patents, and trade secrets

Question 24

Employee extortion

Answer 24

Perpetrator tries to obtain money or other goods by threatening to take actions that would be against the victim’s interest

Question 25

Employee internet abuse

Answer 25

Downloading pornography, which can lead to sexual harassment lawsuits and viruses. Downloading pirated software, music, and video, which can lead to copyright violation penalties. Excessive personal use of the internet at work

Question 26

Employee carelessness

Answer 26

Loss of computers or data media containing sensitive information. Careless leading to the theft of such information

Question 27

Malware

Answer 27

A generic name for "evil software"

Question 28

Viruses

Answer 28

Programs that attach themselves to legitimate programs on the victim's computer Spread today primarily by email Also by instant messaging, file transfers, etc.

Question 29

Worms

Answer 29

Full programs that do not attach themselves to other programs Like viruses, can send by email, IM, and file transfers. Direct-propagation worms can just from one computer to another without human intervention on the receiving computer and can therefore spread extremely rapidly.

Question 30

Blended threats

Answer 30

Malware propagates in several ways -- like worms, viruses, compromised webpages containing mobile code, etc.

Question 31

Payloads

Answer 31

Pieces of code that do damage Implementation by viruses and worms after propagation. Malicious payloads are design to do heavy damage.

Question 32

Non mobile malware

Answer 32

Must be placed on the user's computer by hackers. Placed on computer by virus or worm as part of its payload. The victim can be enticed to download the program. Mobile code executed on a webpage can download the nonmobile malware

Question 33

Trojan Horses definition

Answer 33

A program that replaces an existing system file, taking its name

Question 34

Types of Trojan horses

Answer 34

Remote Access Trojans (RATs) -- Remotely control the vicim's PC Downloaders

Question 35

Downloader (THs)

Answer 35

Smal Trojan horses that download larger Trojan horses after the downloader is installed

Question 36

Trojan horses: Spyware

Answer 36

Programs that gather information about you and make it available to the adversary. Cookies that store too much sensitive personal information. Keystroke loggers. Password-stealing spyware. Data mining spyware

Question 37

Trojan horses: Rootkits

Answer 37

Take control of the supper user account (root, administrator, etc.). Can hide themselves from file system detection. Can hide malware from detection. Extremely difficult to detect

Question 38

Mobile Code

Answer 38

Executable code on a webpage. Code is executed automatically when webpage is downloaded. Javascript, etc.

Question 39

Social engineering

Answer 39

Social engineering is attempting to trick users into doing something that goes against security policies

Question 40

Types of malware used in social engineering

Answer 40

Spam Phishing Spear phishing (aimed at individuals or groups) Hoaxes

Question 41

Traditional hackers

Answer 41

Motivated by thrill, validation of skills, sense of power, to increase reputation among other hackers. Often do damage as a byproduct. Often engage in petty crime.

Question 42

Anatomy of a hack

Answer 42

``` Reconnaissance probes The exploit (specific attack method used) ```

Question 43

Chain of attack computers

Answer 43

attacker goes through a chain of victim computers

Question 44

Denial of Service (DoS) attacks

Answer 44

Make a server or network unavailable to legitimate users. | Typically send a flood of attack messages to victim

Question 45

Hacker Skill Levels

Answer 45

Expert | Script kiddies

Question 46

PCI-DSS

Answer 46

Payment Card Industry-Data Security Standard | Rules for companies that accept credit card purchases

Question 47

Employees and ex-employees are dangerous because:

Answer 47

They have knowledge of internal systems They often have teh permission to access systems They often know how to avoid detection Employees generally are trusted (IT and especially IT security professionals are the greatest employee threats)

Question 48

Employee sabotage

Answer 48

Destruction of hardware, software, or data | Plant time bomb or logic bomb on computer

Question 49

Employee hacking

Answer 49

hacking is intentionally accessing a computer without AUTHORIZATION or in excess of authorization

Question 50

Employee financial threat

Answer 50

Misappropriation of assets | theft of money

Question 51

Employee theft of intellectual property (IP)

Answer 51

Copyrights, patents, and trade secrets

Question 52

Employee extortion

Answer 52

Perpetrator tries to obtain money or other goods by threatening to take actions that would be against the victim's interest

Question 53

Employee internet abuse

Answer 53

Downloading pornography, which can lead to sexual harassment lawsuits and viruses. Downloading pirated software, music, and video, which can lead to copyright violation penalties. Excessive personal use of the internet at work

Question 54

Employee carelessness

Answer 54

Loss of computers or data media containing sensitive information. Careless leading to the theft of such information

Question 55

Malware

Answer 55

A generic name for "evil software"

Question 56

Viruses

Answer 56

Programs that attach themselves to legitimate programs on the victim's computer Spread today primarily by email Also by instant messaging, file transfers, etc.

Question 57

Worms

Answer 57

Full programs that do not attach themselves to other programs Like viruses, can send by email, IM, and file transfers. Direct-propagation worms can just from one computer to another without human intervention on the receiving computer and can therefore spread extremely rapidly.

Question 58

Blended threats

Answer 58

Malware propagates in several ways -- like worms, viruses, compromised webpages containing mobile code, etc.

Question 59

Payloads

Answer 59

Pieces of code that do damage Implementation by viruses and worms after propagation. Malicious payloads are design to do heavy damage.

Question 60

Non mobile malware

Answer 60

Must be placed on the user's computer by hackers. Placed on computer by virus or worm as part of its payload. The victim can be enticed to download the program. Mobile code executed on a webpage can download the nonmobile malware

Question 61

Trojan Horses definition

Answer 61

A program that replaces an existing system file, taking its name

Question 62

Types of Trojan horses

Answer 62

Remote Access Trojans (RATs) -- Remotely control the vicim's PC Downloaders

Question 63

Downloader (THs)

Answer 63

Smal Trojan horses that download larger Trojan horses after the downloader is installed

Question 64

Trojan horses: Spyware

Answer 64

Programs that gather information about you and make it available to the adversary. Cookies that store too much sensitive personal information. Keystroke loggers. Password-stealing spyware. Data mining spyware

Question 65

Trojan horses: Rootkits

Answer 65

Take control of the supper user account (root, administrator, etc.). Can hide themselves from file system detection. Can hide malware from detection. Extremely difficult to detect

Question 66

Mobile Code

Answer 66

Executable code on a webpage. Code is executed automatically when webpage is downloaded. Javascript, etc.

Question 67

Social engineering

Answer 67

Social engineering is attempting to trick users into doing something that goes against security policies

Question 68

Types of malware used in social engineering

Answer 68

Spam Phishing Spear phishing (aimed at individuals or groups) Hoaxes

Question 69

Traditional hackers

Answer 69

Motivated by thrill, validation of skills, sense of power, to increase reputation among other hackers. Often do damage as a byproduct. Often engage in petty crime.

Question 70

Anatomy of a hack

Answer 70

``` Reconnaissance probes The exploit (specific attack method used) ```

Question 71

Chain of attack computers

Answer 71

attacker goes through a chain of victim computers

Question 72

Denial of Service (DoS) attacks

Answer 72

Make a server or network unavailable to legitimate users. | Typically send a flood of attack messages to victim

Question 73

Hacker Skill Levels

Answer 73

Expert | Script kiddies

Question 74

Federal Trade Commission (FTC)

Answer 74

Can punish companies that fail to protect private information

Question 75

MSSPs

Answer 75

Managed SEcurity Service Providers | Outsource most IT security functions to the MSSP

Question 76

Risk analysis

Answer 76

Goal: reasonable risk Risk analysis weighs probable cost of compromises vs. cost of countermeasures. Security has negative side effects that must be weighed: cost, convenience, efficiency

Question 77

Single Loss expectancy (SLE)

Answer 77

``` Asset Value Exposure factor (percentage loss in asset value if a compromise occurs) AV*EF=SLE ```

Question 78

Annualized Loss Expectancy (ALE)

Answer 78

SLE*Annualized rate of occurrence(ARO) | = ALE (expected loss per year from this type of compromise)