Exam 3 Flashcards
(46 cards)
Firewalls
- A firewall is a computing device that prevents unauthorized network access. A firewall can be a special- purpose computer, or it can be a program on a general- purpose computer or on a router. In essence, a firewall is simply a filter. It can filter traffic in a variety of ways including where network traffic is coming from, what types of packets are being sent, the content of the packets, and if the packets are part of an authorized connection.
Summary: A firewall are computing devices located between public and private networks that prevent unauthorized access to or form the internal network.
Perimeter Firewall
• This sits outside the organizational network; it is the first device that Internet traffic encounters.
Internal Firewalls
• - In addition to perimeter firewalls, some organizations employ internal firewalls inside the organizational network.
A packet-filtering firewal
- Examines each part of a message and determines whether to let that part pass. To make this decision, it examines the source address, the destination address(es), and other data. Simplest type of firewall. Other firewalls filter on a more sophisticated basis. Packet-filtering firewalls can prohibit outsiders from starting a session with any user behind the firewall. As manager, you can use this type of firewall to prevent your employees to accessing any suspicious site.
Injection Attack
- A SQL injection attack occurs when users enter a SQL statement into a form in which they are supposed to enter a name or other data. If the program is improperly designed, it will accept this code and make it part of the database command that it issues. Improper data disclosure and data damage and loss are possible consequences. A well- designed application will make such injections ineffective.
Pretexting
- Deceiving someone over the internet by pretending to be someone else. A common scam like this occurs when a telephone caller who pretends to be from a credit card company and claims to be checking the validity of credit cards: “I’m checking your Mastercard number and begins with 5491, can you tell me the rest of it?”
Usurpation
Occurs when computer criminals invade a computer system and replace legitimate programs with their own, unauthorized ones that shut down legitimate applications and substitute their own processing to spy, steal, and manipulate data, or achieve other purposes.
Hacking- Summary
- : Another type of computer crime in which a person gains unauthorized access to a computer system. Where you break into computers, servers, or networks to steal data such as customer lists, product inventory data, employee data, and other proprietary and confidential data.
Sniffing-
- A technique used for intercepting computer communications. With wired networks, sniffing requires a physical connection to the network. With Wireless networks, no such connection is needed.
Wardriving-
- Wardrivers simply take computers with wireless connections through an area and search for unprotected wireless networks. They use packet sniffers, which are programs that capture network traffic to monitor and intercept traffic on unsecured wireless (or wired) networks. Even protected wireless networks are vulnerable. Summary: People who use computers with wireless connections to search for unprotected wireless networks.
Phishing
- This is a similar technique to pretexting. Similar in the way that phishing is used for obtaining unauthorized data that uses pretexting via email. The Phisher pretends to be a legitimate company and sends an email requesting confidential data, such as account numbers, Social security numbers, account passwords, etc.
Malware
- a Broad category of software that includes viruses, spyware, and adware. software that is intended to damage or disable computers and computer systems
Adware-
- Adware is another other sniffing technique. Programs installed on the user’s computer without the user’s knowledge or permission that reside in the background and, unknown to the user, observe the user’s actions and keystrokes, modify computer activity, and report the user’s activities to sponsoring organizations. Most adware is benign in that it does not perform malicious acts or steals data. It does, however, watch user activity and produce pop- up ads.
Denial of Service (DoS)-
- Human error in following procedures or a lack of procedures can result in DoS, the fourth type of loss. For ex., Humans can inadvertently shut down a Web server or corporate gateway router by starting a computationally intensive application. An OLAP application that uses the operational DBMS can consume so many DBMS resources that order-entry transactions cannot get through. Summary: Security problem in which users are not able to access an information system; can be caused by human errors, natural disaster, or malicious activity.
Spoofing-
- When someone pretends to be someone else with the intent of obtaining unauthorized data. If you pretend to be your professor (Johnny), you are spoofing your professor. IP Spoofing occurs when an intruder uses another site’s IP address to masquerade as that other site. Email Spoofing is a synonym for phishing. - When someone pretends to be someone else with the intent of obtaining unauthorized data. If you pretend to be your professor (Johnny), you are spoofing your professor. IP Spoofing occurs when an intruder uses another site’s IP address to masquerade as that other site. Email Spoofing is a synonym for phishing.
• • How do natural disasters impact IT systems?
Natural events and disasters are the third type of security threat. This category includes fires, floods, hurricanes, earthquakes, tsunamis, avalanches, and other acts of nature. Problems in this category include no only the initial loss of capability and service, but also losses stemming from actions to recover from the initial problem.
What are cookies and how do they relate to information security.
Cookies Definition- Small files that your browser receives when you visit websites. A cookie is a small file that is stored on the user’s computer by a browser. Cookies can be used for authentication, for strong shopping cart contents, and user preferences, and for other legitimate purposes. Cookies can also be used to implement spyware.
How it relates to information security- Cookies enable you to access Web sites without having to sign in every time, and they speed up processing of some sites. Unfortunately, some cookies also contain sensitive security data. The best safeguard is to remove your browsing history, temporary files, and cookies from your computer and to set your browser to disable history and cookies. Removing and disabling cookies presents an excellent example of the trade-off between improved security and cost. Your security will be substantially improved, but your computer will be more difficult to use.
What is the benefit to using https?
• Https is an indication that a Web browser is using SSL/ TLS protocol to provide secure communication. Most secure communications over the Internet uses a protocol called https. With https, data are encrypted using a protocol called the Secure Sockets Layer (SSL), which is also known as Transport Layer Security (TLS). SSL/ TLS uses a combination of public key encryption and symmetric encryption.
- Your computer obtains the public key of the web site to which they will connect.
- Your computer generates a key for symmetric encryption.
- Your computer encodes that key using the Web site’s public key. It sends the encrypted symmetric key to the Web Site.
- The Web site then decodes the symmetric key using its private key.
- From that point forward, your computer and the Web site communicate using symmetric encryption.
The use of SSL/ TLS makes it safer to send sensitive data such as credit card numbers and bank balances. Just be certain that you see https:// in your browser and not just http://
Most browsers have additional plug- ins of add-ons (Like HTTPS Everywhere) that can force https connections when available.
Who develops security policies in an organization?
• Data Administrations- Refers to an organization- wide function that is in charge of developing data policies and enforcing data standards. It refers to the function that pertains to a particular database. ERP, CRM, MRP databases each have a database administration function. Database administration is where a person or department develops procedures and practice to ensure efficient and orderly multiuser processing of the database, to control changes to the database structure, and to protect the database.
• What is the privacy act of 1974?
• The Privacy Act of 1974 provide protections to the individuals regarding records maintained by the U.S. government
What is HIPPA?-
The privacy provisions of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 gives individuals the right to access health data created by doctors and other healthcare providers. HIPAA also sets the rules and limits on who can read and receive a person’s health information.
What are technical safeguards?
• Technical Safeguard are the technologies and related policies and procedures that protect electronic protected health information (ePHI) that is created, processed, stored, or transmitted by a Covered Entity (CE) or Business Associate (BA). Procedures designed to protect the hardware and software components of an information systems. What are some examples? Programs that are used to combat malware and numerous viruses. Ex. Identification and authorization, encryption, firewalls, malware protection, and application design.
What are human safeguards?
• Human Safeguard are steps taken to protect against security threats by establishing appropriate procedures for users to following during systems use.
What are some examples?
- Position Definition
- Separate duties and authorities
- Determine least privilege
- -Document position sensitivity - Hiring and screening
- Where did you last work. What experience do you have, etc. - Dissemination and enforcement. “Lets talk security”.
- Responsibility
- Accountability
- Compliance - Termination
- Friendly- Retirement, found a new job, leaving on good terms.
Unfriendly- Getting fired, arrested. Leaving on bad terms.
Asymmetric Encryption
An encryption method whereby different keys are used to encode and to decode the message; one key encodes the message, and the other key decodes the message. Asymmetric Encryption is slower and more complicated than Symmetric Encryption.