Flashcards in Information Security Deck (37):
What is a firewall?
A firewall consists of hardware, or software, or both, that help detect security problems and enforce security policies on a computer system. Like a door with a lock for a computer system. There are multiple types, and levels, of firewalls.
Describe some characteristics of a "strong" (i.e., good) password.
At least eight characters long; uses both upper and lower case letters; uses at least one numeral; uses at least one special character; must be periodically changed.
Define "biometric controls."
A physical characteristic is used to gain access instead of a password. Common choices for biometric controls include fingerprint or thumbprint, retina patterns, and voice print patterns. Biometric controls can be very reliable, but generally require special input equipment.
Why does multi-factor authentication increase control?
All authentication techniques may fail. Requiring multi-factor authentication procedures—the use of several separate authentication procedures at one time (e.g., user name, password, one-time password and fingerprint) enhances the authentication process.
Describe smart cards and identification badges.
These have identification information embedded on a magnetic strip on the card and require the use of additional hardware (a card reader) to read the data into the system. Depending on the system, the user may only need to swipe the card to log onto the system, or may need to key in other information in order to log on.
Describe the operation of "one-time" passwords.
The "one time" password derives from an algorithm which usually involves the date and time. The user enters this password along with their user name and personal password. Once received, the computer independently recalculates the "password." If the entered value and computed value are the same, the computer then recognizes the individual.
List some examples of security tokens.
Includes (1) devices which provide "one-time" passwords that must be input by the user and (2) "smart cards" that contain additional user identification information and must be read by an input device.
Why are "one-time" passwords used by organizations?
They provide an additional level of authentication. Used to strengthen the standard password by requiring access to a physical device which displays a new "one-time password" every 30-60 seconds.
What are logical access controls?
Control electronic access to systems via internal and external networks.
Describe four electrical system risks.
1. Failure (outage), 2. reduced voltage (brownout), 3. Sags, spikes, and surges, 4. Electromagnetic interference (EMI).
What purpose does setting file attributes serve?
This logically restricts the ability of the user to read, write, update, and/or delete records in a file.
Describe a good location site for a computer operations facility.
Climate controlled including air-conditioned; away from risks of natural disasters (fire, flood, humidity), away from windows. Not on a top floor or basement.
What purpose do file protection rings or locks serve?
Physically prevent the media from being overwritten.
Define "social engineering."
A set of techniques used by attackers to fool employees into giving them access to information resources.
What considerations should be given by an organization regarding fire-suppression systems?
Such systems are required in IT operations. Need to be appropriate for electrical fires (not halon). Should be periodically inspected.
Define "external labels."
A tag placed on data storage media (floppy disks, magnetic tape, CDs, etc.) designed to prevent inadvertent use of the wrong file.
Define "internal labels" (header and trailer labels).
Descriptive information stored at the beginning and end of a file that identifies the file, the number of records in the file, and provides data enabling detection of processing errors.
The process of coding data so that it cannot be understood without the correct decryption algorithm.
Describe the use of secure electronic transactions (SET) protocols.
A protocol that is often used in credit card payments. Used by the merchant to securely transmit payment information and authenticate trading partner identity.
Identify the two internet protocols that are typically used for secure Internet transmission protocols.
Sensitive data sent via the internet is usually secured by one of two encryption protocols: SSL (Secure Sockets Layer) or S-HTTP (Secure Hypertext Transport Protocol).
Describe how digital certificates work.
Provides legally recognized electronic identification of the sender and verifies the integrity of message content. Based on public/private key technology (like the digital signature).
Describe how digital signatures work.
Uses public/private key pair technology to provide authentication of the sender and verification of the content of the message.
Describe asymmetric encryption (also called public/private-key encryption and private-key encryption).
Uses two paired encryption algorithms to encrypt and decrypt the text: if the public key encrypts, the private key decrypts. If the private key encrypts, the public key decrypts.
Text that has been mathematically scrambled so that its meaning cannot be determined without the use of an algorithm and key.
Define "cleartext (or plaintext)."
Text that can be read and understood.
Describe symmetric encryption (also called single-key encryption or private-key encryption).
Uses a single algorithm to encrypt and decrypt. Sender uses the encryption algorithm to create the ciphertext and sends the encrypted text to the recipient. Sender tells recipient which algorithm was used to encrypt. The recipient uses the algorithm to decrypt. Common in data storage applications.
Define the four types of computer crime
1. Computer as target, 2. Computer as subject, 3. Computer as tool, 4. Computer as symbol.
Define "Trojan horse".
A malicious program that is hidden inside a seemingly benign file.
Define "denial of service attacks."
An attack that attempts to prevent legitimate users from gaining access to the system. These attacks, called denial of service attacks, are perpetrated by flooding the server with incomplete access requests.
Define "password crackers."
Password cracking software generates and tests a large number of potential passwords to try to access a system.
What is a logic bomb attack on a system?
An unauthorized program which is planted in the system. The logic bomb lies dormant until the occurrence of a specified event or time (e.g., a specific date, the elimination of an employee from "active employee" status, etc.).
What is a back door attack on a system?
A software program that allows an unauthorized user to gain access to the system by side-stepping the normal logon procedures;. Back doors were once commonly used by programmers to facilitate access to systems under development.
Similar to viruses except that worms attempt to replicate themselves across multiple computer systems. They generally try to accomplish this by activating the system's email client and sending multiple emails.
An unauthorized program, usually introduced through an email attachment, which copies itself to files in the users system. These programs may actively damage data, or they may be benign.
Define "malicious software (malware)."
Programs that exploit system and user vulnerabilities to gain access to the computer. There are many types of malware.
Define session hijacking or masquerading.
This occurs when an attacker identifies an IP address (usually through packet sniffing) and then attempts to use it to access a network. If successful, the hacker has "hijacked" the session, i.e., gained access to the session by pretending to be another user.