Module 6 Flashcards
T/F
Operating System plays a key role in computer system security.
True
T/F
Any vulnerability at the operating system level opens the entire system to attack
True
T/F
The more complex and powerful the operating system, the more likely it is to have no vulnerabilities to attack
False
___ must be on guard to arm their operating systems with all available defenses against attack
System administrators
Capability of a system to do its mission in the presence of attacks, failures, or accidents
System Survivability
What key property is:
Strategies for repelling attacks
Resistance to attacks
What key property is:
Strategies for detecting attacks and evaluating damage
Recognition of attacks and damage
What key property is:
Strategies for limiting damage, restoring information or functionality, maintaining or restoring essential services
Recovery of essential and full services after attack
What key property is:
Strategies improving system survivability based on knowledge from prior intrusions
Adaptation and evolution to reduce effectiveness of future attacks
Vulnerabilities of Single computer (without e-mail or Internet)
Passwords, viruses
Vulnerabilities of LAN connected (without Internet)
Sniffers, spoofing (+passwords, viruses)
Vulnerabilities of LAN connected (with Internet)
E-mail, Web servers, FTP, Telnet (+sniffers, spoofing, passwords, viruses)
T/F
Backup and recovery are essential for most computing systems.
True
Many system managers use a ____.
Layered Backup Schedule
T/F
Backups stored on-site are crucial to disaster recovery
False (Off-site dapat para efas)
Written security procedures should recommend:
(FRGCNGR):
oFrequent password changes
oReliable backup procedures
oGuidelines for loading new software
oCompliance with software licenses
oNetwork safeguards
oGuidelines for monitoring network activity
oRules for terminal access
T/F
A gap in system security can be malicious or not
True
Intrusions can be classified as:
oDue to uneducated users and unauthorized access
oPurposeful disruption of the system’s operation
oPurely accidental
T/F
A breach of security severely does not damage the system’s credibility
False
Any breach of security or modification of data that was not the result of a planned intrusion
Unintentional Intrusions
A hacker taking over computers flood a target site with demands for data and tasks causing a computer to perform repeated unproductive task.
Denial of service (DoS)
Unauthorized users gain access to search through secondary storage for information they don’t have the privilege to read.
Browsing
Unauthorized users monitor or modify a user’s transmission
Wire Tapping
Entering systems by guessing authentic passwords
Repeated Trials
