Four Important Functions of Info Security Show
protect the orgs ability to function enable the safe operation of applications running on the orgs IT systems protecting the data the org collects and uses safeguarding the orgs technology assets Responsible for protecting the functionality of an organization both general management and IT management are responsible for implementing information security that protects the organizations ability to function public key infrastructure (PKI) integrated system of software, encryption methodologies, and legal agreements that can be used to support the entire information infrastructure compromises to intellectual property piracy copyright infringement viruses, worms, macros, denial of service deviations in quality of service ISP, power, or WAN service issues from service providers unauthorized access and/or data collection fire, flood, earthquake, lightning accidents, employee mistakes blackmail, information disclosure missing, inadequate, or incomplete loss of access to information systems due to disk drive failure without proper backup and recovery plan organization policy or planning in place missing, inadequate, or incomplete controls network compromised because no firewall security controls destruction of systems or information illegal confiscation of equipment or information technical hardware failures or erros technical software failures or errors bugs, code problems, unknown loopholes technological obsolescence antiquated or outdated technologies trade secrets, copyrights, trademarks, and patents. unauthorized appropriation of IP constitutes a threat to information security unlawful use or duplication of software based intellectual property combat piracy/enforce copyright laws online registration digital watermarks, embedded code, copyright codes, intentional placement of bad sectors on software media malicious code/malware/malicious software synonymous with malware or malicious software. software designed to damage, destroy, or deny service to the target systems one of two forms of malicious code or malware. virus requires a host software environment in which to execute and it cannot function without such a host one of the most common methods of virus transmission virus that is contained in a downloaded file attachment such as word processing documents, spread sheets, and database applications program that infects the key operating system files located in a computer's boot sector one of two forms of malicious code or malware. virus that replicates itself on other machines without the need of another program environment software programs that hide their true nature (usually destructive) and reveal their designed behavior only when activated inventor of the worm, postgrad at Cornell electronic hole in software that is left open by accident or intention that allows an attacker to access the system at will with special privileges. can be installed by a virus, worm or an attacker who takes control of a system threat that changes its apparent shape over time, to become a new threat not detectable by techniques looking for a preconfigured signature email warning of a virus that is fictitious situation in which a product or service is not delivered to the organization as expected Service Level Agreement (SLA) contract of a web host provider covering responsibility for internet services as well as for hardware and software used to operate the web site momentary increase in voltage can lead to fluctuations such as power excesses, power shortages, and power losses. problems for orgs that provide adequately conditioned power for their info systems equipment prolonged increase in voltage momentary incidence of low voltage prolonged drop in voltage complete loss of power for a moment broad category of electronic and human activities that can breach the confidentiality of information. unauthorized individual gains access to the info an org is trying to protect. info gained legally that gives an org an advantage over its competition info gained illegally that gives an org an advantage over its competition acto of observing info without authorization by looking over a shoulder or spotting info from a distance act of entering a premises or system without authorization people who use and create computer software to gain access to info illegally expert hacker/elite hacker individual develops software scripts and program exploits used by novice hackers. also a maser of several programming languages, networking protocols, and operating systems, has a mastery of the technical environment of the targeted system individual who depends on the expertise of others to abuse systems hackers of limited skill who use expertly written software to exploit a system but do not fully understand or appreciate the systems they hack hackers of limited skill who use automated exploits to engage in distributed denial of service attacks individual who removes an application's software protection that is designed to prevent unauthorized duplication, or a criminal hacker person who hacks the public telephone network to make free calls and disrupt services threat to hardware components of info systems that falls in forces of nature or acts of God because it is unexpected or occurs with little warning. structural damage to building housing equipment of the info system , also: smoke damage, water damage threat that falls in forces of nature/acts of God. unexpected or very little warning. overflowing of water onto land that is normally dry, causing direct damage to all or part of info system or building that houses it forces of nature/acts of God. unexpected, little warning. sudden movement of the earth's crust caused by the release of stress along geologic faults or volcanic activity. causes direct damage to info system and/or building that houses it forces of nature/acts of God. unexpected/little warning. abrupt, discontinuous natural electric discharge. usually damages all or part of an info system and/or its power distribution components forces of nature/acts of God. unexpected/very little warning. downward sliding of mass of earth and rock. may directly damage all or part of and info system or more likely the building that houses it forces of nature/acts of God. unexpected/very little warning. typically rotating columns of air whirling at destructively high speeds. can directly damage all or part of an info system or more likely the bldg that houses it forces of nature/acts of God. unexpected/little warning. in the equatorial regions of the atlantic ocean or caribbean sea or easter regions of the pacific ocean. usually involve heavy rains, can directly damage all or part of info system or bldg forces of nature/acts of God. unexpected/little warning. very large ocean wave caused by underwater earthquake or volcanic eruption. direct damage to info system or building. electrostatic discharge (ESD) forces of nature/acts of God. unexpected/little warning. spark produced form a buildup of static electricity forces of nature/act of God. Unexpected/little warning. can shorten the life of info systems and disrupt normal operations, causing unplanned downtime acts performed without intent or malicious purpose by an authorized user. inexperience, improper training, incorrect assumptions are causes. when an attacker or trusted insider steals information from a computer system and demands compensation for its return or for an agreement not to disclose it. common in credit card number theft.
missing, inadequate, or incomplete organizational policy/planning makes an org vulnerable to loss, damage, or disclosure of info assets when other threats lead to attacks. info security is at its core, a mgmt function. missing, inadequate, or incomplete controls security safeguards and information asset protection controls that are missing, misconfigured, antiquated, or poorly designed or managed. make an org more likely to suffer losses when other threats lead to attacks. deliberate sabotage of a computer system or business, or acts of vandalism to either destroy an asset or damage the image of the org. can range from petty vandalism by employees to organized sabotage against an organization individual who uses technology as a tool for civil disobedience act of hacking to conduct terrorist activities through network or internet pathways illegal taking of another's property technical hardware failures or errors when a manufacturer distributes equipment containing a known or unknown flaw. defects can cause the system to perform outside of expected parameters, resulting in unreliable service or lack of availability technical software failures or errors software sometimes sold before all bugs are detected. some software/hardware combos reveal new bugs. failures range from bugs to untested failure conditions. sometimes they are purposeful shortcuts left by programmers for benign reasons technological obsolescence antiquated or outdated infrastructure can lead to unreliable and untrustworthy systems. risk of loss of data integrity from attacks. strategic planning should always include analysis of the technology currently in use. act that takes advantage of a vulnerability to compromise a controlled system specific instance or component that represents a danger to an orgs assets. can be accidental or purposeful. lightning strikes or hackers weakness in a controlled system, where controls are not present or are no longer effective viruses, worms, trojan horses, active web scripts with intent to destroy or steal info. designed to damage, destroy, or deny service to the target system any technology that aids in gathering info about a person or org without their knowledge automated software program that executes certain commands when it receives a specific input any software program intended for marketing purposes such as those used to deliver and display advertising banners or popups to the user's screen or tracking the user's online usage or purchasing activity. transmission of a virus hoax with a real virus attached. when the attack is masked in a seemingly legit message, unsuspecting users more readily distribute it infected system scans a random or local range of IP addresses and targets any of several vulnerabilities known to hackers or left over from previous exploits such as CodeRed, Back orifice, or PoizonBox infected system has write access to any web pages, it makes all web content files (.html, .asp, .cgi, and others) infectious, so that users who browse to those pages become infected each infected machine infects certain common executable or script files on all computers to which it can write with virus code that can cause infection using vulnerabilities in file systems and the way many organizations configure them, the infected machine copies the viral component to all locations it can reach by sending email infections to addresses found in the address book, the infected machine infects many users, whose mail reading programs also automatically run the program and infect other systems simple network management protocol (SNMP) using only widely known passwords employed in early versions of this protocol (used for remote management of network and computer devices), the attacking program gains control of the device. Most vendors have closed these vulnerabilities with upgrades using a known or previously unknown & newly discovered access mechanism, an attacker can gain access to a system or network resource attempting to reverse calculate a password application of computing and network resources to try every possible combination of options of a password attempt to repeatedly guess passwords to commonly used accounts brute force attack on passwords. uses a list of commonly used passwords instead of random combinations. in cryptography, done by encrypting each entry with the same crypto system used by target & comparing the result against target's cipher txt attack which the attacker send a large number of connection or information requests to overwhelm and cripple a target distributed denial of service (DDoS) attach in which a coordinated stream of connection requests is launched against a target from many locations at the same time computer that has been compromised and may later be used as an agent to be directed towards a target. The use as an agent is controlled remotely (usually by the way of a transmitted command) by the attacker technique used to gain unauthorized access to computers, wherein the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host man in the middle (TCP hijacking) attack in which the abuser records data packets from the network, modifies them, and inserts them back into the network unsolicited commercial email form of denial of service attack in which the abuser sends a large number of connection or information requests to overwhelm and cripple a target program or device that can monitor data traveling over a network sniffers that work on TCP/IP networks process of using social skills to convince people to review access credentials or other valuable information to the attacker attempt to obtain personal or financial information using fraudulent means, usually by posing as a legitimate entity highly targeted phishing attack that usually appears to be from an employer, colleague, or other legit correspondent 3 primary techniques of phishing URL manipulation, Website forgery, phone phishing redirection of legit web traffic to an illegitimate site for the purpose of obtaining private information changing a legit host entry in a domain name server (DNS) to point to an attacker's website attack in which an abuser explores the contents of a web browser's cache. these attacks allow a web designer to create a malicious form of cookie to store on the client's system keep the design as simple and small as possible base access decisions on permission rather than exclusion every access to every object must be checked for authority design should not be secret but rather depend on the possession of keys or passwords where feasible, a protection mechanism should require two keys to unlock rather than one every program and every user of the system should operate using the least set of privileges necessary to complete the job minimize mechanisms ro shared variables common to more than one user and depended on by all users psychological acceptability essential that the human interface be designed for ease of use, so that users routinely and automatically apply the protection mechanisms correctly buffer overflow (buffer overrun) application error that occurs when more data is sent to a buffer than it can handle occurs when user input is passed directly to a compiler or interpreter. underlying issue is the developer's failure to ensure that command input is validated before it is used in the program occurs when an application running on a web server gathers data from auger in order to steal it can cause a variety of unexpected system behaviors. programmers are expected to anticipate problems an prepare their application code to handle them process to assure an organization that changes to systems are managed and all parties that need to be informed are aware of the planned changes. ensures that the working system delivered to users represents the intent of the developers attacker changes the expected location of a file by intercepting and modifying a program code call, the attacker can force a program to use files other than the one it is supposed to use one of the most common methods of obtaining inside and classified info is directly or indirectly from an individual, usually an employee mathematical computing bug that is exploited indirectly by an attacker to corrupt other areas of memory in order to control an application failure of a program that occurs when an unexpected ordering of events in the execution of the program results in a conflict over access to the same system resource occurs when developers fail to properly validate user input before using it to query a relational database unauthenticated key exchange can occur on the internet where an attacker writes a variant of a public key system & places it out as freeware or corrupts or intercepts the function of someone else's public key encryption system by posing as a public key repository Is an act that takes advantage of a vulnerability to compromise a controlled?A computer exploit, or exploit, is an attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders. Used as a verb, exploit refers to the act of successfully making such an attack.
Which of the following terms refers to a tool or a technique that takes advantage of a vulnerability?An exploit is a code that takes advantage of a software vulnerability or security flaw. It is written either by security researchers as a proof-of-concept threat or by malicious actors for use in their operations.
Which type of attacker will hack systems to conduct terrorist activities via network or Internet pathways?Cyberterrorists hack systems to conduct terrorist activities via network or Internet pathways. Information extortion occurs when an attacker or trusted insider steals information from a computer system and demands compensation for its return or for an agreement not to disclose it.
What exploits do hackers use?Exploitation is a piece of programmed software or script which can allow hackers to take control over a system, exploiting its vulnerabilities. Hackers normally use vulnerability scanners like Nessus, Nexpose, OpenVAS, etc. to find these vulnerabilities.
|