Chapter 14 Risks, Security, and Disaster Revcovery Flashcards

Question

Trojan horse

Answer 1

a virus disguised as legitimate software

Answer 2

software that is programmed to cause damage at a specific time

Answer 3

- Poor training - Lack of adherence to backup procedures - Unauthorized downloading and installation of software may cause damage - Human error

Answer 4

- Many hackers try daily to interrupt online businesses - Some types of attacks - Unauthorized access - Data theft - Defacing of webpages - Denial of service - Hijacking computers

Answer 5

Denial of service (DoS): an attacker launches a large number of information requests - Slows down legitimate traffic to site - Distributed denial of service (DDoS): an attacker launches a DoS attack from multiple computers - Usually launched from hijacked personal computers called “zombies” - There is no definitive cure for this - A site can filter illegitimate traffic

Answer 6

Distributed denial of service (DDoS): an attacker launches a DoS attack from multiple computers - Usually launched from hijacked personal computers called “zombies” - There is no definitive cure for this - A site can filter illegitimate traffic

Answer 7

using some or all of a computer’s resources without the consent of its owner - Often done for making a DDoS attack - Done by installing a software bot on the computer - Main purpose of hijacking is usually to send spam

Answer 8

- Hijacking: using some or all of a computer’s resources without the consent of its owner - Often done for making a DDoS attack - Done by installing a software bot on the computer - Main purpose of hijacking is usually to send spam - Bots are planted by exploiting security holes in operating systems and communications software - A bot usually installs e-mail forwarding software

Answer 9

constraints and restrictions imposed on a user or a system - Can be used to secure against risks - Are also used to ensure that nonsensical data is not entered - Can reduce damage caused to systems, application, and data - Translate business policies into system features

Answer 10

- A reliable application can resist inappropriate usage such as incorrect data entry or processing - The application should provide clear messages when errors or deliberate misuses occur - Controls also translate business policies into system features

Answer 11

periodic duplication of all data - Redundant Arrays of Independent Disks (RAID): set of disks programmed to replicate stored data - Data must be routinely transported off-site as protection from a site disaster - Some companies specialize in data backup services or backup facilities for use in the event of a site disaster

Answer 12

Redundant Arrays of Independent Disks (RAID): set of disks programmed to replicate stored data

Answer 13

measures taken to ensure only authorized users have access to a computer, network, application, or data - Physical locks: secure the equipment in a facility - Software locks: determine who is authorized - Types of access controls - What you know: access codes, such as user ID and password - What you have: requires special devices - Who you are: unique physical characteristics - Access codes and passwords are usually stored in the OS or in a database - Security card is more secure than a password - Requires two-factor access - Biometric: uses unique physical characteristics such as fingerprints, retinal scans, or voiceprints - Up to 50 percent of help desk calls are from people who have forgotten their passwords - Biometrics can eliminate these kinds of calls

Answer 14

- What you know: access codes, such as user ID and password - What you have: requires special devices - Who you are: unique physical characteristics

Answer 15

uses unique physical characteristics such as fingerprints, retinal scans, or voiceprints

Answer 16

a set of indivisible transactions - Requires all of the transactions in the set to be completely executed, or none are executed - Ensures that only full entry occurs in all the appropriate files to guarantee integrity of the data - Is a control against malfunction and also prevents fraud

Answer 17

a series of documented facts that help detect who recorded which transactions, at what time, and under whose approval - Sometimes automatically created using data and timestamps - Certain policy and audit trail controls are required in some countries - Information systems auditor: a person whose job is to find and investigate fraudulent cases

Answer 18

a person whose job is to find and investigate fraudulent cases

Answer 19

Organizations can protect against attacks using various approaches, including: - Firewalls - Authentication - Encryption - Digital signatures - Digital certificates

Answer 20

hardware and software that blocks access to computing resources - The best defense against unauthorized access over the Internet - Firewalls are now routinely integrated into routers

Answer 21

demilitarized zone approach - One end of the network is connected to the trusted network, and the other end to the Internet - Connection is established using a proxy server

Answer 22

“represents” another server for all information requests from resources inside the trusted network - Can also be placed between the Internet and the trusted network when there is no DMZ

Answer 23

the process of ensuring that you are who you say you are

Answer 24

coding a message into an unreadable form (mathematical algorithm and a key) increases security slows down communication (Every message must be encrypted and then decrypted)

Answer 25

- Authentication: the process of ensuring that you are who you say you are - Encryption: coding a message into an unreadable form - Messages are encrypted and authenticated to ensure security - Important when communicating confidential information, e.g., financial and medical records - A message may be text, image, sound, or other digital information - Encryption programs scramble the transmitted information - Plaintext: the original message - Ciphertext: the encoded message - Encryption uses a mathematical algorithm and a key - Key: a unique combination of bits that will decipher the ciphertext - Public-key encryption: uses two keys, one public and one private - Symmetric encryption: when the sender and the recipient use the same key - Asymmetric encryption: both a public and a private key are used - Transport Layer Security (TLS): a protocol for transactions on the Web that uses a combination of public key and symmetric key encryption - HTTPS: the secure version of HTTP - Digital signature: a means to authenticate online messages; implemented with public keys - Message digest: unique fingerprint of file - Digital certificates: computer files that associate one’s identity with one’s public key Issued by certificate authority - Certificate authority (CA): a trusted third party - A digital certificate contains its holder’s name, a serial number, its expiration dates, and a copy of holder’s public key - Also contains the digital signature of the CA

Answer 26

the original message

Answer 27

the encoded message

Answer 28

a unique combination of bits that will decipher the ciphertext

Answer 29

uses two keys, one public and one private

Answer 30

when the sender and the recipient use the same key

Answer 31

both a public and a private key are used

Answer 32

Transport Layer Security (TLS): a protocol for transactions on the Web that uses a combination of public key and symmetric key encryption

Answer 33

the secure version of HTTP

Answer 34

a means to authenticate online messages; implemented with public keys

Answer 35

unique fingerprint of file

Answer 36

computer files that associate one’s identity with one’s public key - Issued by certificate authority - contains its holder’s name, a serial number, its expiration dates, and a copy of holder’s public key - contains the digital signature of the CA

Answer 37

Certificate authority (CA): a trusted third party

Answer 38

Single sign-on (SSO): a user must enter his or her name/password only once - saves employees time

Answer 39

- Single sign-on (SSO): a user must enter his or her name/password only once - Single sign-on saves employees time - Encryption slows down communication - Every message must be encrypted and then decrypted - IT specialists must clearly explain the implications of security measures to upper management

Answer 40

- Security measures may reduce mishaps, but no one can control all disasters - Preparation for uncontrolled disasters requires that recovery measures are in place - Redundancy may be used - Very expensive, especially in distributed systems - Other measures must be taken

Answer 41

a detailed plan about what should be done and by whom if critical systems go down - Also called disaster recovery plan, business resumption plan, or business continuity plan

Answer 42

1. Obtain management’s commitment to the plan 2. Establish a planning committee 3. Perform risk assessment and impact analysis 4. Prioritize recovery needs - Mission-critical applications: those without which the business cannot conduct operations 5. Select a recovery plan 6. Select vendors 7. Develop and implement the plan 8. Test the plan 9. Continually test and evaluate

Answer 43

those without which the business cannot conduct operations

Answer 44

Alternative sites that a business can use when a disaster occurs - Backup sites provide desks, computer systems, and Internet links

Answer 45

- Can outsource recovery plans to firms that specialize in disaster recover planning - Hot sites: alternative sites that a business can use when a disaster occurs - Backup sites provide desks, computer systems, and Internet links - Companies that implement hot sites - IBM - Hewlett-Packard - SunGard Availability Services

Answer 46

Costs to consider in security measures - Cost of the potential damage - Cost of implementing a preventative measure 𝐶𝑜𝑠𝑡 𝑜𝑓 𝑃𝑜𝑡𝑒𝑛𝑡𝑖𝑎𝑙 𝐷𝑎𝑚𝑎𝑔𝑒= ∑_(𝑖=1)^𝑛 𝐶𝑜𝑠𝑡 𝑜𝑓 𝐷𝑖𝑠𝑟𝑢𝑝𝑡𝑖𝑜𝑛_𝑖 ×𝑃𝑟𝑜𝑏𝑎𝑏𝑖𝑙𝑖𝑡𝑦 𝑜𝑓 𝐷𝑖𝑠𝑟𝑢𝑝𝑡𝑖𝑜𝑛_𝑖 - Where 𝑖 is a probable event, and 𝑛 is the number of events - As the cost of security measures increases, the cost of potential damage decreases - Companies try to find the optimal point - The company must define what needs to be protected - Security measures should never exceed the value of protected system

Answer 47

∑_(𝑖=1)^𝑛 𝐶𝑜𝑠𝑡 𝑜𝑓 𝐷𝑖𝑠𝑟𝑢𝑝𝑡𝑖𝑜𝑛_𝑖 ×𝑃𝑟𝑜𝑏𝑎𝑏𝑖𝑙𝑖𝑡𝑦 𝑜𝑓 𝐷𝑖𝑠𝑟𝑢𝑝𝑡𝑖𝑜𝑛_𝑖 Where 𝑖 is a probable event, and 𝑛 is the number of events

Answer 48

- Businesses should try to minimize downtime, but the benefit of greater uptime must be compared to the added cost - Mission-critical systems must be connected to an alternative source of power, duplicated with a redundant system, or both - Many ISs are now interfaced with other systems - The greater the number of interdependent systems, the greater the expected downtime - Redundancies reduce expected downtime

Answer 49

- The purpose of controls and security measures is to maintain the functionality of ISs - Risks to ISs include risks to hardware, data, and networks - Risks to hardware include natural disasters and vandalism - Risks to data and applications include theft of information, identity theft, data alteration, data destruction, defacement of websites, viruses, worms, logic bombs, and nonmalicious mishaps - Risks to online systems include denial of service and computer hijacking - Controls are used to minimize disruption - Access controls require information to be entered before resources are made available - Atomic transactions ensure data integrity - Firewalls protect against Internet attacks - Encryption schemes scramble messages to protect them on the Internet - A key is used to encrypt and decrypt messages - SSL, TLS, and HTTPS are encryption standards designed for the web - Keys and digital certificates can be purchased from a certificate authority - Many organizations use the services of organizations that provide hot sites - Careful evaluation of the amount spent on security measures is necessary - Redundancy reduces the probability of downtime - Governments are obliged to protect citizens against crime and terrorism

Chapter 14 Risks, Security, and Disaster Revcovery Flashcards

(73 cards)