Professional Documents
Culture Documents
ITEC 1010 Final Exam Review
ITEC 1010 Final Exam Review
Chapter 9
-Exploit is an attack on information system that take advantage of system vulnerability (Due to
poor system design or implementation)
-Users should download and install patches to help fix software vulnerability
-Types of exploits
-Ransomware: An exploit which stops you from using your computer until you meet the certain
demands such as sending money or pictures
-Viruses: Programming code (usually disguised as something else) that causes a computer to
behave in an unexpected and undesirable manner
-Can spread to other machines if they share an infected file or send an email with the virus-
infected attachment
-Worms: Harmful program that reside in the active memory of the computer and duplicates
itself
-Program’s harmful payload might be designed to enable the attacker to destroy hard drives,
corrupt files, etc
-Often creates a “backdoor” on a computer that enables an attacker to gain future access
-Logic bomb: Type of Trojan horse that executes when it is triggered by a specific event
-Blended Threat: Sophisticated threat that includes features of virus, worm, Trojan horse, and
other malicious code into a single payload
-Might use server and Internet vulnerabilities to initiate and then transmit and spread attack
using exe or html files and registry keys
-Spam: use of email systems to send unsolicited email to large numbers of people
-CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart)
-Software that generates and grades tests that humans can pass but most sophisticated
computer programs cannot
Types of Exploits
-Distributed Denial-of-Service Attacks: An attack where hackers take over computers via
internet and causes them to flood a target site with demands for data and other small tasks
-Makes the site busy to the point where legitimate users cannot get in
-Botnet: (Sometimes called zombies) Large group of computers controller from one or more
remote locations by hackers without consent from owners
-Rootkit: Set of programs that enables user to gain administrator level access to a computer
without the end user’s consent or knowledge
-Attacker can use the rootkit to execute files, access logs, monitor user activity, and change the
computer’s config
-Symptoms: Computer locks up or fails to respond to input, Screen saver changes, taskbar
disappear, or network activities function extremely slow
-Advanced Persistent Threat (ABT): Network attack where intruder gains access to a network
and stays undetected with the intention of stealing data over a long period of time
-Detecting anomalies in outbound data is the best way for administrators to know that the
network is a target of APT attack
-Phishing: Act of fraudulently using email to try to get the recipient to reveal personal data
-Con artists send legitimate looking emails to recipients to act to avoid negative consequences
or receive reward
-Vishing is like smishing except victims receive a voicemail message telling them to call a phone
number or access a website
-Cyberespionage: Development of malware that secretly steals data in the computer systems of
organizations, such as government agencies, military contractors, political organizations, and
manufacturing firms
-Mostly targeted toward high-value data such as sales, marketing, details of product designs and
innovation, personal information, customer and client data, sensitive information about partner
and agreements
-Cyberterrorism: Intimidating government of civilian population by using IT to disable critical
national infrastructure to achieve political, religious, or ideological goals
-Strong security program begins by assessing threats to the organization’s computers and
network
-Identifying actions that address the most serious vulnerabilities and educating users about risks
involved how to prevent it
-Security Policy: Defines organization’s security requirements along with the controls and
sanctions needed to meet those requirements and outlines what needs to be done but not how
to do it
-Organizations should implement layered security solution to make computer break-ins difficult
so attackers give up
-Inspects payload of packets and match sequences of bytes for harmful activities
-Computer attackers: Know that many organizations are slow to fix problems, they scan the
internet for vulnerable systems
-Security audit: Evaluates whether an organization has well-considered security policy in place
and if it is being followed
-Intrusion detection system (IDS): Software and/or hardware that monitors system and network
resources and activities, notifies security measures of a networked computer environment
-Knowledge-based IDS: Contain information about specific attacks and system vulnerabilities
-Behavior-based IDS: Models normal behavior of a system and its user from reference
information collected by various means
-A response plan should be developed well in advance of any incident, should be approved by
the organization’s legal department and senior management, in a security incident, primary goal
must be regain control and limit damage, not to attempt to monitor or catch an intruder
-Organizations should document all details of a security incident as it works to resolve the
incident, can be used to capture evidence for a future prosecution
-Managed Security Service Provider (MSSP): A company that monitors, manages, and maintains
computer and network security for other organizations, provides vulnerability scanning and web
blocking and filtering capabilities
-Computer Forensics: Discipline that combines elements of law and computer science to
identify and preserve data from computer systems, networks, and storage devices in a manner
that preserves the integrity of the data gathered
-Certifications exist: CCE (Certified Computer Examiner), CISSP (Certified Information Systems
Security Professional), CSFA (Cybersecurity Forensic Analyst), and GCFA (Global Information
Assurance Certification Certified Forensic Analyst)
Chapter 10
-Common causes are unclear expectations, inadequate training and feedback, program
development that contains errors, incorrect input by a data-entry clerk
-IS efficiency and effectiveness involving, establishing, implementing, monitoring, and reviewing
policies and procedures
-Training programs as well as manuals and documents covering the use and maintenance of
information systems can help prevent computer waste and mistakes
-Each system report should indicate its general content in its title and specify the time covered
-The system should have controls to prevent invalid and unreasonable data entry
-Controls to ensure that data input, HTML, and URLs are valid, applicable, and posted in the right
time frame
-Process of implementing varies by organization, most companies develop policies with advice
from an internal or external auditing group
-Implement internal audits to measure actual results against established goals such as:
Percentage of end-user reports produced on time, percentage of data-input errors detected
-Issues of privacy deals with the right to be left alone or to be withdrawn from public view
-Data is constantly being collected and stored on each of us, data is often distributed over easily
accessed networks without our knowledge or consent
-Employers use technology and corporate policies to manage worker productivity and protect
the use of IS resources
-Federal law permits employers to monitor email sent and received by employees
-Emails that have been erased from hard disk can be retrieved and used in lawsuits
-RFID Tags: Microchips with antenna, embedded in many products we buy, it generates radio
transmissions that, if appropriate measures are not taken, can lead to potential privacy concerns
-Mobile crowd sensing (MCS): Means of acquiring data through sensor-enhanced mobile
devices which the data is shared with individuals, healthcare providers, utility firms, and local,
state, and federal government agencies
-The Children’s Online Privacy Protection Act (COPPA) of 1998 impacts the design and
operations of Web sites that cater to children
-Individuals: can post information to the internet using anonymous email accounts or screen
names
-Many companies store and sell data they collect on customers, employees, and others
-Children’s internet Protection Act (CIPA): Schools and libraries subject to CIPA do not receive
discounts offered by the “E-Rate” program unless they certify that they have certain internet
safety measures in place to block or filter
-Use of computer-based information systems has changed the workforce, jobs that require IS
literacy have increased, less-skilled positions have been eliminated
-Can create Occupational stress, Seated immobility thromboembolism (SIT), Repetitive strain
injury (RSI) or Carpal tunnel syndrome (CTS)
-Two primary causes are poorly designed work environment or failure to take regular breaks to
stretch the muscles and rest the eyes
-Ethics: Ethical behavior conforms to generally accepted social norms, Morals are one’s personal
beliefs about right and wrong, law is a system of rules that tells us what we can and cannot do
-A code of ethics: States the principles and core values essential to a set of people and,
therefore, govern their behavior