ITEC 1010 Final Exam Review

Chapter 9

-BYOD makes it hard for IT organizations to help safeguard the device

-Exploit is an attack on information system that take advantage of system vulnerability (Due to
poor system design or implementation)

-Users should download and install patches to help fix software vulnerability

-Types of exploits

-Ransomware: An exploit which stops you from using your computer until you meet the certain
demands such as sending money or pictures

-Viruses: Programming code (usually disguised as something else) that causes a computer to
behave in an unexpected and undesirable manner

-Can spread to other machines if they share an infected file or send an email with the virus-
infected attachment

-Worms: Harmful program that reside in the active memory of the computer and duplicates
itself

-Can propagate without human intervention

-Trojan Horses: Seemingly harmless program where malicious code is hidden

-Victim is usually tricked to opening it because it appears to be a useful software from a

legitimate source

-Program’s harmful payload might be designed to enable the attacker to destroy hard drives,
corrupt files, etc

-Often creates a “backdoor” on a computer that enables an attacker to gain future access

-Logic bomb: Type of Trojan horse that executes when it is triggered by a specific event

-Blended Threat: Sophisticated threat that includes features of virus, worm, Trojan horse, and
other malicious code into a single payload

-Might use server and Internet vulnerabilities to initiate and then transmit and spread attack
using exe or html files and registry keys

-Spam: use of email systems to send unsolicited email to large numbers of people

-An inexpensive marketing method used by many legitimate companies

-CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart)

-Software that generates and grades tests that humans can pass but most sophisticated
computer programs cannot
Types of Exploits

-Distributed Denial-of-Service Attacks: An attack where hackers take over computers via
internet and causes them to flood a target site with demands for data and other small tasks

-Makes the site busy to the point where legitimate users cannot get in

-Botnet: (Sometimes called zombies) Large group of computers controller from one or more
remote locations by hackers without consent from owners

-Used to distribute spam and malicious code

-Rootkit: Set of programs that enables user to gain administrator level access to a computer
without the end user’s consent or knowledge

-Attacker can use the rootkit to execute files, access logs, monitor user activity, and change the
computer’s config

-Symptoms: Computer locks up or fails to respond to input, Screen saver changes, taskbar
disappear, or network activities function extremely slow

-Advanced Persistent Threat (ABT): Network attack where intruder gains access to a network
and stays undetected with the intention of stealing data over a long period of time

-Five phases of APT attack: Reconnaissance, Incursion, Discovery, Capture, Export

-Detecting anomalies in outbound data is the best way for administrators to know that the
network is a target of APT attack

-Phishing: Act of fraudulently using email to try to get the recipient to reveal personal data

-Con artists send legitimate looking emails to recipients to act to avoid negative consequences
or receive reward

-Spear-phishing is a variation of phishing where fraudulent emails are sent to a certain

organizations employee’s (More precise and designed to look like it came from high-level execs
from organization)

-Smishing is a variation of phishing that involves the use of texting

-Vishing is like smishing except victims receive a voicemail message telling them to call a phone
number or access a website

-Cyberespionage: Development of malware that secretly steals data in the computer systems of
organizations, such as government agencies, military contractors, political organizations, and
manufacturing firms

-Mostly targeted toward high-value data such as sales, marketing, details of product designs and
innovation, personal information, customer and client data, sensitive information about partner
and agreements
-Cyberterrorism: Intimidating government of civilian population by using IT to disable critical
national infrastructure to achieve political, religious, or ideological goals

-Strong security program begins by assessing threats to the organization’s computers and
network

-Identifying actions that address the most serious vulnerabilities and educating users about risks
involved how to prevent it

-Security Policy: Defines organization’s security requirements along with the controls and
sanctions needed to meet those requirements and outlines what needs to be done but not how
to do it

-Organizations should implement layered security solution to make computer break-ins difficult
so attackers give up

-Firewall: System of software, hardware, or combination of both that guard between an

organization’s internal network and the internet and limits network access based on the
organization’s access policy

-Next-generation firewall (NGFW): Hardware-or software-based network security system that

can detect and block sophisticated attacks by filtering network traffic dependent on the packet
content

-Inspects payload of packets and match sequences of bytes for harmful activities

-Computer attackers: Know that many organizations are slow to fix problems, they scan the
internet for vulnerable systems

-Security audit: Evaluates whether an organization has well-considered security policy in place
and if it is being followed

-Intrusion detection system (IDS): Software and/or hardware that monitors system and network
resources and activities, notifies security measures of a networked computer environment

-Knowledge-based IDS: Contain information about specific attacks and system vulnerabilities

-Behavior-based IDS: Models normal behavior of a system and its user from reference
information collected by various means

-A response plan should be developed well in advance of any incident, should be approved by
the organization’s legal department and senior management, in a security incident, primary goal
must be regain control and limit damage, not to attempt to monitor or catch an intruder

-Organizations should document all details of a security incident as it works to resolve the
incident, can be used to capture evidence for a future prosecution

-Managed Security Service Provider (MSSP): A company that monitors, manages, and maintains
computer and network security for other organizations, provides vulnerability scanning and web
blocking and filtering capabilities
-Computer Forensics: Discipline that combines elements of law and computer science to
identify and preserve data from computer systems, networks, and storage devices in a manner
that preserves the integrity of the data gathered

-Work as a team to investigate incident and conduct the forensic analysis

-Certifications exist: CCE (Certified Computer Examiner), CISSP (Certified Information Systems
Security Professional), CSFA (Cybersecurity Forensic Analyst), and GCFA (Global Information
Assurance Certification Certified Forensic Analyst)

Chapter 10

-Examples of computer-related waste include: Organization’s operating unintegrated

information systems, acquiring redundant systems, Wasting information system resources

-Most computer-related mistakes are caused by human error

-Unintegrated information systems make it difficult to collaborated and share information

-Common causes are unclear expectations, inadequate training and feedback, program
development that contains errors, incorrect input by a data-entry clerk

-IS efficiency and effectiveness involving, establishing, implementing, monitoring, and reviewing
policies and procedures

-Training programs as well as manuals and documents covering the use and maintenance of
information systems can help prevent computer waste and mistakes

-Examples of other useful policies to minimize waste and mistakes include:

-Changes to critical tables, HTML, and URLs should be tightly controlled

-User manuals should be available

-Each system report should indicate its general content in its title and specify the time covered

-The system should have controls to prevent invalid and unreasonable data entry

-Controls to ensure that data input, HTML, and URLs are valid, applicable, and posted in the right
time frame

-Users should implement proper procedures to ensure correct input data

-Process of implementing varies by organization, most companies develop policies with advice
from an internal or external auditing group

-Monitor routine practices and take corrective action if necessary

-Implement internal audits to measure actual results against established goals such as:
Percentage of end-user reports produced on time, percentage of data-input errors detected

-Number of input transactions entered per eight-hour shift

-Audits can also be used to track the amount of time employees spend on non-work-related
websites

-Issues of privacy deals with the right to be left alone or to be withdrawn from public view

-Data is constantly being collected and stored on each of us, data is often distributed over easily
accessed networks without our knowledge or consent

-Employers use technology and corporate policies to manage worker productivity and protect
the use of IS resources

-Organization monitors employee’s email

-Federal law permits employers to monitor email sent and received by employees

-Emails that have been erased from hard disk can be retrieved and used in lawsuits

-RFID Tags: Microchips with antenna, embedded in many products we buy, it generates radio
transmissions that, if appropriate measures are not taken, can lead to potential privacy concerns

-Mobile crowd sensing (MCS): Means of acquiring data through sensor-enhanced mobile
devices which the data is shared with individuals, healthcare providers, utility firms, and local,
state, and federal government agencies

-The Children’s Online Privacy Protection Act (COPPA) of 1998 impacts the design and
operations of Web sites that cater to children

-Libel: Publishing an intentionally false written statement that is damaging to a person’s or

organization’s reputation

-Individuals: can post information to the internet using anonymous email accounts or screen
names

-Many companies store and sell data they collect on customers, employees, and others

-Filtering software screens internet content

-Children’s internet Protection Act (CIPA): Schools and libraries subject to CIPA do not receive
discounts offered by the “E-Rate” program unless they certify that they have certain internet
safety measures in place to block or filter

-Most organizations maintain privacy policies

-Use of computer-based information systems has changed the workforce, jobs that require IS
literacy have increased, less-skilled positions have been eliminated

-Can create Occupational stress, Seated immobility thromboembolism (SIT), Repetitive strain
injury (RSI) or Carpal tunnel syndrome (CTS)

-Two primary causes are poorly designed work environment or failure to take regular breaks to
stretch the muscles and rest the eyes
-Ethics: Ethical behavior conforms to generally accepted social norms, Morals are one’s personal
beliefs about right and wrong, law is a system of rules that tells us what we can and cannot do

-A code of ethics: States the principles and core values essential to a set of people and,
therefore, govern their behavior