Page

Introduction and Security Trends

Multiple-Choice Quiz

1. Each of the following is a reason why it is difficult to defend against today’s attackersexcept .A. Simplicity of attack toolsB. Increased speed of attacksC. greater sophistication of attacksD. Regular patching and update of software products

2. In a general sense “security” is .A. protection from only direct actionsB. the steps to protect a person or property from harmC. an action to inflict damage or sufferingD. to guard digital information

3. ensures that only authorized parties can alter the information.A. ConfidentialityB. AvailabilityC. IntegrityD. Authorization

4. ensures that the individual is who they claim to be and not an imposter.A. Authentication B. Authorization C. Identification D. Accounting

5. By definition a(n) is a weakness that allows a threat agent to bypass security .A. vulnerabilityB. exploit C. threat D. asset

6. Each of the following is a goal of information security except .A. Foil cyberterrorismB. Prevent data and identity theftC. Avoid legal consequencesD. Decrease user productivity

7. are individuals who want to break into computers but have limited skills.A. Script kiddiesB. HackersC. CybercriminalsD. Spies

Page

8. Before an attacker penetrates any defence, the initial step is to .A. paralyze networks and devicesB. circulate to other systemsC. probe a network for informationD. modify security settings

9. An example of is allowing only those who must use the data to have access to it.A. obscurity B. limiting C. diversity D. layering

10. The act of deliberately accessing computer systems and networks without authorization is generally known as:

A. Computer intrusionsB. Hacking C. Cracking D. Probing

Essay Questions

1.

Answer:A ping sweep sends a “ping” (an ICMP echo request) to the target machine. If themachine responds, it is reachable.Port scans actually “look” at a machine that is alive and scan for an open port. Once theopen port is found, it scans the port to find the service it is running.These activities can easily be done by script kiddies and so may not result in an actual attack. However, they may be pre-cursors to an impending attack.

2.

Answer:Insiders are more dangerous because:They have the access and knowledge necessary to cause significant damage to an organization.As most security setups are designed to protect against outsiders. With their knowledge, they are better able to avoid detection.

Page

3.

Answer:

Security through limiting uses the approach of limiting what a person needs to know. ie, only those who must use data should have access to it

i. Separate the duties between two or more individuals.ii. Each user should be given only the minimal amount of privileges necessary

to perform his or her job function

Security through diversity uses the approach of having different variety of layers where breaching one security layer does not compromise the whole system.

i. Use a variety of physical protection such as fencing, RFID, mantrap, etc ii. Implement a variety of network equipment made by different vendors.

iii. Install different operating systems for different servers.

Security through obscurity uses the approach of protecting something by hiding it.i. Hiding a house key under a doormat or in a planter, or pushing your favorite ice cream

to the back of the freezer so that everyone else thinks it is gone.ii. hiding money in a coffee can and burying it,iii. administrator moves a service from its default port to a more obscure port,

4.

Answer:i. Make sure all patches for the operating systems and applications are installed. Many

security problems could have been avoided if patches are installed in a timely manner.ii. Limit the services that are running on the systems. This means that we should only

run services that are required and nothing more. Hackers are known to takeadvantage of vulnerabilities that exist in unneeded services that are running.

iii. To prevent social engineering by providing as little information as possible about the organization and its computing resources.