Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
59 Cards in this Set
- Front
- Back
|
• What is a mission statement?
|
A mission statement is a formal statement declaring the ongoing purpose and reason for existence of a business.
|
|
|
• What is Risk?
|
Risk is the product of the likelihood of a negative event occurring multiplied by the impact of such an event happening.
|
|
|
• What are the two steps of Risk Management?
|
The two steps of risk management are risk assessment and risk treatment.
|
|
|
• Explain Qualitative Risk Assessment?
|
A qualitative risk assessment is the identification of vulnerabilities, threats, threat probability, impact, and countermeasures for a given scope of assets, basically the “quality” of a risk, a subjective approach to calculating risk.
|
|
|
• Explain Quantitative Risk Assessment?
|
Quantitative risk assessment is the calculated risk based on asset value and exposure factor, resulting in a single loss expectancy. The single loss expectancy can be multiplied by the annualized rate of occurrence to calculate the annual loss expectancy. This is a “quantity” risk, the cost to repair and/or replacement of an asset based on exposure and the rate of occurrence.
|
|
|
• What are some forms of Risk Treatment?
|
Forms of risk treatment include risk acceptance, risk avoidance, risk reduction, and risk transfer.
|
|
|
• Explain Fail Open versus Fail Closed.
|
Fail open and fail closed deal with the state of a mechanism after it fails. Fail open is when the mechanism permits all activity. Fail closed is when the mechanism blocks all activity.
|
|
|
• What are the three pillars of Security?
|
The three pillars of security are CIA: confidentiality, integrity, and availability.
|
|
|
• What is PII? Provide examples.
|
PII is personal identifiable information. Examples are name, Social Security number, phone number, driver’s license number, and credit cards.
|
|
|
• How can you estimate the likelihood of an exploitation?
|
The likelihood of an exploitation can be estimated from past experience, national and international standards and guidelines, consulting experts and specialists, using models (economic, engineering, etc), market research and analysis, and experiments and prototypes. At last resort, guesswork can be implemented to provide an estimate should no reasonable numbers emerge, provided management is notified.
|
|
|
• What is COOP?
|
COOP is the continued operations of a company at minimal essential levels following a disaster, resulting in a higher rate of survivability for the company
|
|
|
• What is DR?
|
DR is disaster recovery, which is the process of returning to “business as usual” following a disaster that destroys part or all of a site.
|
|
|
• What is the purpose of COOP?
|
The purpose of COOP planning is to develop a plan for efficient and timely continued operations following a disaster, to minimize business damage and loss, and to ensure survivability of critical equipment, records, and assets.
|
|
|
• What is the purpose of DR?
|
The purpose of disaster recovery is to assess, salvage, repair, and restore facilities and systems damaged during a disaster.
|
|
|
• What are some essential elements of COOP?
|
Some essential elements of COOP are plans and procedures (as well as testing and training), delegations of authority, having accessible alternate facilities, ability to access vital records and databases, coordinating personnel, and security.
|
|
|
• What is the definition of a disaster?
|
A disaster is a natural or man-made event that disrupts a business in such a way that recovery can only be achieved by a considerable effort.
|
|
|
• What are the two types of disasters?
|
The two types of disasters are natural disasters and man-made disasters.
|
|
|
• What are some benefits of planning for COOP and DR?
|
By planning for COOP and DR, a company can reduce its risk, has a marketplace advantage, and has improved availability and reliability.
|
|
|
• How do you perform a Threat and Risk Analysis?
|
To perform a Threat and Risk Analysis, one must identify threats, vulnerabilities, and risks for each key process, then rank each according to probability, impact, and cost, and identify mitigating controls.
|
|
|
• What are the components of developing a Business Continuity and Recovery Plans?
|
The components of developing Business Continuity and Recovery Plans are selecting recovery team members, designing an emergency response, assessing damage and salvaging assets, notifying those affected inside and outside the company, providing for personal safety, reestablishing communication, providing for lack of public utilities, and logistics and supplies.
|
|
|
• What are the five levels of testing plans for COOP and DR?
|
The five levels of testing plans for COOP and DR are document review, walkthrough, simulation, parallel testing, and cutover testing.
|
|
|
• What is Reliability?
|
Reliability is the probability of a component or system performing its mission over a certain length of time.
|
|
|
• What is MTBF?
|
MTBF is the mean time between failures – the expected reliability calculated on a statistical basis from known failure rates of components tested in a lab.
|
|
|
• What are some reasons for data loss?
|
Data loss can result from hardware failures, software malfunctions, accidental deletion or overwriting, natural disasters, and disgruntled employees.
|
|
|
• What is Redundancy? Provide examples
|
Redundancy is the ability of a system to continue functioning normally in the event of a component failure by having backup components that perform duplicate functions. Examples are multiple CPUs, RAID disks, and dual network connections.
|
|
|
• What is Failover? Provide examples
|
Failover is the process of data being immediately rerouted to an alternate path so that services remain interrupted following a physical disruption to a network component. Examples are an alternate server for the same services and a second switch for the same network.
|
|
|
• Explain incremental backups
|
An incremental backup is backing up only the files that have changed since the last full backup, which takes less time than a full backup and uses fewer resources as well as memory. However, when restoring data, it is necessary to restore the full backup then each of the incremental backups, resulting in a longer restore time.
|
|
|
• What is Encipher/Decipher?
|
Encipher is encryption, the process of changing plaintext into ciphertext. Decipher is decryption, the process to changing ciphertext into plaintext
|
|
|
• In a cryptographic system, where does the encryption strength come from?
|
Encryption strength comes from confusion and diffusion. Confusion is caused by changing key values each round, using substitution, and by the complication of the plaintext/key relationship. Diffusion results by changing the location of the plaintext in ciphertext and through transposition.
|
|
|
• Explain how a Certificate Authority works.
|
A Certificate Authority issues a digital certificate. The digital certificate contains a public key and identity of the owner. The certificate is a validation that the public key is owned by the corresponding identity. The public key encrypts data sent through a Web form submission when sending that data to the certificate owner.
|
|
|
• How does a Digital Signature work?
|
The sender’s digital signature encrypts the message using his private key. The message is encrypted a second time using the receiver’s public key. The receiver uses his own private key and the sender’s public key to decipher the message.
|
|
|
• Which is better and why: Hardware or Software encryption?
|
Hardware encryption is better for many reasons. Hardware encryption is faster because it uses a special chip inside the device. You only need the hardware for decryption. Software encryption is slower because it uses itself – the application – using additional system resources and extra steps to encrypt and decrypt. Hardware encryption never exposes the password to the computer – it is contained in the encryption chip inside the device. Software encryption exposes the password to the computer, which can allow the password to be recovered by hackers. Software encryption also stores the encrypted data as a visible file for anyone to copy. Files are not visible on encrypted hardware without use of a password.
|
|
|
• What is Cryptography?
|
Cryptography is the science of hiding information in plain sight to conceal it from unauthorized parties.
|
|
|
• What is Encryption?
|
Encryption is the process of transforming information using a cipher, making it unreadable without a key.
|
|
|
• Why are Telnet and FTP bad? What should be used instead?
|
All FTP transmissions are in plaintext and can be read by anyone sniffing the network. Anyone who has access to the router, switch, hub, or gateway between the two hosts using Telnet can obtain any data that is typed. SSL or TLS should be used instead.
|
|
|
• Explain Shannon’s Fundamental Theory of Information Technology.
|
Shannon’s Fundamental Theory of Information Technology states that a channel’s capacity is directly proportional to its bandwidth. This means that as bandwidth increases, so does the amount of information it can carry.
|
|
|
• What is a Computer Network?
|
A computer network is the collection of devices connected by wires or wirelessly to share resources – hardware, software, and databases, etc.
|
|
|
• What are some benefits of computer networks?
|
Some benefits of computer networks are: saving money – they can share resources, such as an Internet connection and printer; saving time by sharing files – access to materials, such as databases, for quick updates, rather than sending the files back and forth through emails; and security – with property network security protocols, files are more secure within the network than when providing access outside the network.
|
|
|
• How does a modem work?
|
A modem translates digital to analog for transmission through an analog medium, then translates analog to digital for purposes of receiving
|
|
|
• Explain the difference between Centralized Processing, De-centralized processing, and Distributed processing?
|
Centralized processing occurs in a single location, de-centralized processing occurs among various remote locations, and distributed processing occurs at remote locations but are connected via telecommunication devices.
|
|
|
• In networking, what is a protocol?
|
A protocol is the set of rules that guarantee communication among computers of different types and different manufacturers.
|
|
|
• What is the difference between a switch and a hub?
|
The difference between a hub and a switch is that a hub doesn’t manage the traffic the coming through it – every packet entering is being sent out through all other ports, resulting in packet collisions, whereas a switch creates a different collision domain for each port, resulting in transmissions that do not interfere with each other (no collisions).
|
|
|
• What are some examples of network threats?
|
A DoS attack is designed to flood or cause malfunction. During a teardrop attack, the attacker sends mangled packet fragments with overlapping and oversized payloads to the targeted system. A sequence number threat guesses upcoming sequence numbers as a method for hijacking a session. A smurf attack is a large number of ICMP echo requests, where the packets are sent to a target network’s broadcast address, which causes all systems on the network to respond.
|
|
|
• What is the definition of Telecommunications (also provide examples)?
|
Telecommunications is the transmission of messages over distances to communicate. Historic telecommunications consisted of smoke signals, coded drumbeats, and signal flags. Modern telecommunications include telephones, radio and microwave communications, fiber optics, and wireless transmissions.
|
|
|
• What is Data Communications?
|
Data communications is a specialized part of telecommunications that refers to electronic collection, processing, and distribution of data, usually between computer hardware devices
|
|
|
• What is Bandwidth?
|
Bandwidth is the rate of data transfer, measured in bits per second.
|
|
|
• Explain packet fragmentation in Routers
|
If a packet is oversized and the router is unable to forward it, the router fragments the packet into smaller packets. The TCP/IP stack performs the fragmentation and reassembly process.
|
|
|
• What are the seven layers within the network model?
|
Layer 1 – Physical, Layer 2 – Data link, Layer 3 – Network, Layer 4 – Transport, Layer 5 – Session, Layer 6 – Presentation, Layer 7 – Application
|
|
|
• What is a virus?
|
A virus is a computer program that can copy itself and infect a computer. A virus must be attached to a file or boot sector to be disruptive or destructive. Typically, viruses are created to steal information.
|
|
|
• How often should one update anti-virus definitions?
|
Anti-virus definitions are typically updated on a regular basis by one’s anti-virus software. If the “auto-update” option is not selected, a user should check for updates weekly, minimally.
|
|
|
• How do you recover a file once it has been deleted?
|
If you haven’t altered your hard drive since you deleted the file, it is recoverable. The deleted file is saved as it’s name, except the first letter of the filename was replaced with a question mark. There are file recovery software packages that will scan your hard drive and locate these files for you.
|
|
|
• What is Spyware?
|
Spyware is a program that secretly gathers information about you and your computer and relays it to an advertiser or other third party.
|
|
|
• What is Adware?
|
Adware is a program that tracks Internet habits, pushes ads, and performs other information-gathering events and relays the information to their developers.
|
|
|
• How can you tell your system is 100% clean once you remove a virus?
|
You can’t. The only way to guarantee you are 100% virus free is to format your computer.
|
|
|
• Explain why it is not good to use the “Administrator” logon or rights all of the time?
|
“Administrator” is the most common name for account logins. This is providing hackers with an easy piece of information making you an easier target than someone who doesn’t have an account named “Administrator”. Once a hacker has access to your Administrator account, they can do anything to your computer. If you are using a non-administrator rights account and someone infiltrates your system, by downloading a malware program for example, they are limited to the files that account has access to. You can delete that username and establish a new one free of that malware program.
|
|
|
• How can you defend against a virus being loaded from behind your firewall?
|
Each machine should have its own anti-virus protection. This limits the spread of the virus throughout the network. Also, but using a non-administrator account, one can sometimes limit infection from a virus and prevent spreading it to other users.
|
|
|
• What is considered an insider threat?
|
An insider threat is typically a disgruntled employee attempting to gain access to unauthorized areas for personal gain, espionage, or revenge.
|
|
|
• What is Phishing?
|
Phishing is an attempt to trick someone into giving out sensitive or personal information by causing the victim to think they are providing information to a legitimate source.
|
|
|
• Explain Social Engineering
|
Social engineering is “people hacking”. A person can manipulate another into revealing sensitive information, willingly or unwillingly. Social engineering typically occurs in a four-step process: gathering information, developing a relationship, exploitation, and execution.
|
