Identify the three main items that are utilized
in achieving security objectives in order to protect our systems.
The three main items that are utilized in
achieving security objectives in order to protect our systems are:
Computer Security –Common computer security
feature include Operating System Level Access control, Operating System Level Authentication, Application Security, Hardware
and Software monitor logs.
Network Security – Achieving a reasonably secure network requires
a combination of hardware and software devices that may include Firewalls,
Anti-Virus Programs, network monitors, intrusion detection systems, proxy
servers and authentication servers.
Database Security-Database security include
database level access control, database-level authentication, and data storage
Identify and define three objectives that are
key to achieving effective security architecture.
The three objectives that are key to
achieving effective security architecture are:
1. Keep information private from outside view.
2. Maintain consistency of Data
3. Ensure resources remain at a high degree
4. Key to achieving effective data security
architecture relies in an organization effort to maintain confidentiality,
integrity and availability of its environment.
List and define the different classifications
created to classify between the difference between the hackers and the
The different classifications created to
clarify the difference between hackers and crackers.
Person who has mastered the firmware and
software of the modern computer systems.
Person who enjoys exploration and analysis
of network security with no intent to intrude or cause harm.
Person who breaks into our network without authorization
with the hope of destroying or stealing information.
The general conception is that hackers
build things and crackers break things.
List six common errors that users make on
network. Give examples of each.
Six common errors that users make on a
1. Poor Habits – Leaving computers
unattended and unlocked while using restroom, meetings, going to lunch or
2. Password error – choosing easy to guess
passwords, writing passwords on sticky notes or notebooks or storing them in
plain sights or under keyboards or on top of monitors.
3. Disregard for company policy – visiting
unauthorized Websites and downloading unauthorized
software in the process, attaching
unauthorized like USB, logging into company using personal laptops and
4. Opening unknown emails – viewing risky
attachments containing games, greetings, pictures and macro files.
5. Inappropriate disclosure – giving out
information over the phone and falling prey to social
6. Procrastination – failing to report
computer or network issue in timely manner.
Identify three ways that the internet can be
used as a tool to compromise information security.
Three ways that the Internet can be used as
a tool to compromise information security.There are Two billion Internet users
and 100 million websites. Threats to Internet continue to increase.
Three ways in which Internet compromises
Information Security are:
1. Hijacking – Web Pages rewritten to
distribute malicious code or redirect user to attacker’s web site.
2. Malware – Malicious software, Written
and used by unauthorized intruders, often intended to be
harmful, destructive and secretive.
3. Spoofing – Fraudulent Web site made to
look identical to legitimate Web site.
Objective of spoofing – draw in a user to
gather personal information (like password)
Can be easy as registering a domain name
that is a slight misspelling of legitimate site. (ex. Amazonn)
List the destructives tactics that uneducated
computer users can run into when using e-mail.
The common destructive tactics that
uneducated computer users can run into when using email are –
1. Attachments – Though users are trained Users
may fall into a trap by opening fake attachments. Crackers use attachment names
and file extensions to gain trust, thus user tend to open these files leading
to computer security incident.
2. Spoofing email address – using false
email address, using people’s emotions (greed, fear,
3. Phishing – An attempt in which attacker
tricks victims into sharing sensitive information.
The email may include convincing a user to
click a link to a cracker owned Web site.
4. Spear Phishing – Aim at stealing
sensitive information such as account credentials or financial
information often for malicious reason.
5. Web-Embedded Email – Emails are
formatted like word procession application. Users are not asked to click or
download any attachments. They just need to read the email to be attacked.
Define the following: computer viruses, worms,
trojans, spyware, adware and bots.
A computer virus is a type of malicious
code or program written to alter the way a computer operates and that is
designed to spread from one computer to another. A virus operates by inserting
or attaching itself to a legitimate program or document that supports macros in
order to execute its code. In the process a virus has the potential to cause
unexpected or damaging effects, such as harming the system software by
corrupting or destroying data.
A computer worm is a
standalone malware computer
program that replicates itself in order to spread to other
it uses a computer network to spread itself, relying
on security failures on the target computer to access it. Worms almost always
cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always
corrupt or modify files on a targeted computer.
Trojan viruses often disguise itself and
its harmful code. It hides within programs such as software updates, games and
movies. Once Trojans are activated in your system, they can enable
cyber-criminals to spy on you, steal your sensitive data and gain backdoor
access to your system.
Spyware is software that aims to gather information about a
person or organization without their knowledge, that may send such information
to another entity without the consumer’s consent, or that asserts control over a device without the consumer’s
This type of software aims at displaying
advertisements on your computer, redirect your search requests to advertising
websites. The reason for adware is that it helps recover programming
development costs for the software developer and reduces or eliminates the cost
for the user. But if the adware does not notify you that it is gathering
information, it is regarded as malicious.
Computer Bots are also known as software
robots because of their ability to perform a large array of automated tasks for
an intruder at remote location. It is used for spamming, Dos attacks. Bots can
be hidden in games and other enticing programs downloaded by unsuspecting
users, emailed from one infected machine to another, downloaded from infected
websites and can break into person’s computer through vulnerabilities found in
the security architecture. Examples of bots are: web crawlers, chat room bots
and malicious bots, spam bots. Botnet is the network made up of many bots
working together, is used to gain unauthorized access to computer systems and
infect computers with viruses.
List and define each phase in the process of
creating and maintaining a security architecture.
There are four phases in the
process of creating and maintaining a security architecture:
Phase 1: Assessment and Analysis
Below steps are followed in this
1. Find organization data security
needs – Identify vulnerabilities, threats and assets that exists.
2. Determine the cost of breached
or lost asset – Security measures should never exceed the cost of assets they
3. Risk assessment steps – After
determining the threats, create security measures to counteract the threats.
Prioritize the security measures.
4. Determine Assessment Methodology
– Determine a systematic approach to be applied.
Phase 2: Design and Modeling: This
phase involves the creation of policies and procedures, necessary firmware and
software changes are defined, and security tools that are used to minimize
risks are identified.
Below steps are followed in this
1. Define security policies and
procedures as required.
2. Identify firmware and software
changes required to support the policies.
3. Create an implementation plan.
4. Create baselines to determine
success and failure.
5. Define a plan for user training
Phase 3: Deployment
In this phase, security policies,
firmware and tools defined in previous phase must be placed. Deployment usually
occurs in the test environment. These security measures are deployed using the
steps defined in design and modeling phase. It occurs in a test environment
which is created using required firmware and software so that deployment does
not affect security goals. Changes to the user training and awareness are
deployed as per the deployment plan.
Phase 4: Management and Support:
This phase involves ongoing support, maintenance and assessment of the security
architecture that was deployed in the previous phase. During this phase
performance of system is monitored, and any failure would result in the
reevaluation of the security architecture.
Monitor security system performance
as well as user security awareness and training.
Make minor policy revisions as
Identify need for a reassessment
and initiate the start of the security life cycle.
List and describe the information that should be
included in a security policy.
Security policy is a document that states
in writing how a company plans to protect its physical and IT assets. Security
policy objectives are:
1. Define the overall goals of the
2. Identify the scope of what to secure.
3. Define roles and responsibilities of
people within the organization.
4. Identify specific communication process.
5. Discuss policy enforcement.
6. Explain how security measurement should
be carried out and enforced, and also the procedure for evaluating the
effectiveness of the policy.
7. Define a security plan should be
regularly assessed revised based on changes made to the business goals.
Explain the differences between an update and an
An update is basically a small change to a system which is added
to a software or firmware which is already in a network.
An upgrade is basically a replacement for older versions of
software or firmware to newer version.
Update are generally a small change made in a software or
firmware to improve the functionality of the system. The process is easy to
apply and is easy to reverse.
Upgrades are a very big change, so it is difficult to apply and
even more difficult to reverse.
Updates are generally distributed free from the vendor.
Upgrades are purchased from the vendor.
Updates may be necessary if they are used to fix the current
version of the software or firmware residing in the database.
Unless required, an upgrade will not be applied to a database or
its environment immediately after their release.