Identify the three main items that are utilized
in achieving security objectives in order to protect our systems.
three main items that are utilized in achieving security objectives in order to
protect our systems are:
1)Computer Security –Common computer
security feature include Operating System Level Access control, Operating
System Level Authentication, Application
Security, Hardware and Software monitor logs.
2)Network Security – Achieving a reasonably secure network requires
a combination of hardware and software devices that may include Firewalls,
Anti-Virus Programs, network monitors, intrusion detection systems, proxy
servers and authentication servers.
3)Database Security-Database security include
database level access control, database-level authentication, and data storage
Identify and define three objectives that are
key to achieving effective security architecture.
three objectives that are key to achieving effective security architecture are:
1. Keep information private from outside view.
2. Maintain consistency of Data
3. Ensure resources remain at a high degree
4. Key to achieving effective data security
architecture relies in an organization effort to maintain confidentiality,
integrity and availability of its environment.
List and define the different classifications
created to classify between the difference between the hackers and the
different classifications created to clarify the difference between hackers and
crackers are given below:
Person who has mastered the firmware and
software of the modern computer systems.
Person who enjoys exploration and analysis
of network security with no intent to intrude or cause harm.
Person who breaks into our network without authorization
with the hope of destroying or stealing information.
The general conception is that hackers
build things and crackers break things.
List six common errors that users make on
network. Give examples of each.
common errors that users make on a network are:
1. Poor Habits – Leaving computers
unattended and unlocked while using restroom, meetings, going to lunch or
2. Password error – choosing easy to guess
passwords, writing passwords on sticky notes or notebooks or storing them in
plain sights or under keyboards or on top of monitors.
3. Disregard for company policy – visiting
unauthorized Websites and downloading unauthorized
software in the process, attaching
unauthorized like USB, logging into company using personal laptops and
4. Opening unknown emails – viewing risky
attachments containing games, greetings, pictures and macro files.
5. Inappropriate disclosure – giving out
information over the phone and falling prey to social
6. Procrastination – failing to report
computer or network issue in timely manner.
Identify three ways that the internet can be
used as a tool to compromise information security.
Three ways in which Internet compromises
Information Security are. Threats to Internet continue to increase.
– Web Pages rewritten to distribute malicious code or redirect user to
attacker’s web site.
– Malicious software, Written and used by unauthorized intruders, often
intended to be
harmful, destructive and secretive.
– Fraudulent Web site made to look identical to legitimate Web site.
Objective of spoofing – draw in a user to
gather personal information (like password)
Can be easy as registering a domain name
that is a slight misspelling of legitimate site. (ex. Amazon)
List the destructives tactics that uneducated
computer users can run into when using e-mail.
The common destructive tactics that
uneducated computer users can run into when using email are :
– Though users are trained Users may fall into a trap by opening fake
attachments. Crackers use attachment names and file extensions to gain trust,
thus user tend to open these files leading to computer security incident.
email address – using false email address, using people’s emotions (greed,
– An attempt in which attacker tricks victims into sharing sensitive
The email may include convincing a user to
click a link to a cracker owned Web site.
Phishing – Aim at stealing sensitive information such as account
credentials or financial
information often for malicious reason.
Email – Emails are formatted like word procession application. Users are
not asked to click or download any attachments. They just need to read the
email to be attacked.
Define the following: computer viruses, worms,
trojans, spyware, adware and bots.
A computer virus is a type of malicious code
which is written to change the way a computer operates, and it is designed to
spread from one computer to another. A virus is operated by attaching itself to
a program or document which support macros for execution. Virus has the
potential to cause unexpected effects by corrupting or destroying data.
A computer worm is a
standalone malware computer
program which replicates itself in order to spread to other
computers. It basically uses a computer
network to spread itself, relying on security failures on the
target computer to access it. Worms mostly causes at least some harm to the network, by
Trojan viruses often disguise itself and
its harmful code. It generally hides within programs such as software updates,
games and movies. Once it is activated in the system, it enables cyber-criminal
to spy on user, steal their sensitive data and gain a backdoor access to the
Spyware is software whose aim is to gather information about a
person or an organization without their concern, which may send such
information to another user without the user’s consent, or that makes control over a device without the consumer’s
This software aims to display
advertisements on the computer, redirect the search requests to advertising
websites. The reason for adware is that it helps in recover programming
development cost for the software developer and reduces the cost for the user.
But if the adware does not notify that it is gathering information, then it is
regarded as malicious.
Computer Bots are also known as software
robots because of their ability to perform a large array of automated tasks for
an intruder at remote location. It is used for spamming, Dos attacks. Bots can
be hidden in games and other enticing programs downloaded by unsuspecting
users, emailed from one infected machine to another, downloaded from infected
websites and can break into person’s computer through vulnerabilities found in
the security architecture. Examples of bots are: web crawlers, chat room bots
and malicious bots, spam bots. Botnet is the network made up of many bots
working together, is used to gain unauthorized access to computer systems and
infect computers with viruses.
List and define each phase in the process of
creating and maintaining a security architecture.
There are four phases in the
process of creating and maintaining a security architecture:
Phase 1: Assessment and Analysis
Below steps are followed in this
1. Find organization data security
needs – Identify vulnerabilities, threats and assets that exists.
2. Determine the cost of breached
or lost asset – Security measures should never exceed the cost of assets they
3. Risk assessment steps – After
determining the threats, create security measures to counteract the threats.
Prioritize the security measures.
4. Determine Assessment Methodology
– Determine a systematic approach to be applied.
Phase 2: Design and Modeling: This phase involves the creation of
policies and procedures, necessary firmware and software changes are defined,
and security tools that are used to minimize risks are identified.
Below steps are followed in this
1. Define security policies and
procedures as required.
2. Identify firmware and software
changes required to support the policies.
3. Create an implementation plan.
4. Create baselines to determine
success and failure.
5. Define a plan for user training
Phase 3: Deployment
In this phase, security policies,
firmware and tools defined in previous phase must be placed. Deployment usually
occurs in the test environment. These security measures are deployed using the
steps defined in design and modeling phase. It occurs in a test environment
which is created using required firmware and software so that deployment does
not affect security goals. Changes to the user training and awareness are
deployed as per the deployment plan.
Phase 4: Management and Support: This phase involves ongoing
support, maintenance and assessment of the security architecture that was
deployed in the previous phase. During this phase performance of system is
monitored, and any failure would result in the reevaluation of the security architecture.
Below steps are followed in this
Monitor security system performance
as well as user security awareness and training.
Make minor policy revisions as
Identify need for a reassessment
and initiate the start of the security life cycle.
List and describe the information that should be
included in a security policy.
Security policy is a document that states
in writing how a company plans to protect its physical and IT assets. Security
policy objectives are:
1. Define the overall goals of the
2. Identify the scope of what to secure.
3. Define roles and responsibilities of
people within the organization.
4. Identify specific communication process.
5. Discuss policy enforcement.
6. Explain how security measurement should
be carried out and enforced, and also the procedure for evaluating the
effectiveness of the policy.
7. Define a security plan should be
regularly assessed revised based on changes made to the business goals.
Explain the differences between an update and an
update is basically a small change to a system which is added to a software
or firmware which is already in a network.
upgrade is basically a replacement for older versions of software or firmware
to newer version.
are generally a small change made in a software or firmware to improve the
functionality of the system. The process is easy to apply and is easy to
are a very big change, so it is difficult to apply and even more difficult to
are generally distributed free from the vendor.
are purchased from the vendor.
may be necessary if they are used to fix the current version of the software
or firmware residing in the database.
required, an upgrade will not be applied to a database or its environment
immediately after their release.