UGRD-IT6205A Information Assurance and Security 1
(MidQ-1, 2 Midterm)
These
actions typically consist of collecting information, modifying data
integrity, or attacking the availability of services and devices, but
the victim system can also be used as a starting point for infecting
other systems or for expanding access to the local network.
Question text
The
main ways of transport are e-mails (attachment of infected files), web
platforms (running malware scripts), or removable USB memories;
Question text
Is
it true or false. An additional risk occurs when personal information
is stored in client accounts on commercial websites, which may become
the target of cyber-attacks anytime, so stored data becomes vulnerable
is some basic steps in storing personal data.
Question text
Usually
an infected host must be accessible outside of the local network to
establish a command and control channel between the victim and the
attacker. Once this bidirectional communication has been made, an
attacker has access inside the target environment and can usually
control the activity by manually launching commands;
Question text
Is a collection of all the trust mechanisms of a computer system which collectively enforce the policy.
Question text
Is it true or false. Storage the minimum required data online and maximum discretion in providing them to a third party (users, companies) is some basic steps in storing personal data.
Question text
Not performing an activity that would incur risk.
Question text
Infecting a victim system with a computer trojan, backdoor or other malware application of this type that ensures the attacker’s presence in the target environment;
Question text
Logical security consists in software that are necessary to control the access to information and services of a system. The logical level is divided into two categories: access security level and service security level.
Question text
Is
it true or false. Using encrypted versions of protocols when sensitive
information is exchanged so as to ensure data confidentiality and
prevent identity theft is some basic steps in storing personal data.
Question text
Shift the risk to someone else.
Question text
Taking actions to reduce the losses due to a risk; many technical countermeasures fall into this category.
Question text
Seven Stages of lifecycle model
Question text
Acceptance, avoidance, mitigation, transfer—are with respect to a specific risk for a specific pary.
Question text
Risk Management Procedure consists of six steps.
Question text
After
the first six phases, an attacker can act to achieve the goals. These
actions typically consist of collecting information, modifying data
integrity, or attacking the availability of services and devices, but
the victim system can also be used as a starting point for infecting
other systems or for expanding access to the local network.
Question text
Is
a generic term that implies a mechanism in place to provide a basis
for confidence in the reliability/security of the system.
Question text
What are the steps in intrusion model?
Question text
Physical security consist in the closure of IT equipment in a dedicated space and the provision of access control.
Question text
After the weapon is delivered to the victim, follows the targeting of an application or vulnerability of the operating system. The infected file can be used by the self-execution facility to launch the malware code, or it can be executed by the user himself;
Question text
Failure of the mechanism may destroy the basis for trust.
Question text
Making a malware application (for example, a computer trojan) that, combined with an exploitable security breach, allows remote access. Moreover, PDF (Portable Document Format) files or Microsoft Office suite-specific files can be regarded as weapons available to the attacker;
Question text
Is the process by which an asset is managed from its arrival or creation to its termination or destruction.
Question text
Transmitting the weapon to the target environment.
Question text
Acronym for TCB?
Question text
Is it true or false. Encrypting all personal information when saved on different storage media is some basic steps in storing personal data.
Question text
Is a measure of confidence that the security features, practices, procedures, and architecture of a system accurately mediates and enforces the security policy.
Question text
Once this bidirectional communication has been made, an attacker has access inside the target environment and can usually control the activity by manually launching commands;
Question text
Are the security features of a system that provide enforcement of a security policy.
Question text
The infected file can be used by the self-execution facility to launch the malware code, or it can be executed by the user himself;
Question text
Is
it true or false. The use of complex, unique, hard to guess or break
passwords, consisting of numbers, upper/lower case letters and special
characters is some basic steps in storing personal data.
Question text
Research, target identification and selection: it may be looking for e-mail addresses, social relationships, or data about a particular technology, information displayed on various websites;
Question text
Risks not avoided or transferred are retained by the organization.
Question text
Once this bidirectional communication has been made, an attacker has access inside the target environment and can usually control the activity by manually launching commands;
Question text
Transmitting the weapon to the target environment.
Question text
The
main ways of transport are e-mails (attachment of infected files), web
platforms (running malware scripts), or removable USB memories;
Question text
After the weapon is delivered to the victim, follows the targeting of an application or vulnerability of the operating system. The infected file can be used by the self-execution facility to launch the malware code, or it can be executed by the user himself;
Question text
Logical security consists in software that are necessary to control the access to information and services of a system. The logical level is divided into two categories: access security level and service security level.
Question text
What are the steps in intrusion model?
Question text
After
the first six phases, an attacker can act to achieve the goals. These
actions typically consist of collecting information, modifying data
integrity, or attacking the availability of services and devices, but
the victim system can also be used as a starting point for infecting
other systems or for expanding access to the local network.
Question text
Making a malware application (for example, a computer trojan) that, combined with an exploitable security breach, allows remote access. Moreover, PDF (Portable Document Format) files or Microsoft Office suite-specific files can be regarded as weapons available to the attacker;
Question text
The infected file can be used by the self-execution facility to launch the malware code, or it can be executed by the user himself;
Question text
Physical security consist in the closure of IT equipment in a dedicated space and the provision of access control.
Question text
Research, target identification and selection: it may be looking for e-mail addresses, social relationships, or data about a particular technology, information displayed on various websites;
Question text
Usually an infected host must be accessible outside of the local network to establish a command and control channel between the victim and the attacker. Once this bidirectional communication has been made, an attacker has access inside the target environment and can usually control the activity by manually launching commands;
Question text
Infecting a victim system with a computer trojan, backdoor or other malware application of this type that ensures the attacker’s presence in the target environment;
Question text
These
actions typically consist of collecting information, modifying data
integrity, or attacking the availability of services and devices, but
the victim system can also be used as a starting point for infecting
other systems or for expanding access to the local network.
Question text
After the weapon is delivered to the victim, follows the targeting of an application or vulnerability of the operating system. The infected file can be used by the self-execution facility to launch the malware code, or it can be executed by the user himself;
Question text
Infecting a victim system with a computer trojan, backdoor or other malware application of this type that ensures the attacker’s presence in the target environment;
Question text
Research, target identification and selection: it may be looking for e-mail addresses, social relationships, or data about a particular technology, information displayed on various websites;
Question text
These
actions typically consist of collecting information, modifying data
integrity, or attacking the availability of services and devices, but
the victim system can also be used as a starting point for infecting
other systems or for expanding access to the local network.
Question text
Logical security consists in software that are necessary to control the access to information and services of a system. The logical level is divided into two categories: access security level and service security level.
Question text
Physical security consist in the closure of IT equipment in a dedicated space and the provision of access control.
Question text
After
the first six phases, an attacker can act to achieve the goals. These
actions typically consist of collecting information, modifying data
integrity, or attacking the availability of services and devices, but
the victim system can also be used as a starting point for infecting
other systems or for expanding access to the local network.
Question text
Making a malware application (for example, a computer trojan) that, combined with an exploitable security breach, allows remote access. Moreover, PDF (Portable Document Format) files or Microsoft Office suite-specific files can be regarded as weapons available to the attacker;
Question text
Usually an infected host must be accessible outside of the local network to establish a command and control channel between the victim and the attacker. Once this bidirectional communication has been made, an attacker has access inside the target environment and can usually control the activity by manually launching commands;
Question text
Once this bidirectional communication has been made, an attacker has access inside the target environment and can usually control the activity by manually launching commands;
Question text
Transmitting the weapon to the target environment.
Question text
The
main ways of transport are e-mails (attachment of infected files), web
platforms (running malware scripts), or removable USB memories;
Question text
The infected file can be used by the self-execution facility to launch the malware code, or it can be executed by the user himself;
Question text
What are the steps in intrusion model?
Question text
Once this bidirectional communication has been made, an attacker has access inside the target environment and can usually control the activity by manually launching commands;
Question text
Transmitting the weapon to the target environment.
Question text
The main ways of transport are e-mails (attachment of infected files), web platforms (running malware scripts), or removable USB memories;
Question text
After the weapon is delivered to the victim, follows the targeting of an application or vulnerability of the operating system. The infected file can be used by the self-execution facility to launch the malware code, or it can be executed by the user himself;
Question text
Logical security consists in software that are necessary to control the access to information and services of a system. The logical level is divided into two categories: access security level and service security level.
Question text
What are the steps in intrusion model?
Question text
After the first six phases, an attacker can act to achieve the goals. These actions typically consist of collecting information, modifying data integrity, or attacking the availability of services and devices, but the victim system can also be used as a starting point for infecting other systems or for expanding access to the local network.
Question text
Making a malware application (for example, a computer trojan) that, combined with an exploitable security breach, allows remote access. Moreover, PDF (Portable Document Format) files or Microsoft Office suite-specific files can be regarded as weapons available to the attacker;
Question text
The infected file can be used by the self-execution facility to launch the malware code, or it can be executed by the user himself;
Question text
Physical security consist in the closure of IT equipment in a dedicated space and the provision of access control.
Question text
Research, target identification and selection: it may be looking for e-mail addresses, social relationships, or data about a particular technology, information displayed on various websites;
Question text
Usually an infected host must be accessible outside of the local network to establish a command and control channel between the victim and the attacker. Once this bidirectional communication has been made, an attacker has access inside the target environment and can usually control the activity by manually launching commands;
Question text
Infecting a victim system with a computer trojan, backdoor or other malware application of this type that ensures the attacker’s presence in the target environment;
Question text
These actions typically consist of collecting information, modifying data integrity, or attacking the availability of services and devices, but the victim system can also be used as a starting point for infecting other systems or for expanding access to the local network.
Question text
After the weapon is delivered to the victim, follows the targeting of an application or vulnerability of the operating system. The infected file can be used by the self-execution facility to launch the malware code, or it can be executed by the user himself;
Question text
Infecting a victim system with a computer trojan, backdoor or other malware application of this type that ensures the attacker’s presence in the target environment;
Question text
Research, target identification and selection: it may be looking for e-mail addresses, social relationships, or data about a particular technology, information displayed on various websites;
Question text
These actions typically consist of collecting information, modifying data integrity, or attacking the availability of services and devices, but the victim system can also be used as a starting point for infecting other systems or for expanding access to the local network.
Question text
Logical security consists in software that are necessary to control the access to information and services of a system. The logical level is divided into two categories: access security level and service security level.
Question text
Physical security consist in the closure of IT equipment in a dedicated space and the provision of access control.
Question text
After the first six phases, an attacker can act to achieve the goals. These actions typically consist of collecting information, modifying data integrity, or attacking the availability of services and devices, but the victim system can also be used as a starting point for infecting other systems or for expanding access to the local network.
Question text
Making a malware application (for example, a computer trojan) that, combined with an exploitable security breach, allows remote access. Moreover, PDF (Portable Document Format) files or Microsoft Office suite-specific files can be regarded as weapons available to the attacker;
Question text
Usually an infected host must be accessible outside of the local network to establish a command and control channel between the victim and the attacker. Once this bidirectional communication has been made, an attacker has access inside the target environment and can usually control the activity by manually launching commands;
Question text
Once this bidirectional communication has been made, an attacker has access inside the target environment and can usually control the activity by manually launching commands;
Question text
Transmitting the weapon to the target environment.
Question text
The main ways of transport are e-mails (attachment of infected files), web platforms (running malware scripts), or removable USB memories;
Question text
The infected file can be used by the self-execution facility to launch the malware code, or it can be executed by the user himself;
Question text
What are the steps in intrusion model?
Question text
Shift the risk to someone else.
Feedback
Question text
Is a generic term that implies a mechanism in place to provide a basis for confidence in the reliability/security of the system.
Feedback
Question text
Risk Management Procedure consists of six steps.
Feedback
Question text
Acceptance, avoidance, mitigation, transfer—are with respect to a specific risk for a specific pary.
Feedback
Question text
Are the security features of a system that provide enforcement of a security policy.
Feedback
Question text
Not performing an activity that would incur risk.
Feedback
Question text
Taking actions to reduce the losses due to a risk; many technical countermeasures fall into this category.
Feedback
Question text
Risks not avoided or transferred are retained by the organization.
Feedback
Question text
Seven Stages of lifecycle model