IS - Chapter 8

What are the three main reasons systems are vulnerable?

They are connected, complex, and rely on fallible humans

What is a threat actor?

Individual or group that seeks to exploit system vulnerabilities

What are common types of threat actors?

Cybercriminals; nation-states; terrorists; hackers; hacktivists; insiders/employees

What is malware?

Malicious software designed to harm systems or steal data

What is a virus?

Malware that attaches to programs and requires user action to spread

What is a worm?

Malware that spreads independently across networks without user action

What is a Trojan horse?

Malware disguised as legitimate software with hidden harmful functions

What is ransomware?

Malware that encrypts files and demands payment to restore access

What is spyware?

Software that monitors user activity without consent

What is a keylogger?

Type of spyware that records keystrokes to steal sensitive information

What is a botnet?

Network of infected computers used for coordinated attacks like DDoS

What is credential stuffing?

Using stolen login credentials to gain unauthorized account access

What is identity theft?

Stealing personal information to impersonate someone

What is spoofing?

Disguising identity to trick users (e.g., fake email address)

What is phishing?

Fake emails or websites used to steal sensitive information

What is pharming?

Redirecting users to fake websites even when they enter correct URLs

What is an evil twin attack?

Fake Wi-Fi network used to steal data

What is social engineering?

Manipulating people into revealing confidential information

What is a DoS attack?

Flooding a server with requests to crash it

What is a DDoS attack?

DoS attack using many compromised computers (botnet)

What is a LOTL attack?

Using legitimate system tools to perform attacks

What is a zero-day vulnerability?

Security flaw unknown to developers with no fix available

What are general controls?

Controls that govern overall IT infrastructure and security

What are application controls?

Controls specific to applications to ensure accurate processing

What is an acceptable use policy (AUP)?

Rules defining proper use of company systems

What is risk assessment?

Evaluating likelihood of threats and potential losses

What is disaster recovery planning?

Process of restoring IT systems after disruption

What is business continuity planning?

Process of maintaining business operations after disruption

What is an information systems audit?

Evaluation of an organization’s security and controls

What is an intrusion detection system (IDS)?

System that monitors and alerts about suspicious activity

What is an intrusion prevention system (IPS)?

System that detects and actively blocks threats

What is a firewall?

System that controls incoming and outgoing network traffic

What is unified threat management (UTM)?

System that combines multiple security tools into one

What is authentication?

Process of verifying a user’s identity

What is biometric authentication?

Authentication using physical traits like fingerprints or face recognition

What is zero trust?

Security model where no user or system is trusted by default

What is encryption?

Process of converting data into unreadable form to protect it

What is symmetric encryption?

Encryption using one shared key

What is public key encryption?

Encryption using a public key and a private key