LEGAL ISSUES IN INFORMATION SECURITY -
C841 QUESTIONS WITH COMPLETE SOLUTIONS
What is a standard? - Answer - A list of mandatory activities that must be completed to
achieve an information security goal.
What is a procedure? - Answer - A checklist of actions that should be performed to
achieve a certain goal.
What is information security? - Answer - The types of steps an organization should take
to protect its information. The study and practice of protecting information.
What is Cryptography? - Answer - It is the practice of hiding information so that
unauthorized persons cannot read it.
What is shoulder surfing? - Answer - A type of intentional attack. It occurs when an
attacker scretly looks "over the should" of someone at a computer and tries to discover
his or her sensitive information without permission.
What is social engineering? - Answer - These attack rely heavily on human interaction.
They take advantage of how people normally talk with one another and interact. It is not
a technical attack, but rather involves tricking other people to break security rules and
share sensitive information.
What is a vulnerability? - Answer - It is a weakness or flaw in an information system.
That can be classifed into four broad categories including people, process, facility, and
technology.
What is the separation of duties? - Answer - This rule requies that two or more
employees must split critical task functions so that no one employee knows all the steps
of the critical task.
What is a patch? - Answer - It is a piece of software or code that updates a program to
address security or other operational problems.
What is an exploit? - Answer - Exploit are successful attacks against a vulnerability.
They take place in a period known as the window of vulnerability.
What is a threat? - Answer - Anything that can harm an information system.
What are the four categories of threats? - Answer - 1. Humans
2. Natural
3. Technological and operational
4. Physical and environmental.
,What is risk? - Answer - A risk is the likelihood that a threat will exploit a vulnerability
and cause harm to the organization.
What are the six categories of risks? - Answer - 1. Financial
2. System/Service
3. Operational
4. Reputational
5. Compliance
6. Strategic
What is risk analysis? - Answer - The process of reviewing known vulnerabilities and
threats.
What are the four categories to respond to risk? - Answer - 1. Risk avoidance
2. Risk Mitigation
3. Risk transfer
4. Risk acceptance.
What is risk avoidance? - Answer - It is the process of applying safeguards to avoid a
negative impact. A risk avoidance strategy seeks to eliminate all risk.
What is risk mitigation? - Answer - Organizations apply safeguards to vulnerabilities and
threats to lower risk to an acceptable level.
What is residual risk? - Answer - The amount of risk left over after applying safeguards.
What is risk transfer? - Answer - An organization passes its risk to another entity, at
which point the risk impact is borne by the other entity.
What is risk acceptance? - Answer - An organization can decide to deliberately take no
action against an identified risk.
What is a safeguard? - Answer - A safeguard reduce the harm posed by information
security vulnerabilities or threats and may eliminate or reduce the risk of harm.
What are the three categories of safeguards? - Answer - 1. Administrative
2. Technical
3. Physical
What are administrative safegaurds? - Answer - These are rules implemented to protect
information and information systems. These safeguards usually take the form of
organizational policies, which state the rules of the workplace,
What are technical safeguards? - Answer - Also called logical safeguards, these are the
rules that state how systems will operate and are applied in the hardware and software
of information systems.
,What is the rule of least privilege? - Answer - This rule, which is very similar to the
need-to-know rule, means that systems should always run with the least amount of
permissions needed to complete tasks.
What are physical safeguards? - Answer - These are actions that an organization takes
to protect its actual, tangible resources. These safeguards keep unauthorized
individuals out of controlled areas and people away from sensitive equipment.
What are the three classification you can categorize safeguards based on they act? -
Answer - 1. Preventive
2. Dectective
3. Corrective.
What is a preventive control and what are some examples? - Answer - These are
safeguards used to prevent security incidents. These controls keep an incident from
happening. For example, door locks are a preventive safegaurd, because they help
keep intruders out of a locked area. Fencing around a building is a similar preventive
control. Teaching employees how to avoid information security threats is another
preventive control.
What is a detective control and what are some examples? - Answer - Detective controls
are safeguards put in place in order to detect, and sometimes report, a security incident
while it is in progress. Examples of detective controls include logging system activity
and reviewing the logs. Log review can look for unauthorized access or other security
anomalies that require attention. An anomaly is something strange or unusual - activity
that is not normal.
What are corrective safeguards? - Answer - Corrective safegaruds are automated or
manual controls put in place in order to limit the damage caused by a security incident.
Some types of databases allow an administrator to "roll back" to the last known good
copy of the database in the event of an incident. Corrective controls also can be quite
simple: locking doors inadvertently left unlocked, for example.
What is phishing? - Answer - It is a form of internet fraud that takes place in electronic
communications where attackers attempt to steal valuable inform from their victims.
These attacks can take place via email, intstant messages, or internet chat rooms.
These attackers are phishing for confidential information such as credit card numbers,
SSNs, user logon credentials, and passwords.
What is spear phising? - Answer - It is a targeted phishing scam in which attackers may
target a particular organization. This is a more sophiscated form of attack where a
message might look as if it is from a highly trsuted and authentic source. Attackers often
research the targeted organization to make their messages look authentic.
, What is whaling? - Answer - It is a type of targeted phishing scam in which attackers
target corporate executives.
What are Business email compromise (BEC) attacks? - Answer - They are sophiscated
phising scams that target recepients who are responsible for processing payments at
organizations.
What is malware? - Answer - Malware is a general term that refers to any type of
software that performs some sort of harmful, unauthroized, or unknown activity. The
term malware is a combination of the words malicious and software. Malware is usally a
computer virus or worm, or a combination of one or more viruses or worms.
What is a computer virus? - Answer - These are programs that spread by infecting
applications on a computer. When the infected virus code is executed, it tries to place
intself into uninfected software.
What is a computer worm? - Answer - A computer worm is similar to a virus. Unlike a
virus, however, a computer worm is a self-contained program that does not require
external assistance to propagate. Some well-known interent worms include the Morris
worm, SQL Slammer, and Blackworm.
What is a Trojan horse? - Answer - It is a subset of malware that pretendes to be a
legitimate and desirable software file that a user wants. In reality, it is malicious. A
Trojan horse spreads when a user downloads the seemingly legitimate file. While the
user believes a legitimate file is downloading, the Trojan horse is actually loading. This
type of malware is especially prevalent on social networking sites. Accepting virtual
"gifts" on these sites can often expose users to a nasty surprise.
What is ransomware? - Answer - It is a subset of malware that prevents organizations
and users from accessing data or information systems until they pay a ransom. The
ransomware may encrypt data to make it inaccessible, or it may lock information
systems, until an organization pays the attacker to decrypt the data or unlock the
system.
What is spyware? - Answer - Spyware is any technology that secretly gathers
information about a person or organization. Many users inadvertently download
spyware with other programs from the internet. Spyware hides on a system, where it
collects information about individuals and their internet browsing habits.
What is a keystroke logger? - Answer - It is a device or program that records keystrokes
made on a keyboard or mouse. Attackers secretly install keystroke loggers and then are
able to recover computer keyboard entries and sometimes even mouse clicks from
them. They can review the data retrieved froma keystroke logger to find sensitive
information such as usernames, passwords, and other confidential information.
C841 QUESTIONS WITH COMPLETE SOLUTIONS
What is a standard? - Answer - A list of mandatory activities that must be completed to
achieve an information security goal.
What is a procedure? - Answer - A checklist of actions that should be performed to
achieve a certain goal.
What is information security? - Answer - The types of steps an organization should take
to protect its information. The study and practice of protecting information.
What is Cryptography? - Answer - It is the practice of hiding information so that
unauthorized persons cannot read it.
What is shoulder surfing? - Answer - A type of intentional attack. It occurs when an
attacker scretly looks "over the should" of someone at a computer and tries to discover
his or her sensitive information without permission.
What is social engineering? - Answer - These attack rely heavily on human interaction.
They take advantage of how people normally talk with one another and interact. It is not
a technical attack, but rather involves tricking other people to break security rules and
share sensitive information.
What is a vulnerability? - Answer - It is a weakness or flaw in an information system.
That can be classifed into four broad categories including people, process, facility, and
technology.
What is the separation of duties? - Answer - This rule requies that two or more
employees must split critical task functions so that no one employee knows all the steps
of the critical task.
What is a patch? - Answer - It is a piece of software or code that updates a program to
address security or other operational problems.
What is an exploit? - Answer - Exploit are successful attacks against a vulnerability.
They take place in a period known as the window of vulnerability.
What is a threat? - Answer - Anything that can harm an information system.
What are the four categories of threats? - Answer - 1. Humans
2. Natural
3. Technological and operational
4. Physical and environmental.
,What is risk? - Answer - A risk is the likelihood that a threat will exploit a vulnerability
and cause harm to the organization.
What are the six categories of risks? - Answer - 1. Financial
2. System/Service
3. Operational
4. Reputational
5. Compliance
6. Strategic
What is risk analysis? - Answer - The process of reviewing known vulnerabilities and
threats.
What are the four categories to respond to risk? - Answer - 1. Risk avoidance
2. Risk Mitigation
3. Risk transfer
4. Risk acceptance.
What is risk avoidance? - Answer - It is the process of applying safeguards to avoid a
negative impact. A risk avoidance strategy seeks to eliminate all risk.
What is risk mitigation? - Answer - Organizations apply safeguards to vulnerabilities and
threats to lower risk to an acceptable level.
What is residual risk? - Answer - The amount of risk left over after applying safeguards.
What is risk transfer? - Answer - An organization passes its risk to another entity, at
which point the risk impact is borne by the other entity.
What is risk acceptance? - Answer - An organization can decide to deliberately take no
action against an identified risk.
What is a safeguard? - Answer - A safeguard reduce the harm posed by information
security vulnerabilities or threats and may eliminate or reduce the risk of harm.
What are the three categories of safeguards? - Answer - 1. Administrative
2. Technical
3. Physical
What are administrative safegaurds? - Answer - These are rules implemented to protect
information and information systems. These safeguards usually take the form of
organizational policies, which state the rules of the workplace,
What are technical safeguards? - Answer - Also called logical safeguards, these are the
rules that state how systems will operate and are applied in the hardware and software
of information systems.
,What is the rule of least privilege? - Answer - This rule, which is very similar to the
need-to-know rule, means that systems should always run with the least amount of
permissions needed to complete tasks.
What are physical safeguards? - Answer - These are actions that an organization takes
to protect its actual, tangible resources. These safeguards keep unauthorized
individuals out of controlled areas and people away from sensitive equipment.
What are the three classification you can categorize safeguards based on they act? -
Answer - 1. Preventive
2. Dectective
3. Corrective.
What is a preventive control and what are some examples? - Answer - These are
safeguards used to prevent security incidents. These controls keep an incident from
happening. For example, door locks are a preventive safegaurd, because they help
keep intruders out of a locked area. Fencing around a building is a similar preventive
control. Teaching employees how to avoid information security threats is another
preventive control.
What is a detective control and what are some examples? - Answer - Detective controls
are safeguards put in place in order to detect, and sometimes report, a security incident
while it is in progress. Examples of detective controls include logging system activity
and reviewing the logs. Log review can look for unauthorized access or other security
anomalies that require attention. An anomaly is something strange or unusual - activity
that is not normal.
What are corrective safeguards? - Answer - Corrective safegaruds are automated or
manual controls put in place in order to limit the damage caused by a security incident.
Some types of databases allow an administrator to "roll back" to the last known good
copy of the database in the event of an incident. Corrective controls also can be quite
simple: locking doors inadvertently left unlocked, for example.
What is phishing? - Answer - It is a form of internet fraud that takes place in electronic
communications where attackers attempt to steal valuable inform from their victims.
These attacks can take place via email, intstant messages, or internet chat rooms.
These attackers are phishing for confidential information such as credit card numbers,
SSNs, user logon credentials, and passwords.
What is spear phising? - Answer - It is a targeted phishing scam in which attackers may
target a particular organization. This is a more sophiscated form of attack where a
message might look as if it is from a highly trsuted and authentic source. Attackers often
research the targeted organization to make their messages look authentic.
, What is whaling? - Answer - It is a type of targeted phishing scam in which attackers
target corporate executives.
What are Business email compromise (BEC) attacks? - Answer - They are sophiscated
phising scams that target recepients who are responsible for processing payments at
organizations.
What is malware? - Answer - Malware is a general term that refers to any type of
software that performs some sort of harmful, unauthroized, or unknown activity. The
term malware is a combination of the words malicious and software. Malware is usally a
computer virus or worm, or a combination of one or more viruses or worms.
What is a computer virus? - Answer - These are programs that spread by infecting
applications on a computer. When the infected virus code is executed, it tries to place
intself into uninfected software.
What is a computer worm? - Answer - A computer worm is similar to a virus. Unlike a
virus, however, a computer worm is a self-contained program that does not require
external assistance to propagate. Some well-known interent worms include the Morris
worm, SQL Slammer, and Blackworm.
What is a Trojan horse? - Answer - It is a subset of malware that pretendes to be a
legitimate and desirable software file that a user wants. In reality, it is malicious. A
Trojan horse spreads when a user downloads the seemingly legitimate file. While the
user believes a legitimate file is downloading, the Trojan horse is actually loading. This
type of malware is especially prevalent on social networking sites. Accepting virtual
"gifts" on these sites can often expose users to a nasty surprise.
What is ransomware? - Answer - It is a subset of malware that prevents organizations
and users from accessing data or information systems until they pay a ransom. The
ransomware may encrypt data to make it inaccessible, or it may lock information
systems, until an organization pays the attacker to decrypt the data or unlock the
system.
What is spyware? - Answer - Spyware is any technology that secretly gathers
information about a person or organization. Many users inadvertently download
spyware with other programs from the internet. Spyware hides on a system, where it
collects information about individuals and their internet browsing habits.
What is a keystroke logger? - Answer - It is a device or program that records keystrokes
made on a keyboard or mouse. Attackers secretly install keystroke loggers and then are
able to recover computer keyboard entries and sometimes even mouse clicks from
them. They can review the data retrieved froma keystroke logger to find sensitive
information such as usernames, passwords, and other confidential information.
