E.2. Cybersecurity and Continuity Planning

Question 1

What are the minimum components a system should include for internet security?

Answer 1

• User account management
• Firewall
• Anti-virus protection
• Encryption

Question 2

What is the primary function of a firewall in internet security?

Answer 2

It serves as a barrier between the internal and external networks and prevents unauthorized access to the internal network.

Question 3

How does antivirus software protect a computer?

Answer 3

It recognizes and incapacitates viruses before they can do damage.

Question 4

What is encryption in the context of internet security?

Answer 4

It is the process of converting data into a code, requiring a key to convert the code back to data, and preventing unauthorized reading.

Question 5

What are the two criteria a program must meet to be considered a virus?

Answer 5

• It must execute itself
• It must replicate itself

Question 6

How does a Trojan horse differ from a virus?

Answer 6

A Trojan horse does not replicate itself, whereas a virus does.

Question 7

What is a worm in the context of computer security?

Answer 7

A program that replicates itself from system to system without the use of any host file.

Question 8

What is a virus hoax?

Answer 8

It is an email telling the recipient that a file on their computer is a virus when it is actually a file needed by the computer to operate correctly. The email tells them to delete the file, which if done causes the computer to malfunction.

Question 9

What are some specific computer crimes?

Answer 9

• Copyright infringement
• Denial of Service (DOS) attacks
• Intrusions and theft of personal information
• Phishing
• Installation of malware

Question 10

What is the role of the FBI’s Cyber Division?

Answer 10

Responsible for investigating cyberattacks.

Question 11

What is a port scanner used for?

Answer 11

A software that can probe a server or a computer for open ports. Port scanners have legitimate uses, but they are also used by hackers to locate and exploit vulnerabilities.

Question 12

What is a sniffer in computer security?

Answer 12

A piece of software that grabs all the traffic flowing into and out of a computer attached to a network.

Sniffers have legitimate uses as well as illegitimate uses.

Question 13

What is the best defense against phishing?

Answer 13

For recipients to not respond to emails requesting personal or financial information and to not click on links in such emails.

Question 14

What is a proxy server and its function?

Answer 14

It is a computer and software that creates a gateway to and from the internet, handling web access requests and functioning as a firewall.

Question 15

What is social engineering in the context of cybercrime?

Answer 15

It involves deceiving company employees into divulging information such as passwords, usually through a fraudulent email but it may be through something as simple as a telephone call.

Question 16

What is the difference between phishing and social engineering?

Answer 16

• Social engineering is targeted to specific persons
• Phishing involves sending hundreds of thousands of emails in the hope that some of the recipients will fall for the scam.

Question 17

What is dumpster diving in the context of cybercrime?

Answer 17

It is sifting through a company’s trash for information that can be used to break into its computers or assist in social engineering.

Question 18

What is the primary responsibility of recipients in preventing phishing and other scams?

Answer 18

Employee education is a vital part of internet security.

Recipients need to know:

• not to respond to any email requesting personal or financial information;
• not to click on any link in an email that could take them to a spoofed website; and
• not to open any unexpected email attachments, even if a virus scan has not identified any virus in the attachment.

Recipients of popup “notifications” about malware on their computers should know there is no legitimate scenario in which a computer will tell them it is infected and tell them to call a toll-free number.

Question 19

What is encryption in information systems?

Answer 19

It converts data into a code and then a key is required to convert the code back to data.

Question 20

What are the two methods of encryption used for internet security?

Answer 20

• Secret key encryption
• Public key/private key encryption

Question 21

What is a disadvantage of secret key encryption used for internet security?

Answer 21

Every pair of senders and receivers must have a separate set of keys that match.

Question 22

How does public key/private key encryption work in internet security?

Answer 22

Each entity publishes a public key for encrypting data while keeping a private key to itself as the only means for decrypting that data.

Question 23

What is the role of a Certificate Authority in public key/private key encryption used for internet security?

Answer 23

It validates the company’s identity and then issues a certificate and unique public and private keys.

Question 24

What is business continuity planning?

Answer 24

The process of creating and maintaining a plan for recovery in the event of a natural disaster, a cyberattack, or another risk that could put the company out of business.

Question 25

What does business continuity planning involve?

Answer 25

* Defining the risks facing a company in the event of a disaster * Assessing those risks * Creating procedures to mitigate those risks * Regularly testing those procedures to ensure that they work as expected, and * Periodically reviewing the procedures to make sure that they are up to date. ## Footnote Having plans for the backup of data and the recovery of data is also important.

Question 26

What is the purpose of backup procedures in business continuity planning?

Answer 26

To keep program and data files secure so that if something happens to the hardware, the software, or the data files, the processes and data can be recovered.

Question 27

What is electronic vaulting?

Answer 27

Transmitting backup data electronically to the backup site, also called backing up to the cloud.

Question 28

What are some control considerations when backing up data to the cloud?

Answer 28

* Data security * Data privacy * Dependability of the remote location * Legal data requirements of the country where the data is resident

Question 29

What is grandparent-parent-child processing?

Answer 29

Data files from previous periods are retained and if a file is damaged during updating, the previous data files can be used to reconstruct a new current file.

Question 30

What is a fault-tolerant system?

Answer 30

A system designed to tolerate faults or errors, often utilizing redundancy in hardware design, so that if one system fails, another one will take over.

Question 31

What should a disaster recovery plan specify?

Answer 31

* Which employees will participate in disaster recovery and their responsibilities * What hardware, software, and facilities will be used * The priority of applications that should be processed * Arrangements for alternative facilities as a disaster recovery site and offsite storage of the company’s databases

Question 32

What is a hot site in disaster recovery?

Answer 32

A backup facility that has a computer system similar to the one used regularly and is fully operational and immediately available, with all necessary telecommunications hookups for online processing and current, live data being replicated to it in real time from the live site by automated data communications.

Question 33

What is a cold site in disaster recovery?

Answer 33

A facility where space, electric power, and heating and air conditioning are available, but processing equipment and the necessary telecommunications are not immediately available.

Question 34

What is a warm site in disaster recovery?

Answer 34

A site that has the computer equipment and necessary data and communications links installed, but does not have live data.

Question 35

What is a mobile site in disaster recovery?

Answer 35

A disaster recovery site on wheels, which can be a hot site, a warm site, or a cold site.

Question 36

Why should the disaster recovery plan be tested periodically?

Answer 36

To reveal any weaknesses in the plan and ensure it is up to date with organizational and operational changes.