Midterm Exam - Name:BillFrino March10,2010 CMIS 418...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Name: Bill Frino  March 10, 2010 CMIS 418 Information Security Exam 1 1. a) Why is it important for firms to understand the threat environment? If a firm does not know how they may be threatened, they will not be able to properly defend themselves and their business. b) Name the three common security goals. 1. Confidentiality 2. Integrity 3. Availability c) Briefly explain each. 1. Confidentiality means that people cannot read sensitive information, either while it is on a computer or while it is traveling across a network. 2. Integrity means that attackers cannon change or destroy information, either while it is on a computer or while it is traveling across a network. 3. Availability means that people who are authorized to use information are not prevented from doing so. Neither a computer attack nor a network attack will keep them away from the information they are authorized to access. d) What is an incident? An incident occurs when a threat succeeds in causing harm to a business. Companies try to deter incidents, of course, but they usually have to face several breaches per year, so response to incidents is a critical skill. e) What are the synonyms for incidents ? An incident can also be called a breach or a compromise. f) What are countermeasures? Naturally, security professionals try to stop threats. The methods they use to thwart attacks are called countermeasures. g) What are the synonyms for countermeasure ? Countermeasures are also known as safeguards or protections. h) What are the goals of countermeasures? The goal of a countermeasure is to keep business processes on track for meeting their business goals despite the presence of threats and actual compromises. i) What are the three types of countermeasures? The three types of countermeasures are preventative countermeasures, detective countermeasures, and corrective countermeasures. 2. a) What is malware?
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Name: Bill Frino  March 10, 2010 Malware is the generic name for any “evil software”. Types of malware include viruses, worms, Trojan horses and spam. b) Distinguish between viruses and worms. Viruses are programs that attach themselves to legitimate programs while worms are full programs that do not attach themselves to other programs. c) How do most viruses spread between computers today? Most viruses spread through email messages with infected attachments. They can also spread via instant messages, infected programs, and malicious websites. d) Describe how directly propagating worms move between computers. Direct propagating worms jump directly to computers that have vulnerabilities; they then use these computers to jump to other computers. e) Why are directly propagating worms especially dangerous? Direct propagating worms are dangerous because they are very rapid in speed and
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 14

Midterm Exam - Name:BillFrino March10,2010 CMIS 418...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online