Deck 7: Procedures for Responding to Attacks on Computers

Application-layer attacks often use ports that are allowed through a firewall.

The CERT Coordination Center provides professional information and security awareness services to defense contractors, governments, and industrial security executives.

RAID also uses a technique called parity to determine whether data has been lost or over-written.

Managing external threats is much easier than managing the risks from inside the organization.

Threats, such as industrial espionage or a malicious act toward a senior staff member, are deliberate .

Securing a system against intrusion is an immense and difficult task.

The most expensive code attack was the Code Red virus at $8.75 billion.

The explosive growth of networks and Internet connections gives attackers almost limitless opportunities to probe until they find a network with a security flaw they can exploit.

Theft of proprietary information was the source of the most serious financial loss in companies surveyed.

Small systems consist of file servers, applications servers, workstation servers, Web servers, and mainframes.

In the information warfare model, victims are classified as individuals, corporations, or countries .

If an organization detects and confirms a breach in system security, its next step should be to collect as much information as it can about the intrusion.

Until recently, the Organization for Cooperation and Development has been at the forefront of addressing privacy issues .

When people or groups use computer technology, software, and networks to attack systems, they launch a malicious code attack .

The striping technique saves data simultaneously to separate hard drives or drive arrays.

Most disasters result from natural causes.

Most organizations have insurance that covers damage produced by major privacy violations.

Securing systems against direct or indirect attack requires dividing internal and external threats into cohesive and manageable elements early in the business analysis.

An internal threat would originate from any employee who has physical access to equipment and legitimate rights to information within the organization.

One popular model for categorizing threats separates information warfare into three categories. What are they?

What steps can organizations take to cooperate with the DHS cyberspace strategy? (List 5)

What should organizations consider when developing procedures to deal with information warfare threats and damages? (List all 5)

To protect against cyberattacks and create an appropriate defense plan, organizations need a combination of what 4 things?

The national InfraGard program provides what 4 basic services to members?

The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets document calls for cooperation among government, industry ,and private citizens to protect which key assets? (List 5)

List each of the systems and networks in an organization that require recovery.

The adverse impact of a hacking attack or intrusion can also be described in terms of what three types of losses?

List and describe the negative economic effects an organization could endure as a result of computer attacks or intrusions.

What should organizations do to help recover small systems after a computer attack?