Deck 18: Computer and Network Security Threats

A virus can be prepended or postpended to an executable program,or it can be embedded in some other fashion.

A worm is a program that can replicate itself and send copies from computer to computer across network connections.

Repudiation refers to a user either denying sending data or a user denying receiving or possessing the data.

A backdoor is the same as a trapdoor.

All parasitic malware is software that replicates.

Most viruses carry out their work in a manner that is specific to a particular operating system.

Security threats can be classified based on how a given attack provides a threat to a given objective.

The three key objectives of computer security are confidentiality, integrity,and availability.

Data confidentiality assures that individuals control or influence what information related to them may be collected and stored.

An encrypted virus can only be triggered after an external software program is triggered to decrypt the virus.

A masquerader is a legitimate user who accesses data,programs,or resources for which such access is not authorized.

Traffic analysis is an active attack.

A macro virus is a larger and more self-contained than an ordinary virus.

A stealth virus is explicitly designed to hide itself from detection by antivirus software.

A loss of __________ is the disruption of access to or use of information or an information system.

__________ involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: replay, masquerade,modification of messages,and denial of service.

An example of _________ is traffic analysis,in which an adversary is able to gain information from observing the pattern of traffic on a network, such as the amount of traffic between particular pairs of hosts on the network.

__________ is the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability,and confidentiality of information system resources.

__________ is preserving authorized restrictions on information access and disclosure,including means for protecting personal privacy and proprietary information.

_________ are in the nature of eavesdropping on,or monitoring of, transmissions.The goal of the attacker is to obtain information that is being transmitted.

An example of __________ is an adversary gaining unauthorized access to sensitive data by overcoming the system's access control protections.

The three concepts that form the CIA triad are: confidentiality,integrity,and ____________.

A loss of _________ is the unauthorized modification or destruction of information.

_________ refers to the altering or replacing of valid data or the introduction of false data into a file or database.

A _________ is code embedded in some legitimate program that is set to "explode" when certain conditions are met.

A _________ propagates itself and activates itself,whereas a bot is controlled from some central facility,at least initially.

___________ refers to programs (e.g.,script,macro,or other portable instruction) that can be shipped unchanged to a heterogeneous collection of platforms and execute with identical semantics.

A ___________ is a form of virus explicitly designed to hide itself from detection by antivirus software.

Also known as a zombie or drone,a __________ is a program that secretly takes over another Internet-attached computer and then uses that computer to launch attacks that are difficult to trace to the creator.