Information Security Concepts and Techniques, Exams of Information Technology

An overview of various information security concepts and techniques, including security classifications, defense-in-depth strategies, common cyber threats (e.g., phishing, sql injection, buffer overflow), hacking types (white hat, black hat, grey hat), network security tools (firewalls, anti-virus software, encryption), and database management principles. It covers a wide range of topics related to information security, cybersecurity, and data management, making it a potentially useful resource for students, professionals, or lifelong learners interested in understanding the fundamentals of information security and data protection. The document delves into the technical aspects of security measures, vulnerabilities, and best practices, providing a comprehensive introduction to the field.

Typology: Exams

2023/2024

Available from 09/13/2024

Emma_Johnson
Emma_Johnson šŸ‡¬šŸ‡§

2.1K documents

1 / 20

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
C182 Introduction to IT Terms with
solutions
Information Technology - Solution The technology used in creating,
maintaining, and making information accessible.
IT Professional Roles - Solution Administration and Support
System Administrator - Solution Maintains all aspects of the system
including hardware, software, and programming.
Network Administrator - Solution In charge of all aspects of the computer
network
Database Administrator - Solution Focuses on the design, development,
and support of database management systems (DBMSs).
Security Administrator - Solution Installs, configures, and administers
firewall security to protect systems and proactively work to stop intrusions.
Web Administrator - Solution Installs, configures, maintains, secures, and
troubleshoots web severs.
Support IT Professionals - Solution Help desk and training.
Information - Solution Processed data.
DIKW Hierarchy - Solution Defines the transition of data to information to
knowledge to wisdom. (Data Information Knowledge Wisdom)
Data in DIKW - Solution The input directly received by the user (or
computer). It is generally not usable until it has been converted into a
relevant form.
Information in DIKW - Solution Having been inferred from data; one or
more processes have been applied to the data to transform it into a more
useful form.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14

Partial preview of the text

Download Information Security Concepts and Techniques and more Exams Information Technology in PDF only on Docsity!

C182 Introduction to IT Terms with

solutions

Information Technology - Solution The technology used in creating, maintaining, and making information accessible. IT Professional Roles - Solution Administration and Support System Administrator - Solution Maintains all aspects of the system including hardware, software, and programming. Network Administrator - Solution In charge of all aspects of the computer network Database Administrator - Solution Focuses on the design, development, and support of database management systems (DBMSs). Security Administrator - Solution Installs, configures, and administers firewall security to protect systems and proactively work to stop intrusions. Web Administrator - Solution Installs, configures, maintains, secures, and troubleshoots web severs. Support IT Professionals - Solution Help desk and training. Information - Solution Processed data. DIKW Hierarchy - Solution Defines the transition of data to information to knowledge to wisdom. (Data Information Knowledge Wisdom) Data in DIKW - Solution The input directly received by the user (or computer). It is generally not usable until it has been converted into a relevant form. Information in DIKW - Solution Having been inferred from data; one or more processes have been applied to the data to transform it into a more useful form.

Knowledge in DIKW - Solution Information that has been put to use; information placed into a context. Refined information such that the user of the knowledge is able to call forth only relevant portions of information when needed. Wisdom in DIKW - Solution Provides a social setting to knowledge; an understanding of the "why". Can only come by having both knowledge and experience. Information Systems - Solution A collection of data and information used to support the management of an organization. Also refers to the technical components and human resources that enable the assembly, storage, and processing of data and the delivery of information. This has existed for a lot longer than computers. Characteristics of Quality Data - Solution Relevance - the data being used must apply directly to the decision being made Timely - data must be efficient and must be provided in a timely manner Thorough - the data must be complete Accurate - data should be captured only once, where possible and should be captured as close to the point of activity as possible. Reliable - data should reflect stable and consistent data collection processes across collections points and over time IPOS - Solution The Input-Procession-Output-Storage Cycle Input - Solution Raw data is entered by the user. Processing - Solution Raw data is organized or structured for usefulness. Output - Solution Information is output so user can see results. Storage - Solution Processed information is stored for permanent record.

I/O Subsystem - Solution All peripheral devices where long term storage devices are used. Bus - Solution Permits information to move between each component; electrical channels that enable communication among the electronic components System Unit - Solution Critical component of all computer based systems; consists of most of the hardware the computer needs in order to run; comes in a variety of shapes and sizes. Internal Components of the System Unit - Solution Case, Internal Bays, Buses, Ports, Hard Drive, Motherboard, CPU, CPU Cooler, Memory Module (RAM), Power Supply Unit (PSU), Expansion Slots/Cards Parts of the CPU - Solution Control Unit (CU) - retrieves the instructions and the raw data that is input and coordinates or controls the sending of those instructions and data to the ALU Arithmetic Logic Unit (ALU) - does the actual processing of the data; completing mathematical calculations and logical operations to process the data and converting the input of the keyboard text entry to output displayed on the screen System Clock - Solution Controls the speed at which instructions are processed. RAM - Solution Stands for Random Access Memory. It temporarily stores data before it is processed and sent to your screen or printer. It is volatile (means data or information stored disappears when the computer is turned off or loses power). You can choose the amount of RAM your computer has. Types of RAM - Solution Dynamic RAM (DRAM) - typically called main memory

Static RAM (SRAM) - cache memory and registers BIOS ROM - Solution BIOS stands for Basic Input Output System; ROM stands for Read Only Memory. Typically stored in ROM chip on the motherboard. Is software not hardware, ("basic" operating system that runs when the computer is first turned on). Runs tests of memory and the CPU and initializes hardware components so that the actual Operating System can be loaded from the hard disk. Can't choose the amount or contents. 1st Generation of Computers - Solution Vacuum tubes, relay switches, the need to program in machine language 2nd Generation of Computers - Solution Transistor components, magnetic core memory, smaller size, easier to program, disk drives and drums, called mainframe computers 3rd Generation of Computers - Solution Silicon chips (known as ICs - integrated circuits), reduced cost, called mini computers, networks introduced via dumb terminals 4th Generation of Computers - Solution Single chip processor, called microcomputer, first personal computer, rudimentary computer graphics, home use Moore's Law - Solution Doubling of transistor count roughly every 18 - 24 months (exponential increase); observation, not physical law Evolution of Storage - Solution Punch cards, magnetic tape, hard disks, floppy disks, optical discs, flash memory, cloud storage Machine/Low-level Language - Solution Written for a specific machine by the engineers who built and ran the computers; no need for OS since only one program could run at a time

Wireless Access Point - Solution Can be connected to hub, switch, or router; many routers now also act as a wireless access point; sends out a wireless signal so computers on the network can connect without a cable Circuit Switched Network - Solution Requires that a full pathway, or circuit, be est. before transmission can begin and maintained during the entire transmission Packet Switched Network - Solution A message's pathway is only est. as it is sent; the choice of pathway is based on availability and amount of message traffic Workstations - Solution Creates and maintains client network connections to remote servers Virtual Machine (VM) - Solution A software emulator program that permits a computer user to use multiple computers and multiple platforms without the expense of purchasing multiple computers; allows a user to run software for different OS platform in their computer that would not otherwise be able to run that software; this allows multiple users on a network to access the software to support collaboration. Server - Solution Computers that have greater hard disk storage, faster response time and are used to respond to request from other computers on the network Client-server Network - Solution Contains one or more servers; client is a computer that will request information from another computer; server is a computer that takes requests and responds with the requested information; the software used facilitates communication with remote servers File Server - Solution Sends files over the network at the request of clients. Responds over LAN, within one location/site. Support both application software and data files.

Web Server - Solution Stores data files (web pages) and programs (scripts). Responds from anywhere on the Internet. Database Server - Solution Responds to queries by pulling from the database. Typically only to local clients. Print Server - Solution Monitors print jobs Mail Server - Solution Two email servers communicate with each other FTP Server - Solution Like web server or file server in that requests are for files and responses are the files Point-to-Point Network - Solution Link between two resources. Simplest for of a network. Limits how devices can communicate with each other Bus Network - Solution Devices connected along a single cable. Size of network is restricted. Star Network - Solution Each device is connected to a central devices such as a hub or switch. Ring Network - Solution Each device is connected directly to its neighbors, and messages are forwarded from device to device until the proper destination is reached. Mesh Network - Solution Every device is connected directly to every other device in the network. Domain Name Server (DNS) - Solution Used to translate from an IP alias to an IP address

  1. Prioritizing risks
  2. Develop and enact policies that will reduce threats Information Security Classifications - Solution Public - available through public sources; includes names and addresses Sensitive - not considered a threat to a person's privacy if others learn of it; include email addresses Private - information that could be a threat if disclosed to others; includes social security and credit card numbers Confidential - information that an organization will keep secret; includes patentable information and business plans Defense in Depth - Solution Protecting every layer that surrounds data Phishing - Solution Emails to people to redirect them to a website to perform some operation but the website is a fake and just takes the information SQL Injection - Solution An attacker issues a SQL command to a web server as part of the URL or as input to a form on a company's website; web server might pass the command onto the database which then allows potentially anything to be done to the database Buffer Overflow - Solution Placing malicious code into the buffer so that it can be executed once stored in memory; oldest and most well known software exploit; software engineers can protect against this when writing code Hacking - Solution When an individual obtains unauthorized access to a host White Hat Hacker - Solution Informs companies of potential problems with software so companies can fix Black Hat Hacker - Solution Individuals with malicious intent who violate security in order to commit crimes or acts of terrorism

Grey Hat Hacker - Solution Engage in both white and black hat types of hacking activities Packet Sniffing - Solution Allows you to obtain anything being sent over a network if the data being transmitted isn't encrypted Virus - Solution Software that attaches itself to another legitimate software application Worms - Solution Self contained programs that do not need other programs to propagate across computers and computer networks Trojan Horse - Solution Type of virus that completely replaces an existing application and takes the name of the taken over file Denial of Service (DOS) - Solution One or more attackers attempt to flood a server with so many incoming messages that the server is unable to handle legitimate business Firewalls - Solution Can be either software or hardware; hardware is a dedicated server; software contains a list of the rules that describe the types of messages that should either be permitted to make it through, or those that should be blocked Anti-viral Software - Solution Attempts to identify if a file contains a virus or some form of malware Redundancy - Solution Ensures proper storage of data by providing a means so that data is available even when storage devices are damaged or offline Encryption - Solution Idea of obfuscating the information that resides on a computer or sent over a network so that if it is intercepted the hacker will be unable to use the information Symmetric Key Encryption - Solution Uses the same key for performing the encryption and decryption Public Key Encryption - Solution Uses two keys, a public and private key for performing encryption and decryption

Shell - Solution An interface for the user, often personalized for that given user, that provides access to the kernel. Services - Solution Os programs that are usually started when the OS is loaded and initialized, but they run in the background. Also called daemons. Utility Programs - Solution Programs that allow the user to monitor and improve system performance. Proxy Server - Solution Acts as a giant cache of web pages that anyone in the organization has recently retrieved Proprietary Software - Solution Software purchased from a vendor; also known as commercial Shareware - Solution Provides a trial version of the software. Freeware - Solution Usually software that has become obsolete; is free Public Domain - Solution Software that has been moved into the public domain; can be used however you feel Open Source - Solution Created in the Open Source Community and made freely available as source code Copyrights - Solution Protect an original work (in its tangible, expressed form), but not the ideas behind the work for the duration of the author's life plus 70 years. Patents - Solution Protect the creation of inventive concepts as well as the tangible work product for 20 years from the filing date End User License Agreement (EULA) - Solution Gives the purchaser the right to use the software Decimal - Solution Uses base 10 to represent numbers (0 - 9) Binary - Solution Uses base 2 system (0 and 1)

Byte - Solution 8 bits; a single character of text in a computer Octal - Solution Every value is represented with some combination of 8 digits (0 - 7) Hexadecimal - Solution Uses a base 16 Character Representation - Solution ASCII and Unicode Language Translators - Solution A program that takes one program, written in a high level language, and creates a machine language program as output Compiled Language - Solution Translates the entire program, creating an executable program which can be run at a later time Interpreted Language - Solution Takes the most recently entered instruction, translates it into machine language, and executes it Script - Solution Sometimes uses to refer to a small program that have been traditionally used for automation Algorithms - Solution A formula or procedure for solving a problem. Can also be described as a set of steps that are followed in order to complete a process Multi-tier Development - Solution Separation of different aspect of a system N-tier Development - Solution Often used to indicate that the number of tiers a system will be broken down into will vary between different software development projects Presentation Tier - Solution Tier where the user interface for the system is developed; shields the user from the underlying logic of the systems as well as the underlying data structures Logic Tier - Solution Tier that sits between the user interface and the data.

Attributes - Solution Columns of the relation Field - Solution Contains the data of an attribute for a record within a relation Query - Solution A search of data in the relation or relations that fit specific parameters Projection - Solution A query that returns all of the records from the relation, but only select attributes or fields Sort - Solution Sorting records based on some field(s) such as ascending order by last name Join - Solution Withdraws information from multiple relations Primary Key - Solution A field int he relations that contains a unique value Business Intelligence - Solution A specific information system to help an organization reach its strategic goals Data Warehouse - Solution A collection of organized databases Database Information Processing (OLAP) - Solution Data is processed through a suite of analysis software tools Slicing - Solution Creates a subset of the data by reducing the data from multiple dimensions to one dimension Dicing - Solution Same as slicing except that the result can be in multiple dimensions Drilling up and down - Solution Shifts the view of the data; down provides more detail, up provides summarized data Rolling up - Solution Similar to drilling up but it collapses the data from multiple items into a single value Pivot - Solution Rotates data to view the data from a different perspective

Online Data Processing (OLDP) - Solution Deals with data in real time Event-driven Processing - Solution Uses business event to trigger messages to be sent by middleware between software modules that are completely independent of one another Batch Processing - Solution Processing large amounts of data all in one batch when the computer system is not busy ODBC (Open Database Connectivity) - Solution Interacts with a database via a database driver Structured Query Language (SQL) - Solution A standard query language that is used to communicate in may DBMSs Database Interacting Format - Solution SELECT fields FROM tables WHERE fields from tables match criteria SELECT - Solution Used to inform the DBMS what fields or attributes are of interest FROM - Solution Used to inform the DBMS what tables are to be interrogated by the query and if more than one table, how they are to be combined or joined WHERE - Solution Used to inform the DBMS of the specific criteria the data should match to be returned as the output of the query Project phases - Solution Initiation, planning, executing and controlling, and closing Project Initiation - Solution Problem definition, resource allocation, risk assessment Project Planning - Solution Organize activities, time estimation, cost estimation Project Executing and Controlling Reports - Solution Variance reports, Status reports, Resource Allocation reports

User Acceptance Testing - Solution Employed to assess whether the system does what the user expects and to ensure that it functions in a way that is useful to the user System Deployment - Solution 1. System Conversion

  1. Final Documentation
  2. End User Training Direct Conversion - Solution Old system is turned off and the new system is turned on at a specific data and time Parallel Conversion - Solution There is a period of time in which both systems are operating concurrently Pilot Conversion - Solution Involves starting the conversation with a portion of end users Phased Conversion - Solution Deploys a subset of the system first, rather than deploying the whole system at once Business Continuity - Solution The activity performed by an organization to ensure that critical business functions will be available to customer, suppliers, regulators, and other entities that must have access to those functions. Image backups - Solution Create a copy of everything that is on a hard drive Full backup - Solution Everything on the hard drive is copied each and every time a backup is performed Incremental backup - Solution An initial full backup is completed and then subsequent backups only capture the changes since the last backup Data mirroring - Solution The OS writes data (and changes to data) to multiple hard drives at the same time. Off-Site Storage - Solution A secure location for storing backup media

Hot Site - Solution Physical location where an organization can move its operations that includes everything for normal business operations; quickest return to business but very expensive. Cold Site - Solution Physical location like a shell that can be used for operations should the need arise; not equipped with hardware, servers, etc.; cheaper to have Site Sharing - Solution Having multiple data centers located in disparate regions; typically used by large organizations. The Internet of Things (IoT) - Solution Refers to the myriad types of devices that can and will be connected to the Internet in the next few years. Big Data - Solution Refers to data sets that are so large and complex that they will require more advanced database management/processing tools. SaaS - Solution Software as a Service. Can access and use software through the Internet. PaaS - Solution Platform as a Service. Intention is to be able to quickly and reliably develop and deliver applications. LaaS - Solution Infrastructure as a Service. All resources an IT dept. needs are located outside of the organization and are accessible by anyone, anywhere. Ethics - Solution A code of moral conduct or a set of principles that govern behavior. Administrator Ethics - Solution Privacy, Ownership, Control, Accuracy, Security