Tutorial 11

Section A
1. Which of the following is an attack on an information system that takes advantage of
a specific system vulnerability?
a. hack
b. exploit
c. virus
d. breech

2. A(n)____ involves an attack that takes place before the security community and/or
software developers become aware of and fix a security vulnerability.

3. ____ is a business policy that permits employees to use their own mobile devices to
access company computing resources and applications.

4. A(n) ____ is a seemingly harmless program in which malicious code is hidden.

5. Which of the following is a sophisticated threat that combines the features of a virus,
worm, Trojan horse, and other malicious code into a single payload?
a. blended threat
b. doomsday threat
c. logic bomb
d. spam

6. ____ is the use of email systems to send unsolicited email to large numbers of people.

7. Which of the following is a computer that has been taken over by a hacker to be used
as part of a botnet?

a. bot
b. zombie
c. logic bot
d. bug

8. ____ is the IS security concept that recognizes that managers must use their judgment
to ensure that the cost of control does not exceed the system’s benefits or the risks
involved.

9. Which of the following is a statement that defines an organization’s security

requirements, as well as the controls and sanctions needed to meet those
requirements?
a. security statement
b. security policy
c. security plan
d. security report

10. ____ hardware or software based network security system that can detect and block
sophisticated attacks by filtering network traffic dependent on the packet contents.

DIT1243 Fundamentals of Information Systems 1|Page

 11. Which of the following is software and/or hardware that monitors system and network
resources and activities and notifies network security personnel when it detects
network traffic that attempts to circumvent the security measures of a networked
computer environment?
a. intrusion detection system
b. firewall
c. router
d. security appliance

Section B
1. Provide six reasons why computer incidents are so prevalent.

2. What is BYOD? What security issues does it raise?

3. Discuss the importance of installing computer patches and fixes.

4. What is the difference between a virus, worm, a Trojan horse, and a blended threat?

5. Explain how a distributed denial-of-service attack works.

6. What is the difference between phishing, smishing, and vishing?

7. Outline the steps necessary to conduct an effective computer security risk assessment.

8. What is the intent of a security policy? What are some of the earmarks of a good
security policy?

DIT1243 Fundamentals of Information Systems 2|Page

 Tutorial 11 Answer

Section A
1. b. exploit
2. zero-day attack
3. bring your own device (BYOD)
4. Trojan horse
5. a. blended threat
6. spam
7. b. zombie
8. reasonable assurance
9. b. security policy
10. next-generation firewall (NGFW)
11. a. intrusion detection system(IDS)

Section B
1. Increasing computing complexity, higher computer user expectations, expanding and
changing systems, an increase in the prevalence of bring your own device (BYOD)
policies, a growing reliance on software with known vulnerabilities, and the increasing
sophistication of those who would do harm have caused a dramatic increase in the
number, variety, and severity of security incidents are increasing dramatically.

2. Bring your own device (BYOD) is a business policy that permits, and in some cases
encourages, employees to use their own mobile devices (smartphones, tablets, or laptops)
to access company computing resources and applications, including email, corporate
databases, the corporate intranet, and the Internet.

This practice raises many potential security issues as it is highly likely that such devices
are also used for non-work activity (browsing Web sites, blogging, shopping, visiting
social networks, etc.) that exposes them to malware much more frequently than a device
used strictly for business purposes. That malware may then be spread throughout the
company. In addition, BYOD makes it extremely difficult for IT organizations to
adequately safeguard additional portable devices with various operating systems and a
myriad of applications.

3. In computing, an exploit is an attack on an information system that takes advantage of a

particular system vulnerability. Often this attack is due to poor system design or
implementation. Once the vulnerability is discovered, software developers create and
issue a “fix,” or patch, to eliminate the problem. Users of the system or application are
responsible for obtaining and installing the patch, which they can usually download from
the Web. (These fixes are in addition to other maintenance and project work that software
developers perform.) Any delay in installing a patch exposes the user to a potential
security breach.

4. A virus is a piece of programming code, usually disguised as something else, that causes
a computer to behave in an unexpected and usually undesirable manner. A worm is a
harmful program that resides in the active memory of the computer and duplicates itself.
A Trojan horse is a seemingly harmless program in which malicious code is hidden. A
blended threat is a sophisticated threat that combines the features of a virus, worm, Trojan
horse, and other malicious code into a single payload.

DIT1243 Fundamentals of Information Systems 3|Page

5. A distributed denial-of-service (DDoS) attack is one in which a malicious hacker takes
over computers via the Internet and causes them to flood a target site with demands for
data and other small tasks. A distributed denial-of-service attack does not involve
infiltration of the targeted system. Instead, it keeps the target so busy responding to a
stream of automated requests that legitimate users cannot get in—the Internet equivalent
of dialing a telephone number repeatedly so that all other callers hear a busy signal.

6. Phishing is the act of fraudulently using email to try to get the recipient to reveal personal
data. Smishing is a variation of phishing that involves the use of Short Message Service
(SMS) texting. Vishing is similar to smishing except that the victims receive a voice mail
message telling them to call a phone number or access a Web site.

7. The steps in a general security risk assessment process are as follows:

 Step 1. Identify the set of IS assets about which the organization is most concerned.
 Step 2. Identify the loss events or the risks or threats that could occur, such as a
distributed denial-of-service attack or insider fraud.
 Step 3. Assess the frequency of events or the likelihood of each potential threat; some
threats, such as insider fraud, are more likely to occur than others.
 Step 4. Determine the impact of each threat occurring.
 Step 5. Determine how each threat can be mitigated so that it becomes much less
likely to occur or, if it does occur, has less of an impact on the organization.
 Step 6. Assess the feasibility of implementing the mitigation options.
 Step 7. Perform a cost-benefit analysis to ensure that your efforts will be
 cost effective.
 Step 8. Make the decision on whether or not to implement a particular
countermeasure.

8. A security policy defines an organization’s security requirements, as well as the controls

and sanctions needed to meet those requirements. A good security policy delineates
responsibilities and the behavior expected of members of the organization.

DIT1243 Fundamentals of Information Systems 4|Page