System Survivability & Backups
This property of system survivability involves detecting attacks and evaluating resulting damage, often using intrusion detection.
Recognition
Do 5 Jumping Jacks or lose your Points
Worms are memory-resident and do not need a "host" file to attach to in order to propagate.
True.
In a method of active wiretapping called "________-the-lines transmission," an attacker adds unauthorized messages during legitimate user pauses without altering the original message flow.
between
Kerberos authentication uses encrypted tickets instead of sending user passwords.
True. Kerberos uses encrypted tickets instead of sending passwords.
In 1992, the IEEE and the Association for Computing Machinery (ACM) issued a standard of ethics for the global computing community.
True. The IEEE and ACM issued a standard of ethics in 1992.
Do an Impression of anyone or any character for +10 points
A daily incremental backup saves all files on the system, regardless of when they were changed.
False.
An incremental backup only saves files changed on that specific day.
Named after a classic Greek myth, this destructive program is disguised as something benign or useful.
Trojan (Trojan Horse)
Dance for 10 seconds for +20 points (As a group)
Unintentional security breaches can result from uneducated users, hardware errors, or accidental incomplete modifications.
True.
This protection mechanism converts readable data, known as plaintext, into a secret code called ciphertext.
Encryption
This form of social engineering occurs when an intruder pretends to be a legitimate entity and contacts unwary users asking them to reconfirm personal or financial information.
Phishing
System ________ is the ability of a system to fulfill its mission in a timely manner despite attacks, failures, or accidents.
Survivability
A ________ is a program that can alter the way a computer operates, but to be strictly defined as one, it must be self-executing and attach itself to another program.
Virus
In this type of attack, the goal is not to steal data, but rather to crash the system or clog the network so legitimate users cannot get in.
Denial of Service (DoS)
A ________ is hardware or software placed between the Internet and the internal network to block unauthorized access.
Firewall
________ ________ is a manipulation technique that exploits human psychology to deceive individuals into disclosing confidential information.
Social Engineering
Divide all groups' score by 2
This is the typical recommended retention period for off-site storage of complete system backups.
Three to Six months
Do 5 poses or lose your 300 points
The Michaelangelo Virus (1991) is an example of a ________ threat because it combines a virus, worm, Trojan, spyware, and keyloggers into one program.
Blended Threat
The social engineering tactic where intruders literally look through a company's trash for discarded printouts or sticky notes with passwords is known as ________ ________.
Dumpster Diving
Choose a group and challenge them to Rock paper scissor. If you win you get to swap with the losing group, else your points for this question will be given to the other group
These alternative authentication systems identify individuals using unique biological traits, such as fingerprints or iris patterns.
Biometric systems
Sing for 20 seconds for +20 points (One representative in the group)
This specific tactic involves gaining unauthorized access to a building or restricted area by simply following someone who has legitimate access.
Tailgating
The $10 million logic bomb case study showed that having backups stored in the same location as the original is a safe and reliable strategy.
False.
A backup is useless if it is stored in the same place as the original.
This specific type of malware is a destructive program with a trigger or fuse that activates upon a specific event, like a date or a keystroke.
Logic Bomb
Programmers often create these shortcuts to bypass normal security to fix bugs quickly, but if left in the code, they become hidden front doors for attackers.
Trapdoors (or Backdoors)
A strong password should contain at least ________ characters and include a combination of uppercase letters, lowercase letters, numbers, and symbols.
Eight
Offering a service or favor in exchange for information or access (for example, an attacker posing as technical support) is a tactic known as ________ ________ ________.
Quid Pro Quo