ESOC 477: FINAL REVIEW EXAM 2023 with complete solution
0 view 0 purchase
Course
ESOC 477
Institution
ESOC 477
ESOC 477: FINAL REVIEW EXAM 2023 with complete solution
began to examine the feasibility of redundant networked communications
Advanced Research Projects Agency (ARPA)
Developed the ARPANET (a network project that preceded the Internet) from its inception
Dr. Larry Roberts
What happened in 1...
ESOC 477: FINAL REVIEW EXAM 2023 with complete
solution
began to examine the feasibility of redundant networked communications
Advanced Research Projects Agency (ARPA)
Developed the ARPANET (a network project that preceded the Internet) from its
inception
Dr. Larry Roberts
What happened in 1968?
Maurice Wilkes discusses password security in Time - Sharing Computer Systems
What happened in 1970?
Willis H. Ware authors the report Security Controls for Computer Systems: Report of
Defense Science Board Task Force on Computer Security—RAND R.609 which was
not declassified until 1979. It became known as the seminal work identifying the need
for computer Security
What happened in 1973?
Schell, Downey, and Popek examine the need for additional security in military systems
in Preliminary Notes on the Design of Secure Military Computer Systems
What happened in 1975?
The Federal Information Processing Standards (FIPS) examines DES (Digital
Encryption Standard) In the Federal Register
What happened in 1978?
Bisbey and Hollingsworth publish their study "Protection Analysis: Final Report," which
discussed the Protection Analysis project created by ARPA to better understand the
vulnerabilities of operating system security and examine the possibility of automated
vulnerability detection techniques in existing system software
When it is the subject of an attack?
the computer is used as an active tool to conduct attack
When it is the object of an attack
the computer is the entity being attacked
A computer can be?
First be object, then - subject
senior management, responsible for the security and use of a particular set of
information
Data owners
responsible for the information and systems that process, transmit, and store it.
(IS/IT practitioners)
Data custodians
individuals, also with some information security role
Data users
Information security performs four important functions for an organization:
-Protecting the organization's ability to function
-Protecting the data and information the organization collects and uses
, -Enabling the safe operation of applications running on the organization's IT systems
-Safeguarding the organization's technology assets
can erode consumer confidence, diminishing organization's sales, net worth, and
reputation
Web site defacing
a much more sinister form of hacking: the premeditated, politically motivated
attacks against information, computer systems, computer programs, and data
that result in violence against noncombatant targets by the
state-sponsored/(sub)national groups or clandestine agents
Cyberterrorism/Cyberwarfare
It includes the execution of viruses, worms, Trojan horses, and active Web
scripts with the intent to destroy or steal information
Malware (malicious code)
It consists of code segments that attach to existing program and take control of
access to the targeted computer
Virus
They replicate themselves until they completely fill available resources such as
memory and hard drive space
Worms
Malware disguised as helpful, interesting, or necessary pieces of software (hide
their true nature and reveal their designed behavior only when activated)
Trojan horses
A coordinated stream of requests is launched against a target from many
locations simultaneously
Distributed denial-of-service (DDoS)
An attacker routes large quantities of e-mail to target to overwhelm the receiver
Mail bombing (also a DoS)
It is considered more a nuisance than an attack, though is emerging as a vector
for some attacks
Spam (unsolicited commercial e-mail)
It monitors data traveling over network; it can be used both for legitimate
management purposes and for stealing information from a network
Packet sniffer
Cornerstone of many computer-related federal laws and enforcement efforts
(defines and formalizes laws to counter threats from computer-related acts and
offenses)
Computer Fraud and Abuse Act of 1986 (CFA Act)
Modified several sections of the previous act and increased the penalties for
selected crimes
National Information Infrastructure Protection Act of 1996
Provides law enforcement agencies with broader latitude in order to combat
terrorism-related activities
USA PATRIOT Act of 2001
Made permanent 14 of the 16 expanded powers of the Department of Homeland
Security and the FBI in investigating terrorist activity
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller LECTMAGGY. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.49. You're not tied to anything after your purchase.
