Post University Computer Crime and Security & Class Project Discussion

1. According to the 2010/11 CSI Computer Crime and Security Survey, which of the following was the most common security incident?
   1. being fraudulently misrepresented as a sender of email messages requesting personal information
   2. malware infection
   3. laptop or mobile hardware theft
   4. employees, abuse of Internet access or email
2. Computer security incidents occur around the world, with personal computer users in developing countries being exposed to the greatest risk of their computers being infected by malware. True or False?
3. An attack on an information system that takes advantage of a vulnerability is called a(n) ___________.
4. ___________ software operates in a software layer that runs on top of the operating system and enables multiple virtual machines each with their own operating system to run on a single computer.
5. The number of new software vulnerabilities identified has steadily increased each year since 2006. True or False?
6. A(n) ___________takes places before the security community or software developer knows about the vulnerability or has been able to repair it.
7. Software that generates and grades tests that humans can pass but that all but the most sophisticated computer programs cannot is called ___________.
8. ___________ is a form of malware that, if a user unknowingly downloads it to his or her smartphone, takes control of the device and its data until the owner agrees to pay a ransom to the attacker.
9. A(n) ___________ attack is one in which a malicious hacker takes over computers via the Internet and causes them to flood a target site with demands for data and other small tasks.
10. A(n) ___________ is malicious code hidden inside a seemingly harmless program.
11. A(n) ___________ is a large group of computers controlled from one or more remote locations by hackers, without the knowledge or consent of their owners.
12. ___________ is a method of computing that delivers secure, private, and reliable computing experiences.
13. The process of assessing security-related risks from both internal and external threats to an organization’s computers and networks is called a(n) ___________.
14. The written statement that defines an organization’s security requirements as well as the controls and sanctions used to meet those requirements is known as a:
    1. risk assessment
    2. security policy
    3. firewall
    4. none of the above
15. Implementation of a strong firewall provides adequate security for almost any network. True or False?
16. In a security incident, the primary goal must be to monitor and catch the intruder. True or False?

1. Your computer science instructor has assigned a semester-long project to develop a zeroday exploit for the Windows 8 operating system. Do you think this is an appropriate class project? Why or why not?

https://ambassadored.vitalsource.com/#/books/97813…

This is the link for the text book