Threats to Information Systems

1. What are the five general categories of threats?

Unintentional Acts, Natural Disasters, Technical failures, Management Failures,
Deliberate Acts
2. What are three types of unintentional acts?
Human Errors, deviations in the quality of service providers, environmental hazards
3. Which of the three unintentional acts is the most serious threat to information
security?
Human Errors
4. Employees in a company can be divided into two categories;
1st Regular company employees. Examples CEO and mail clerk.
2nd Employees that are contract laborers, consultants, and janitors and guards.
5. What is tailgating?
A technique to allow the perpetrator to enter restricted areas that are controlled
with locks or card entry.
6. What is shoulder surfing?
The perpetrator watches the employees computer screen over that person's
shoulder.
7. What is Social Engineering?
An attack in which the perpetrator uses social skills to trick or manipulate a
legitimate employee into providing confidential company information such as
passwords.
8. What is Revers Social Engineering?
The employee approaches the attacker.
9. What is Social Data Mining?
An attacker seeks to learn who knows who in an organization and how. Also known
as Buddy Mining.
10.What is Deviation in the Quality of Service by Service Providers?
Situation in which a product or service is not delivered to the organization as
expected.

11.What is Espionage or Trespass?

12.What is Information Extortion?

13.What is Sabotage or Vandalism?

14.What is bombing?
15.What is a hacktivist?