Countermeasures

Countermeasures are actions taken to minimize, mitigate, or eliminate threats to and vulnerabilities of computer systems. Countermeasures can take several forms depending on the nature and characteristics of the particular threats and how susceptible the system is to vulnerabilities.

Information technology (IT) controls are a type of countermeasure that focuses on actions that can be taken to mitigate or eliminate vulnerabilities, for example, using good programming practices or restricting queries to only specific inputs.

Technical countermeasures, also known as technical surveillance countermeasures (TSCMs), focus on the ability to identify or detect unauthorized electronic emanations as well as physical security vulnerabilities that put infrastructures (physical and electronic) at risk.

Check Your Knowledge

Choose the best answer to each question:
Question 1
There are several types of countermeasures in the software security arena. Which one can be used to restrict queries to only good or accepted types of input, defines what is accepted, and rejects queries that do not match the criteria?
checking input type
encoding inputs
pattern matching
SQL injection rejection
Question 2
All of the following can be used as countermeasures against phishing attacks except for which measure?
contacting the security administrator
using intrusion detection systems (IDSs) to block malicious domains
clicking on suspicious links or attachments in emails for validity
ensuring antivirus (AV) software and definitions are up-to-date
Question 3
Which of the following is a valid countermeasure against malicious code?
immediately opening all email and downloading attachments
forwarding all suspicious email to management
remaining current with operating system (O/S) service packs and software patches
none of the above    
Question 4
Which of the following is not a valid countermeasure for protecting passwords?
combining letters, numbers, and special characters to create a password
using a passphrase
saving passwords or log-in credentials in the browser
changing passwords according to your organization's policy
Question 5
The Department of Defense (DoD) strongly restricts the use of removable media. Which of the following is allowed by the DoD?
following the organization's removable media policy for DoD personnel
using flash media when approved by the supervisor
using personally owned/nongovernment removable flash media on DoD systems
using government removable flash media on non-DoD/personal systems
Question 6
Which of the following is a countermeasure for Bluetooth wireless security?
enabling auto discovery
disabling auto discovery
bluesnarfing
uninstalling auto discovery
Question 7
SQL injection attacks compromise unsecured databases by exploiting user inputs that have not been validated. Which of the following is not a countermeasure in preventing SQL injection attacks?
input-type checking
encoding inputs
using Rich Site Summary (RSS) feeds on a corporate website
pattern matching
Question 8
Which of the following is an effective countermeasure for preventing SQL injection attacks?
encoding inputs
decoding encrypted text
updating the firewall policy
storing backup records offsite
Question 9
Which of the following countermeasures prevents user input from being interpreted as SQL statements?
encoding inputs
pattern matching
checking input type
installing antivirus (AV) software
Question 10
Which of the following is not a primary cause of cross-site scripting (XSS) attacks?
injection through user input
injection through server variables
defensive programming techniques
insufficient policies regarding database backup
Question 11
Which of the following are cross-site scripting (XSS) attack targets?
websites
email servers
databases
office automation software
Question 12
Which of the following is a control measure to prevent cross-site scripting (XSS) attacks?
avoiding the use of ActiveX in a Windows environment
using cookies only at the intended websites
whitelisting certain websites
implementing policies regarding cybersecurity training
Question 13
Cygnus Retail is a distributor based in Oklahoma. The company has a 200,000-square-foot warehouse that stays open 24 hours a day. Currently, Cygnus has one guard at the entrance of the warehouse. There are 20 roll-up dock doors that are never closed because the warehouse is open the whole day. The company has been experiencing inventory loss and wants to reduce this shrinkage. Which system will be most effective for Cygnus?
burglar alarm
camera system
access control
fire alarm
Question 14
RTI Finance International is a financial and investment consultancy firm. The company has a large office space that is located within a larger multioffice location. The company's office is organized into numerous divisions that contain physical partitions. Some of the partitioned areas hold sensitive data. The company is predominantly concerned with employees freely accessing sensitive areas. Which system will be most effective in dealing with RTI's issue?
burglar alarm
camera system
access control
fire alarm
Question 15
JK and Sons Insurance is a small agency and has an office with two doors, two windows, and a small reception area. The agency has two employees and houses only petty cash and a few computers. Which system will be most effective in securing the agency's office?
burglar alarm
camera system
access control
fire alarm
Question 16
Betty's Beach Inn is a small boutique hotel in Malibu, California. The hotel has 10 rooms and a swimming pool and is aimed at budget travelers. The hotel is primarily concerned with preventing loss of life. Which system is most significant for saving life?
burglar alarm
camera system
access control
fire alarm