Personal Assignment 3

Session 7

1. What is the classic triad?

2. Please explain the 6 atomic elements of infosec.
3. What are the techniques to steal the identity? Please explain at least 6 techniques.
4. How do we avoid the identity theft?

ANSWER
1. Classic triad is
2. -

Confidentiality
Confidentiality is limit on who can get what kind of information

Control
Control is

Integrity
Integrity refers to being correct or consistent with the intended state of information.

Authenticity
Authenticity refers to the veracity of the calim of origin or authorship of the
information

Availability
Availability means having timely access to information

Utility
Utility means

3. Identity theft begins when someone takes our personally identifiable information such as
our name, Social Security Number, date of birth, our mothers maiden name, and our
address to use it without our knowledge or permission.

There are many techniques to steal our identity, here are 6 examples of it :
a. Social Engineering
Social engineering is the practice of someone either in person, over the telephone,
or computer, uses means to deceive someone else into divulging sensitive
information.
b. Vishing
Vishing (voice phising), occurs when thief contacts and individual over the
telephone. The schemer posses as an individual working for a legitimate
organization such as a government agency, financial institution, payment service
organization, or another well-known company. The goal is to get you to disclose
your personal identifying information.
c. Malware Phising
This occurs when the thief attaches a harmful computer program made to look
helpful onto emails, websites, and other electronic documents on the internet. The
malware uses key loggers and screen loggers to record your keyboard strokes and
sites that you visit on the internet. This malware sends the information to the
schemer who is located at another location using the internet.
d. Skimming
The thieves steal credit/debit cards numbers by using special storage device to
ATM machines. The device reads the magnetic strip on the card which thieves use
to commit fraud.
e. Pharming
This can happen when a thieves tampers with a website host file or domain name
system so that URLS address request are rerouted to a fake or spoofed website
created by the hacker to capture personal identifying information from victims.
f. Pretexting
Pretexting occurs when a thief has done prior research on your personal
information, and uses this information to bait you to release more sensitive
information, such as credit card number or Social Security Number.

4. We can use these several method to avoid identity theft :

Protect personal information, such as credit card number, birth certificate, bank
accounts, etc by doing the following step :
-

Always limit to whom you give your date of birth, mothers maiden name, or
other confidential information

Always guard password and PINs

Limit the information on your personal checks to your name and address

Never give credit card number or other personal information to people who
call, no matter how legitimate or enticing the offer may sound.

Always review credit reports

Reduce exposure to mail theft

Ensure that your computer has adequate firewall, antivirus protection and current
operating system software.

Always be suspicious of unsolicited emails asking for personal or financial

information.

Do not use the ATM machine if the ATM card slot, keypad, or any part of the ATM
does not look right